Privacy Policy

SignTh.is collects minimal data to operate the service.

What We Collect

For free self-signing, we collect no personal information. Uploaded PDFs are stored temporarily and deleted after 24 hours.

For paid features (Send for Signature), we collect your email address provided during Stripe checkout or Google sign-in. If you sign in with Google, we also receive your Google account identifier. We do not access your Google contacts, files, or any other account data. IP addresses are temporarily stored in memory for rate limiting and are not persisted.

Document Privacy

Documents are stored encrypted in transit (HTTPS) on Cloudflare R2. We do not view, analyze, or share the contents of your documents. Signature images are processed server-side to stamp the PDF and are not retained separately.

Payment Processing

Payments are processed by Stripe. We do not store credit card numbers, expiration dates, or security codes. Stripe's privacy policy applies to payment data.

Email Communications

Transactional emails (signing requests, signed document notifications, payment confirmations, magic sign-in links) are sent through SendGrid. We send emails only in response to your actions. We do not send marketing emails.

Data Retention

Free documents are deleted after 24 hours. Paid documents (sent for signature) are stored permanently. When a document is deleted, the PDF and all associated signature data are removed from storage.

Cookies

We use a single session cookie for authenticated users. This cookie is HTTP-only and cannot be accessed by third-party scripts. No tracking, advertising, or third-party cookies are used.

Contact

For privacy concerns or data deletion requests, email privacy@signth.is.