Privacy Policy
Last Updated: March 2026
AbroadSign (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our electronic signature and document management platform. We process personal data in accordance with the General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and other applicable data protection laws in the jurisdictions where we operate. This policy applies to all users of the AbroadSign platform worldwide.
Information We Collect
We collect information to provide and improve our services, comply with legal obligations, and deliver a secure and efficient electronic signature experience. The information we collect falls into several categories, each serving specific purposes related to our platform’s functionality and your overall user experience with our document management tools.
| Data Category | Specific Data | Purpose | Legal Basis |
|---|---|---|---|
| Account Information | Name, email, company, job title, phone | Account creation, communication, support | Contract performance, legitimate interests |
| Identity Data | Government ID, verification documents, biometric data (for QES) | Identity verification, signature validation | Legal obligation, contract performance |
| Document Data | Uploaded documents, signatures, audit trails, metadata | Service delivery, compliance, archival | Contract performance |
| Usage Data | IP addresses, device info, browser type, access logs | Security, troubleshooting, platform improvement | Legitimate interests, legal obligation |
| Communication Data | Email correspondence, support tickets, feedback | Customer support, service improvement | Legitimate interests |
Your data is processed exclusively for the purposes described in this Privacy Policy. We do not sell your personal information to third parties, and we do not use it for purposes incompatible with those for which it was collected, except with your explicit consent or as required by applicable law.
How We Use Your Information
AbroadSign uses the information we collect for a variety of purposes that are essential to delivering our electronic signature and document management services. These purposes include providing the core functionality of the platform, maintaining account security, communicating with you about your documents and account, and ensuring compliance with legal obligations.
- Service Delivery — We use your information to create and manage your account, process electronic signatures, route documents through multi-party workflows, generate comprehensive audit trails, and provide secure access to your documents and complete transaction history
- Identity Verification — For Qualified Electronic Signatures (QES) and other high-assurance signature types, we may verify your identity using third-party verification services. This processing is necessary to comply with legal requirements under eIDAS, ESIGN, and equivalent regulations in multiple jurisdictions
- Security & Fraud Prevention — We monitor platform usage to detect unauthorized access, prevent fraud, and protect the integrity of documents processed through our system. This processing is in our legitimate interest of maintaining platform security for all users
- Communication — We send you notifications about document status, account updates, security alerts, and service-related information. You can manage your notification preferences through your account settings at any time
- Platform Improvement — We analyze usage patterns and user feedback to improve our platform’s functionality, usability, and performance. This processing is in our legitimate interest of continuously improving our services
- Legal Compliance — We retain certain records and process personal data as required by applicable laws, including anti-money laundering regulations, trade sanctions requirements, and data retention obligations specific to international trade documentation
Data Sharing & Third Parties
AbroadSign shares your personal information only in the circumstances described in this section. We do not sell, rent, or trade your personal information to third parties for marketing purposes. When we share data with third parties, we require recipients to protect it in accordance with applicable data protection laws and to use it only for the specific purposes for which it was shared.
- Document Recipients — When you send a document for signature, the signatories and other parties you designate will receive access to the document and related information necessary to complete the signing process. This is an essential function of our service and a core part of the contract we provide to you
- Service Providers — We share data with trusted third-party service providers who assist us in operating our platform, including cloud infrastructure providers, identity verification services, payment processors, and customer support tools. These providers are contractually bound to protect your data
- Legal Requirements — We may disclose personal information if required to do so by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect the rights, property, or safety of AbroadSign, our users, or the general public
- Business Transfers — In the event of a merger, acquisition, or sale of all or substantially all of our assets, personal information may be transferred as part of that transaction. We will notify you of any such change and update this Privacy Policy accordingly
Data Security & Retention
We implement robust technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include AES-256 encryption for data at rest, TLS 1.3 encryption for all data in transit, multi-factor authentication options, role-based access controls, regular security assessments by independent auditors, and comprehensive employee training on data protection practices.
We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by applicable law. Document data and audit trails are retained in accordance with legal requirements for trade documentation, which may require storage for 5-10 years or longer depending on the jurisdiction and document type. When your information is no longer needed, we securely delete or anonymize it.
Your Rights Under Data Protection Laws
Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws. These rights are designed to give you control over how your data is used and to ensure transparency in our data practices across all jurisdictions where we operate.
- Right of Access — You have the right to request a copy of the personal information we hold about you and to understand how we process it in detail
- Right to Rectification — You have the right to request correction of inaccurate or incomplete personal information that we hold about you
- Right to Erasure — You have the right to request deletion of your personal information, subject to legal retention requirements that may apply
- Right to Data Portability — You have the right to receive your data in a structured, machine-readable format for transfer to another service provider
- Right to Object — You have the right to object to certain processing activities based on our legitimate interests
- Right to Withdraw Consent — Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing
To exercise any of these rights, please contact our Data Protection Officer through our contact form or by emailing our privacy team directly. We will respond to your request within the timeframe required by applicable law. For more information about data protection best practices, visit the EU GDPR official website or the UK Information Commissioner’s Office.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please do not hesitate to contact us. Our Data Protection Officer is responsible for overseeing our compliance with data protection laws and can assist you with any privacy-related inquiries or requests. You can also visit our features page and Terms of Service for additional information about our platform and legal framework.
For official resources on privacy regulations affecting international trade, visit the World Trade Organization and EU GDPR Portal.