GDPR Compliance

Our commitment to data protection and privacy under the General Data Protection Regulation

Last Updated: November 5, 2025

GDPR Compliant

Our Commitment to GDPR

SignTry is fully committed to complying with the General Data Protection Regulation (GDPR) which came into effect on May 25, 2018. We have implemented comprehensive data protection measures to ensure the privacy and security of our users' personal data.

This page outlines our approach to GDPR compliance and explains your rights as a data subject under this regulation.

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect in the European Union (EU) on May 25, 2018. It strengthens the rights of individuals regarding their personal data and imposes strict rules on organizations that collect, process, or store this data.

GDPR applies to all organizations processing personal data of individuals in the EU, regardless of the organization's location.

Data We Collect and Process

As part of our services, we collect and process the following categories of personal data:

Account Information

When you create an account with SignTry, we collect information such as your name, email address, and company details to provide you with our services.

Email Signature Data

We process the information you include in your email signatures, such as contact details, social media links, and profile pictures, to create and manage your signatures.

Usage Data

We collect information about how you interact with our services, including feature usage, click tracking data, and analytics to improve our services.

Technical Data

We automatically collect certain technical information when you use our services, such as IP addresses, browser type, and device information for security and functionality purposes.

Your GDPR Rights

Under GDPR, you have several important rights regarding your personal data:

Right to Access

You have the right to access the personal data we hold about you and receive a copy of this data.

Right to Rectification

You have the right to correct inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request the deletion of your personal data in certain circumstances.

Right to Restriction

You have the right to restrict the processing of your personal data in certain circumstances.

Right to Object

You have the right to object to the processing of your personal data in certain circumstances.

Right to Portability

You have the right to receive your personal data in a structured, commonly used format.

Our Data Protection Measures

We have implemented comprehensive technical and organizational measures to ensure the security of your personal data:

Technical Security

  • Encryption: All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption
  • Access Controls: Strict access controls and authentication mechanisms
  • Regular Security Audits: Continuous monitoring and regular security assessments
  • Data Backup: Regular backups with disaster recovery procedures

Organizational Measures

  • Data Protection Officer: Appointed a Data Protection Officer to oversee compliance
  • Employee Training: Regular GDPR and data protection training for all staff
  • Data Processing Agreements: DPAs with all third-party processors
  • Privacy by Design: Incorporating data protection into our product development process

Data Transfers

SignTry may transfer personal data to countries outside the European Economic Area (EEA). When we do, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Other approved transfer mechanisms under GDPR

Data Breach Notification

In the event of a personal data breach, we have procedures in place to:

  1. Contain and assess the breach
  2. Notify the relevant supervisory authority within 72 hours where required
  3. Notify affected individuals without undue delay when the breach is likely to result in a high risk to their rights and freedoms
  4. Document all data breaches for accountability purposes

Changes to This Policy

We may update this GDPR compliance statement from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We encourage you to periodically review this page for the latest information on our GDPR compliance.