↗ · Privacy Policy
Privacy Policy
Last updated · 2026-06-08
Sign Sail (“we”, “us”) provides form-building and electronic signature software. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices you have. It applies to everyone who creates a Sign Sail account (“Creators”) and everyone who fills out a form built on Sign Sail (“Respondents”).
1. Information we collect
1.1 From Creators
- Account data: email address, display name, hashed password (we never store plaintext passwords).
- Billing data: if you subscribe to a paid plan, our payment processor Stripe collects and stores your payment details. We store only the subscription state (plan, status, renewal date) and a reference to the Stripe customer, never card numbers.
- Usage data: forms you create, templates you save, timestamps, and aggregate counts needed for plan enforcement.
1.2 From Respondents
- Form responses:whatever the Creator's form asks for. This may include your name, contact details, signature image, uploaded files, and any free-form text you provide.
- Compliance metadata: to satisfy ESIGN Act, UETA, eIDAS Article 25 (SES), and PIPEDA, we capture your IP address, user-agent string, UTC timestamp, consent acknowledgement, and a SHA-256 hash of the submission payload at the moment of signing. This metadata is part of the audit trail bundled with each PDF.
2. How we use information
- To provide the service (render forms, store submissions, generate signed PDFs, send notifications).
- To enforce plan limits and prevent abuse (form counts, monthly submission counters, rate limits).
- To communicate transactional messages (submission confirmations, account notices, password resets).
- To improve the service via aggregated, non-identifying usage statistics.
- To meet legal obligations (tax, fraud prevention, compliance with lawful requests).
2.1 Lawful basis (GDPR)
For users in the EU/EEA, UK, or Switzerland, we process personal data under the following lawful bases under Article 6 of the GDPR:
- Contract (Art. 6(1)(b)): processing needed to deliver the service you signed up for.
- Legal obligation (Art. 6(1)(c)): retaining audit trails for ESIGN/eIDAS compliance and tax records.
- Legitimate interest (Art. 6(1)(f)): fraud prevention, security monitoring, service improvement.
- Consent (Art. 6(1)(a)): marketing emails (which you can opt out of at any time).
3. Who we share with
We never sell or rent personal data. We share data with the following categories of subprocessors, each bound by a data processing agreement:
- Self-hosted infrastructure: our application, PostgreSQL database, and authentication run on dedicated servers we operate directly in Canada and the United States. We do not rely on a third-party database or authentication provider.
- Stripe: payment processing and customer portal (US).
- ClickClickSend (mx1.clickclicksend.com): transactional email delivery.
- Google (Google Analytics): website usage analytics (US). See “Cookies and tracking” below for the cookies this sets and how to opt out.
We may also disclose personal data when required by law, to enforce our Terms, to protect the rights or safety of users, or in connection with a merger or acquisition (in which case we will notify affected users). A current list of subprocessors is available on request at [email protected].
4. International transfers
Our infrastructure is hosted on servers located in Canada and the United States. Your personal data may be transferred to and processed in either country. Canada is recognized by the European Commission as providing an adequate level of data protection for commercial organizations subject to PIPEDA, and the UK and Switzerland recognize Canada as adequate as well. For data processed in the United States, transfers from the EU/EEA, UK, or Switzerland are protected by the Standard Contractual Clauses under Commission Implementing Decision (EU) 2021/914.
5. Data retention
Retention varies by data type and plan tier:
- Account data: kept as long as your account is active, plus up to 90 days after deletion for backups.
- Form submissions (Free plan): retained for 90 days.
- Form submissions (Pro plan): retained for 1 year.
- Form submissions (Business plan): retained indefinitely (until you delete them).
- Audit trails: retained for the same period as the associated submission.
- Billing records: retained for the period required by applicable tax law (typically 7 years).
6. Your rights
Depending on where you live, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and all associated data (“right to be forgotten”).
- Export a copy of your data in a portable format.
- Object to processing based on legitimate interest.
- Restrict processing in certain circumstances.
- Withdraw consent you previously gave, at any time.
- Lodge a complaint with your local data protection authority.
Creators can exercise most of these rights directly from the Account page in the dashboard. Respondents whose data appears in a submission can contact the Creator who owns the form directly, or email us at [email protected] and we will route your request to the relevant Creator and assist them in responding. We will respond to all verified requests within 30 days (or 45 days for complex requests, with notice).
7. Cookies and tracking
Sign Sail uses strictly necessary cookies for authentication and session management. We do not use advertising cookies, pixel trackers, or fingerprinting technologies, and we never sell your data.
For website usage analytics we use Google Analytics 4, provided by Google. Google Analytics sets cookies that measure how visitors use our public site (for example, pages viewed and general device and approximate location information) so we can understand traffic and improve the product. This data may be processed by Google in the United States; those transfers are covered by the Standard Contractual Clauses described in “International transfers” above. We do not use Google Analytics to track you across other websites.
You can opt out of Google Analytics at any time by installing Google’s opt-out browser add-on or by blocking or clearing analytics cookies in your browser. You can also review and control how Google uses data at policies.google.com. Analytics does not run on the public form or signing pages where a recipient fills out or signs a document.
8. Security
We take reasonable and appropriate technical and organizational measures to protect personal data, including:
- TLS encryption in transit for all client/server communication.
- bcrypt password hashing, so we never store plaintext passwords.
- Application-level data isolation so Creators can only access their own data.
- SHA-256 submission hashing for tamper evidence on signed forms.
- Least-privilege access controls for our infrastructure.
No system is perfectly secure. If we become aware of a breach affecting your personal data, we will notify you without undue delay (within 72 hours of discovery, where the breach is likely to result in a risk to your rights and freedoms).
9. Children's privacy
Sign Sail is not directed at children under 16 (or 13 in the United States). We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us and we will delete it promptly.
10. Changes to this policy
We may update this Privacy Policy as our service evolves. Material changes will be announced by email to Creators at least 14 days before taking effect. Continued use of Sign Sail after the effective date constitutes acceptance of the updated policy.
11. Contact
For privacy questions, data subject requests, or breach notifications, please email [email protected].
This is a placeholder page shipped with the MVP. The final legal copy will be reviewed by counsel before launch.