Privacy Policy

1. Introduction

SignSecure Pvt. Ltd. ("SignSecure", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use any of our products and services, including SignPad, SignBolt, SignLift, and SignBridge (collectively, the "Services").

2. Information We Collect

2.1 Personal Information

When you register for or use our Services, we may collect the following personal information:

• Full name and contact details (email address, phone number)
• Business or organization name and address
• Aadhaar number (for eSign via Aadhaar OTP, processed securely and not stored)
• Digital Signature Certificate (DSC) details for DSC token-based signing
• Billing and payment information
• Government-issued identification where legally required

2.2 Document Data

Documents uploaded to our platform for signing are encrypted in transit and at rest. We do not access, read, or analyze the contents of your documents except as necessary to provide the signing service.

2.3 Usage Data

We automatically collect certain information when you use our Services, including IP address, browser type, device information, pages visited, and interaction patterns.

3. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our Services across SignPad, SignBolt, SignLift, and SignBridge
• Process document signing requests and verify signer identities
• Comply with Indian IT Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
• Generate audit trails and signing certificates for legal validity
• Send transactional communications (signing notifications, receipts)
• Provide customer support and respond to inquiries
• Detect, prevent, and address fraud or security issues

4. Data Security

We implement industry-standard security measures to protect your data, including:

• AES-256 encryption for data at rest
• TLS 1.2+ encryption for data in transit
• Regular security audits and vulnerability assessments
• Role-based access controls for internal data access
• Secure, certified data centers located in India

5. Data Sharing & Disclosure

We do not sell your personal information. We may share your information with:

• Authorized eSign providers and Certifying Authorities (CAs) as required for Aadhaar-based eSign
• Service providers who assist us in operating our platform (hosting, analytics)
• Law enforcement or government agencies when required by applicable Indian law
• Other parties with your explicit consent

6. Data Retention

We retain your personal data and signed documents for as long as your account is active or as needed to provide our Services. Signing records and audit trails are retained as required by the Indian IT Act and applicable regulations to ensure the legal validity of electronically signed documents.

7. Your Rights

Under applicable Indian data protection laws, you have the right to:

• Access and review your personal data
• Request correction of inaccurate information
• Request deletion of your data (subject to legal retention requirements)
• Withdraw consent for data processing

To exercise these rights, contact us at support@signsecure.in.

8. Cookies

We use essential cookies to operate our Services and optional analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: