SignRequest Privacy Notice
Effective as of 21 April 2021, SignRequest, and its subsidiaries, (collectively, “SignRequest” or “we” or “us” or “our”) have updated our Sign Request Privacy Notice (“Privacy Notice).
SignRequest Privacy Notice
SignRequest B.V. ("SignRequest") is committed to protecting your privacy and personal information. SignRequest provides a secure electronic signature solution that enables customers to sign and send documents online. This Privacy Notice explains how information (including personal data as defined under GDPR) is collected, retained, used, disclosed, and transferred by SignRequest and the available choices you have with regard to your personal information. This Privacy Notice applies to information collected, used, or shared by SignRequest when you use or access our websites, products, or services (collectively, the “SignRequest Services).”
What Information Do We Collect and For What Purpose?
SignRequest collects information in the following ways:
1. Information You Provide
We collect the information you directly provide to SignRequest when register for and/or use the SignRequest Services. The types of information we may collect directly from you includes:
· Full name
· Contact information (address, phone, email)
· Social media accounts
· Personal life data (date of birth, marital status, gender, language)
· Financial data
We also collect the information of third parties you provide to enable the functionalities and features of the SignRequest Service. For example, if you send a sign request to a third party, we will collect the name and email address of the third party you provide in order to provide the SignRequest Service.
2. Information We Collect Automatically
We collect information related to your usage of the SignRequest Services and the devices you use to access the SignRequest Services.
· Device Information: When you use the SignRequest Service and website, your computer will automatically provide us with certain information about your computer hardware and software, such as IP addresses, operating system, browser type, location data provided by your browser, domain names, access times/timestamps and referring websites.
· Usage Information: We monitor your activity in connection with the use of the SignRequest Services and collect information about the features you use and the SignRequest websites you visit.
· Log Information: We log information about you when you access and use the SignRequest Services, including: your IP address, access times/timestamps, browser type, the SignRequest webpages that you visit, dates and signatures. All changes to the document initiated by you, such as text, dates and signatures, will be included in the signing log.
Use of Information
SignRequest uses information collected for the purpose of providing the SignRequest Service. Your information may be used to perform a variety of purposes, such as:
· Provide, operate, maintain, and improve the SignRequest Services;
· Enable you to use and access the SignRequest Services;
· Send you technical notices, updates, alerts, and support/administrative messages;
· Respond to your comments, questions, and requests, and provide customer service and support; and
· Communicate with registered SignRequest users about SignRequest features, newsletters, offers, promotions, and events, and provide other news or information about SignRequest and our select partners.
Sharing and Disclosure of Information
SignRequest may share information with (i) third party service providers working on our behalf; (ii) SignRequest users that have exchanged a signed document; and (iii) when necessary, to protect the security and safety of our users or when required bylaw or a legal process.
We may share information about you as follows:
· SignRequest Users Exchanging Signed Document: Use of SignRequest's Services implies that certain personal information is shared between users exchanging a signed document. After completing a signing process, SignRequest will send a signing log to both the user that initiated the signing process and to any users that have signed the document or are in another way related to the sign request. This signing log may contain names, email addresses, IP addresses and timestamps of all users involved, and may also contain certain additional information, such as location data or domain names. All changes to the document initiated by users, such as text, dates and signatures, will be included in the signing log. During the signing process, we may provide the users involved with information about the status of the signing process, such as whether a sign request has been delivered, viewed, downloaded and/or it has resulted in a signature. These events may also be included in the signing log.
· Third Party Products: SignRequest provides you with opportunities to connect with third-party products or services. If you choose to use any third-party products or services, we may share certain information about you with such third parties. For more information on our integration partners, please refer our Integrations Page.
If you log into your SignRequest account using Facebook, Google or other services, these services may share additional information about you in accordance with their privacy policies.
This Privacy Notice does not apply to your use of such third-party applications and services, and SignRequest is not responsible for how these third parties collect, use, and disclose your personal information. We encourage you to review the privacy notices of this third parties before connecting to or using their applications or services to learn more about their information and privacy practices.
· Other Disclosure Obligations: We may disclose your information to a third party if:
o We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request;
o To enforce our agreements and policies with our customers;
o To protect the security or integrity of the SignRequest Services;
o To protect SignRequest, our customers, or the public from harm or illegal activities;
o To respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing death or serious bodily injury of any person; or
o To any other third party with your prior consent.
SignRequest may transfer your information to jurisdictions with differing data protection laws. As a result, a copy of our standard Data Processing Addendum (DPA), incorporating Standard Contractual Clauses, is available here.
Retention and Protection of Personal Information
SignRequest is committed to securing your personal information. We take appropriate technical and organizational measures to help protect your personal data from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. SignRequest complies with applicable data protection, privacy, and security breach notification laws.
Some of the ways in which SignRequest protects your personal information includes:
· Encrypting your personal information when it is stored at rest on our data centers.
· Encryption of your personal information in-transit.
· Limiting access to the servers on which personal information is stored.
SignRequest will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Notice and for as long as necessary for the fulfillment of the contract or as needed to provide you the SignRequest Services. We will also retain your information to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you would like to learn more about the security measures we take to protect your personal information, please visit: SignRequest Security
Cookies are small data files containing small amounts of information that are placed on your device when you visit a website.
What Cookies Do We Use?
· First-Party Cookies: We use first-party cookies when you access our site or utilize the SignRequest Service.
· Strictly Necessary Cookies: Strictly necessary cookies are required for the SignRequest Service to operate.
· Functionality Cookies: Functionality cookies enhance the performance and functionality of the SignRequest Service.
The chart below describes the first-party and third-party cookies served through the SignRequest Service, including the third parties who serve them, their purpose, and how to manage your cookie preferences.
Who Serves the Cookie?
Cookie Information and Management
We use targeting cookies, sometimes called “advertising cookies”, to provide our users and website visitors with more relevant content. Please note, SignRequest does not use targeting cookies in the SignRequest web Application. We utilize targeting cookies solely on our marketing web pages.
LinkedIn Ads helps us track how users interact with the SignRequest website and enables us to target ads on LinkedIn.
More information about LinkedIn Ads cookies can be found here.
Facebook Pixel helps us track how users interact with the SignRequest website and enables us to target ads on Facebook.
More information about Facebook Pixel can be found here.
Twitter helps us track how users interact with the SignRequest website and enables us to target ads on Twitter.
More information about Twitter cookies can be found here.
Youtube / Google
Youtube / Google helps us track video player preferences when viewing an embedded Youtube video on the SignRequest website.
Functional cookies are used to remember user preferences, settings, and other information that helps SignRequest improve user experience. Please note, opting-out of these cookies may impair your access to the SignRequest Service.
· session id
We use Stripe to process credit card transactions. SignRequest utilizes the following Stripe cookies:
More information about Stripe cookies, including how they are used and how you can opt out, can be found here.
Analytics cookies, sometimes referred to as “performance cookies”, collect information about how people interact with SignRequest. SignRequest uses this information to measure performance and improve the SignRequest Service.
Google Analytics / Google Tag Manager
Google Analytics / Google Tag Manager helps us track usage and performance of the SignRequest Service. SignRequest utilizes the following Google Analytics cookies:
California Consumer Privacy Act (CCPA)
At SignRequest, we respect the privacy rights of users and recognize the importance of protecting your personal information. We may use your digital activity collected by third-party cookies to enhance, customize, improve and notify you about our Services.
California residents may choose to opt-out from the"sale" or sharing of their digital activity by using the information in the table above or by changing your cookie preferences settings. Opting out will only prevent targeted ads, but you may continue to see generic, non-targeted ads after you have opted out.
Your Personal Information Choices
SignRequest understands the importance of your personal information. Under the GDPR, you have certain rights, such as the right to update, access, and delete your account information; and choose whether you wish to receive promotional and newsletter communications. You may exercise your data protection and privacy rights at any time by contacting SignRequest at firstname.lastname@example.org.
· Account Information: You may update, correct, or delete your personal data at any time by emailing us at email@example.com. You may also submit an access request by emailing firstname.lastname@example.org, and SignRequest will provide you with information about whether we hold, or process on behalf of a third-party, any of your personal data. We will respond to your access request within the legally permissible timeframe.
· Advertising: You may opt-out of personalized ads anytime by deleting your browser’s cookies. In addition, you may opt-out of interest-based advertising from some third-party partners by visiting: http://optout.aboutads.info/; http://optout.networkadvertising.org/; or the third-party provider’s websites. Residents in the European Economic Area(EEA), please visit http://www.youronlinechoices.eu/.
· Promotional and Newsletter Communications: You may opt-out of receiving promotional and newsletter emails from SignRequest by following the opt-out instructions provided in those emails or by emailing email@example.com.If you opt-out, we will continue to send non-promotional communications, such as security alerts and notices related to your access to or use of theSignRequest Service, or those about your account or our ongoing business relations.
· Links to Third-Party Websites: If you log into your SignRequest account using Facebook, Google or other services, these services may share additional information about you in accordance with their privacy policies. We encourage you to visit their websites and review their privacy and user policies.
Please contact firstname.lastname@example.org SignRequest B.V., Singel 542,1017 AZ Amsterdam, The Netherlands, +31 (0) 20894 36 57 if you:
· Have questions about this Privacy Notice;
· Wish to make a complaint or have a concern about our handling of your personal data; or
· Wish to report a possible breach of privacy laws.
SignRequest will respond to your inquiry within the legally permissible timeframe.
In addition, you have the right to file a complaint to SignRequest B.V. via the Autoriteit Persoonsgegevens (Dutch authority for protecting personal data) via www.autoriteitpersoonsgegevens.nl.
Changes to This Notice
SignRequest may alter or amend this Privacy Notice from time to time. If we do, we will make reasonable efforts to inform you of such changes through SignRequest's website. If you subsequently continue to use SignRequest Services, this will be understood to imply that you accept the altered or amended Notice. In the event that you do not wish to accept the alterations or amendments, please stop using the services and delete any accounts you may have created on our systems.
To support SignRequest, B.V. ("SignRequest" or "we"), in delivering the SignRequest Services, we may engage third party service providers ("Subprocessors") to assist with its data processing activities. Subprocessors and SignRequest’s affiliates and subsidiaries (“SignRequest Group Companies”) may process, store or otherwise access certain customer information or personal data found in customer Content in order to support and/or improve the SignRequest Services. Unless otherwise specified, capitalized terms that are used on this page have the meaning set forth in the SignRequest Terms of Service or in a superseding written agreement between SignRequest and a particular SignRequest customer. This information is provided in compliance with SignRequest’s EU General Data Protection Regulation (GDPR) and UK Data Protection obligations.
Before engaging any Subprocessor, SignRequest performs due diligence of the Subprocessor’s privacy, information security, and data protection practices. We enter into written agreements with Subprocessors that enforce compliance with applicable data protection laws, security controls, confidentiality, and international data transfer requirements. We also restrict Subprocessor access to only what is necessary to maintain and provide the SignRequest Services to our customers.
The following table identifies the Subprocessors used by SignRequest, the type of services that may be provided, and the location where such subprocessing activities are performed.