Privacy Policy

Last updated: March 22, 2026

1. Introduction

SignovaX ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our e-signature platform at signovax.com (the "Service").

2. Information We Collect

We collect the following types of information:

  • Account information: name, email address, and hashed password when you create an account.
  • Documents: PDF files you upload for signature. These are stored securely in cloud storage.
  • Signature data: electronic signatures drawn by signers, stored as images.
  • Audit trail data: IP addresses, timestamps, user agent strings, and actions taken on documents. This data is essential for the legal validity of electronic signatures.
  • Usage data: pages visited, features used, and general interaction patterns.

3. How We Use Your Information

  • To provide and maintain the Service, including processing signatures and generating audit trails.
  • To send transactional emails (signing requests, verification emails, password resets).
  • To authenticate your identity and secure your account.
  • To comply with legal obligations.
  • To improve the Service and develop new features.

4. Data Storage and Security

Your data is stored using industry-standard cloud services (Vercel, Neon PostgreSQL, Vercel Blob Storage). All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. Passwords are hashed using bcrypt and are never stored in plain text.

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Service providers: cloud hosting (Vercel), database (Neon), email delivery (Resend), error monitoring (Sentry), and payment processing (LemonSqueezy, when applicable) — only as necessary to operate the Service.
  • Document recipients: when you send a document for signature, the recipient can view the document and your name/email.
  • Legal requirements: if required by law, regulation, or legal process.

6. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Delete your account and all associated data (available in your dashboard settings).
  • Export your data.
  • Object to processing of your data.

To exercise these rights, you can delete your account from the dashboard or contact us at the email below.

7. Data Retention

We retain your data for as long as your account is active. When you delete your account, all personal data, documents, signatures, and audit trails are permanently deleted from our systems.

8. Cookies

We use a single essential cookie ("auth-token") to maintain your login session. We do not use tracking cookies or third-party advertising cookies.

9. Error Monitoring

We use Sentry for error monitoring to improve Service reliability. Sentry may collect technical data such as browser type, operating system, error stack traces, and device information. This data is used solely for diagnosing and fixing software issues and is not used for advertising or user profiling.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or a notice on the Service.

11. Contact

If you have questions about this Privacy Policy, please contact us at: privacy@signovax.com