Privacy policy

Signoo is the controller for this service. Privacy requests can be sent to support@signoo.no. We do not have a designated Data Protection Officer.

For accounts we process email address, optional name, account creation and login events, and provider data needed for email or Google OAuth account access. Google login is account authentication only and does not verify identity for signing.

For local self-signing, the document and signature image stay in your browser. If you save a signature drawing on your account, we store the PNG drawing, canvas dimensions, timestamps, and a minimal audit hash for create, update, reuse, and delete events. If you later choose to reuse the saved drawing on a signing link, the image is embedded into the resulting PDF and an audit event records the reuse, the saved signature id, a hash of the PNG bytes, and how many days old the drawing was at signing time. Signoo does not verify your identity through the drawing. The sender does not gate the reuse. The choice belongs to you as the invited signer.

For signing links, we process sender-supplied signer name and email, document title, uploaded PDF, resulting PDF, signature image, audit events, timestamps, technical request metadata, and delivery/status events.

We process account and signing-link data to provide the service and perform the agreement. We process technical abuse-prevention data and error telemetry on legitimate interest. Drawn signature images are processed only to complete the signing flow you choose, to save a signature drawing for reuse if that option is enabled and you choose it, and, for signing links, to document the signing. The legal basis is performance of the service agreement where you use Signoo yourself, and legitimate interest in completing and evidencing a requested signing-link flow where you sign a document sent by someone else. We do not use signature images to uniquely identify you or to train machine-learning models.

Aggregated, cookieless usage analytics are also processed on the basis of legitimate interest to understand product use and improve the service. Vercel does not set a cookie or any client-side identifier; visitor deduplication is performed via a daily-rotated server-side hash that is not linked to your account.

Hosting and aggregated usage analytics are provided by Vercel Inc. (USA). Signing-link tokens, document IDs, and query parameters are removed from URLs before they are sent to Vercel Analytics; aggregated analytics are retained per Vercel's documented retention and we keep no separate analytics archive. Database, authentication, and document storage are provided by Supabase in Frankfurt. Google provides OAuth login when you choose Google sign-in. Rate limiting is provided by Upstash. DNS is provided by Cloudflare. Error monitoring is provided by Sentry. Operational alerts are provided by Discord when enabled; alerts contain only diagnostic event IDs, severity, environment, release, route/status metadata, and aggregate counts. Email is provided by Resend when email flows are enabled. Processors may receive technical metadata needed to provide their services. We do not send PDF contents or signature images to Sentry or Discord.

We use EU-region services where available. Some processors are owned outside the EU, so EU-region hosting does not remove all third-country-transfer risk. We use contractual and technical measures appropriate to each processor.

For processors established outside the EU/EEA, including Vercel Inc. (USA) used for hosting and aggregated usage analytics and Discord Inc. (USA) used for Signoo's operational alerts, transfers rely on the European Commission's Standard Contractual Clauses (SCCs) together with appropriate technical and organisational measures.

Local self-signing data stays in your browser while you work and is not retained by Signoo. The document itself still stays in your browser. Browser handoff data used from the homepage is deleted when consumed and pruned if orphaned.

If account-saved signature drawings are enabled later and you choose to save one, the saved drawing is kept while the account is active or until you delete it. Deleting the saved drawing removes the PNG image and metadata; the immutable audit trail may retain a minimal hash of the PNG bytes and event metadata needed to evidence the deletion.

Account data is kept while the account is active and deleted within 30 days after closure unless statutory retention applies or the records are needed to establish, exercise, or defend legal claims. Account-closure records may contain pseudonymous account identifiers, request status, hashed email, timestamps, hold records, storage cleanup keys, cancellation notice records, counts, and deletion or retention categories, not raw email or document contents. The default retention target before launch is up to 24 months for account-closure records unless statutory duties require longer retention or the records are needed to establish, exercise, or defend legal claims. Error reports are kept for up to 30 days. Signing-link documents, resulting PDFs, and audit trails are kept while needed to complete and evidence the signing; the default retention target before launch is 30 days for unsigned source documents and up to 12 months for completed signing-link evidence unless the sender deletes sooner, statutory duties apply, or the records are needed to establish, exercise, or defend legal claims. These periods must be confirmed before production launch.

You may request access, rectification, erasure, restriction, portability, and objection where GDPR gives those rights. We do not make automated decisions with legal effect about you. Requests can be sent to support@signoo.no. We normally answer within one month, and will tell you if GDPR allows an extension for complex requests.

You may complain to your local data-protection authority if you believe our processing breaches data-protection rules. For the Norwegian controller, the supervisory authority is Datatilsynet.