SignTh.is
Sign in

Privacy Policy

Last updated: February 2026

SignTh.is collects minimal data to operate the service.

What We Collect

For free self-signing, we collect no personal information. Uploaded PDFs are stored temporarily and deleted after 24 hours.

For paid features (Send for Signature), we collect your email address provided during Stripe checkout or Google sign-in. If you sign in with Google, we also receive your Google account identifier. We do not access your Google contacts, files, or any other account data. IP addresses are temporarily stored in memory for rate limiting and are not persisted.

Document Privacy

Documents are encrypted in transit (TLS/HTTPS) and at rest (AES-256 server-side encryption on Cloudflare R2). We do not view, analyze, or share the contents of your documents. Signature images are processed server-side to stamp the PDF and are not retained separately.

All signing events are recorded in an audit trail including a timestamp, hashed IP address, and browser identifier. This provides proof of signing without storing personally identifiable network information.

Payment Processing

Payments are processed by Stripe. We do not store credit card numbers, expiration dates, or security codes. Stripe's privacy policy applies to payment data.

Email Communications

Transactional emails (signing requests, signed document notifications, payment confirmations, magic sign-in links) are sent through SendGrid. We send emails only in response to your actions. We do not send marketing emails.

Data Retention

Free documents are automatically deleted after 24 hours. Paid documents (sent for signature) are retained until you delete them from your account. You may delete any document at any time — the PDF and all associated signature data will be permanently removed from storage.

Download links expire after 5 minutes. Signing links for recipients expire after 72 hours.

Cookies

We use a single session cookie for authenticated users. This cookie is HTTP-only and cannot be accessed by third-party scripts. No advertising or third-party tracking cookies are used.

Analytics

We use PostHog for anonymous product analytics to understand how features are used. No document content is included in analytics data. You can opt out by using a browser extension that blocks tracking scripts.

Contact

For privacy concerns or data deletion requests, email privacy@signth.is.

Privacy Policy — SignTh.is