DocuSeal Compliance
Ensuring the highest levels of security, transparency, and compliance in the digital document realm. Discover how DocuSeal adheres to international standards like GDPR, eIDAS (including Qualified Electronic Signatures), SOC 2, HIPAA, UETA, and the ESIGN Act.
ESIGN
& UETA
What is UETA and the ESIGN Act?
The Uniform Electronic Transactions Act (UETA) and the Electronic Signature in Global and National Commerce Act (ESIGN Act) are pivotal U.S. laws that establish the legal validity of electronic signatures and records. Both statutes ensure that electronic documents and signatures are as legally binding as their traditional counterparts.
- Legal Validity: Electronic signatures and records are considered legally valid and have the same legal status as handwritten signatures and paper documents, ensuring that contracts and agreements formed electronically are enforceable.
- Electronic Records: Electronic records are deemed to be in writing and are legally recognized, satisfying the requirement for a written document.
- Consumer Consent: Parties involved in electronic transactions must consent to conduct the transaction electronically. However, consent cannot be denied solely on the grounds that it is in electronic form.
- Record Retention: UETA establishes guidelines for the retention of electronic records to ensure that they remain accessible and accurate for future reference.
How does DocuSeal comply with UETA and the ESIGN Act?
Authentication
Signers are authenticated via email or SMS, ensuring the validity and trustworthiness of electronic signatures.
Record Retention
All digital records are securely stored enabling easy access and retrieval when necessary.
Audit Trail
Audit trail is maintained, featuring comprehensive logs through the entire signing process.
eIDAS
Electronic Identification
Authentication and
Trust Services
What is eIDAS ?
The Electronic Identification, Authentication and Trust Services (eIDAS) regulation is an EU initiative that standardizes electronic identification and trust services for electronic transactions. It ensures that electronic interactions between businesses, citizens, and public authorities are secure, seamless, and have legal standing.
- Electronic Signatures: eIDAS defines three types of electronic signatures: simple, advanced, and qualified electronic signatures. These signatures have varying levels of security and legal validity, allowing users to choose the appropriate type based on the context and requirements of the transaction.
- Record Retention: Businesses must provide consumers with the option to receive electronic records in a format that is accessible and can be retained for future reference. Additionally, businesses are required to maintain accurate records of electronic transactions.
How does DocuSeal comply with eIDAS simple signature?
Signer Intent
The signing intent is linked to the signer identity and ensures that the signer willingly participates in the transaction.
Data Integrity
The signature is linked to the signed data in such a way that any subsequent changes to the data can be detected.
Safe Transactions
Every online action is secure and legally recognized as per eIDAS simple signature standard.
GDPR
General Data
Protection Regulation
What is GDPR ?
The General Data Protection Regulation (GDPR) is a regulation introduced by the European Union to protect the privacy and personal data of its citizens. It sets forth guidelines for the collection, processing, and storage of personal data and emphasizes transparency, security, and accountability by businesses.
How does DocuSeal comply with GDPR?
Servers in the EU
All user information on docuseal.eu is stored exclusively on servers located within the European Union.
No Data Sharing
We never share or transfer user data to third parties for marketing or analytics purposes.
Do Not Track
Privacy is prioritized at all times. Only the data required by the digital signature process is collected.
Comprehensive Compliance Standards
At DocuSeal, we are dedicated to maintaining the most stringent international compliance standards to protect your data and electronic transactions. Our commitment to adhering to SOC 2, HIPAA, and Qualified Electronic Signatures (QES) under the eIDAS regulation reflects our unwavering focus on security, privacy, and legal validity.
SOC 2 Type II Compliance
DocuSeal uses SOC 2-standard security to protect your data from unauthorized access. We ensure data availability through a robust infrastructure. Strict access controls maintain confidentiality. Regular audits keep protection at its highest.
HIPAA Compliance
DocuSeal complies with HIPAA to secure Protected Health Information (PHI). We use advanced encryption and strict access controls to safeguard patient data. Regular staff training and updated policies ensure ongoing privacy and security.
Qualified Electronic Signature
Under eIDAS, DocuSeal supports QES, giving electronic signatures the same legal status as handwritten ones across the EU. We verify signer identities and secure the signing process to ensure document integrity and legal compliance.
Commitment to Compliance and Security
At DocuSeal, we recognize the importance of adhering to international standards and regulations. Our commitment to compliance with GDPR, eIDAS (including Qualified Electronic Signatures), SOC 2, HIPAA, UETA, and the ESIGN Act is a testament to our dedication to ensuring the utmost security, privacy, and reliability in our electronic transactions.