Signly: Privacy Policy

Introduction This Privacy Policy explains how Signly ("Signly", "we", "us", "our") collects, uses, stores, and protects personal information when individuals use the Signly electronic signature platform and related services. Signly is operated by Kevin Joseph, a sole trader established in the United Kingdom and trading as "Signly". By accessing or using the service, you agree to this Privacy Policy, and privacy related questions may be directed to support@signly.io.

Role of Signly For account registration, billing, communications, service analytics, and operational records, Signly acts as a data controller. For documents, signer information, audit trail data, and other content uploaded or processed on behalf of customers, Signly acts as a data processor, and the customer remains the data controller responsible for determining the purposes and lawful basis of processing.

Information collected Personal information may be collected directly from users, including name, email address, organisation details, account credentials, billing information, communications, and account activity, and may also be collected automatically, including IP addresses, device identifiers, browser metadata, security logs, usage data, and interaction records, as well as information contained within documents and audit trails processed through the service.

Legal basis for processing Personal information is processed as necessary to perform a contract, comply with legal obligations, maintain platform security, prevent fraud and abuse, provide customer support, and pursue legitimate interests such as operating, maintaining, and improving the service, and where consent is required by law, it will be obtained and may be withdrawn.

How information is used Personal information is used to operate and maintain the service, including authentication, access control, billing, document workflows, electronic signature processes, audit trail generation, monitoring, and support, and is not used for advertising, behavioural profiling, or unrelated marketing.

Cookies and local storage The service uses cookies, local storage, and similar technologies that are essential for authentication, security, session management, and fraud prevention, and disabling these technologies may prevent the service from functioning properly.

Sharing of information Personal information may be shared with essential service providers such as cloud hosting, database infrastructure, document storage, email delivery, analytics, error monitoring, payment processing, and security services, and may also be disclosed to comply with legal obligations, lawful requests, or to protect the rights, safety, and security of Signly, customers, and others, and Signly may notify customers of such disclosures unless legally prohibited.

Subprocessors Signly uses essential subprocessors to support the operation of the service, and such subprocessors are authorised to process personal information only as necessary to provide their services, with a current list available on the Signly website.

International transfers Where personal information is transferred outside the United Kingdom or European Economic Area, appropriate safeguards such as standard contractual clauses, the UK addendum, or other legally recognised transfer mechanisms are applied.

Retention Personal information is retained only for as long as necessary to operate the service, comply with legal obligations, resolve disputes, and enforce agreements, and documents, audit records, drafts, logs, backups, and temporary data may be retained for limited periods, with residual copies persisting in backups or logs before secure deletion.

Special category data Customers should not upload or process special category personal data, including health, biometric, religious, or criminal records data, unless they are solely responsible for ensuring a valid lawful basis, required notices, and any necessary consents under applicable law.

Data accuracy and verification Personal information processed through the service is provided by customers and signers, and Signly does not independently verify the accuracy, completeness, or lawfulness of such information.

Customer responsibilities Customers are responsible for ensuring they have the legal right and lawful basis to upload documents, process signer information, and store or transmit personal data through the service, and must not submit personal information they are not authorised to process.

Your rights Individuals may request access, correction, deletion, restriction, portability, or objection to the processing of personal information by contacting support@signly.io, may withdraw consent where applicable, and may lodge a complaint with the UK Information Commissioner's Office or another applicable supervisory authority in the EEA, and requests may be limited or declined where permitted by law.

Business transfers Personal information may be transferred as part of a merger, acquisition, asset sale, restructuring, or similar business transaction, subject to appropriate confidentiality and data protection safeguards.

Children The service is not intended for individuals under eighteen years of age, and Signly does not knowingly collect personal information from children.

Do not sell or share Signly does not sell or share personal information for advertising or cross context behavioural tracking purposes.

Changes This Privacy Policy may be updated from time to time, and continued use of the service constitutes acceptance of the revised policy.

Contact Questions or requests relating to this Privacy Policy may be directed to support@signly.io.