Cloud-based PDF signature solutions and DSGVO

As for all applications in the context of companies that process personal data, the data protection requirements of the General Data Protection Regulation (GDPR) apply within the European Union. For many companies, the question therefore arises as to which data protection requirements (DSGVO) exist for cloud-based PDF signature solutions?

Digital signature solutions for PDF documents process such data in the course of the signature process. The signatories must be invited and, if necessary, verified, and the document to be signed must be presented to the signatories. When using qualified digital signatures, there is also an external trust service provider who must also process some of this data.

sproof sign protects your privacy through the following measures:

• DSGVO-compliance: sproof sign fulfils all requirements from the General Data Protection Regulation and can therefore be used by companies within the European Union without hesitation.
• Data processing and data storage exclusively in the European Union: All data is processed and stored on servers in the European Union. There is no data exchange with service providers outside the European Union.
• Deletion concept: sproof sign follows the privacy-by-default principle: data is automatically deleted from our servers after 30 days. If users do not want this, automatic deletion can be deactivated.
• Order data processing contract: An order data processing contract for our corporate customers summarises all relevant points and gives our customers clarity and security.

Note: This article is intended to provide a general understanding and information on technical and legal topics related to digital signatures. This article can therefore present individual aspects in a simplified manner and is not binding legal information.