Legal
Privacy Policy
This starter policy covers the current SignLite workflow. Have counsel review it before public launch, especially if you serve regulated industries or collect sensitive personal information.
We collect document metadata, sender and signer contact information, verification events, IP address, device/browser information, timestamps, signature field data, and audit hashes needed to operate the signing flow.
Uploaded PDFs and signed PDFs are encrypted before storage. Access links are tokenized, rate limited, and intended only for the sender and signer.
We use service providers such as database, storage, email, SMS, hosting, and monitoring vendors to deliver the service.
We do not sell signed documents or signature data. We may disclose records when needed to provide the service, comply with law, investigate abuse, or protect the platform.
Admins should set retention rules that match their legal obligations. Some temporary PDFs may be purged after delivery while audit records remain available.
Security and Retention
SignLite encrypts document files, protects signing links with signed tokens, records security events, and keeps tamper-evident audit data. Admins remain responsible for setting retention periods, responding to deletion requests, and exporting records when required.
Contact
Privacy and record requests should be sent to the sender or account administrator responsible for the signing request. Before public launch, replace this section with the platform owner's legal name, mailing address, support email, and privacy contact.