Privacy Policy
Last modified: July 15, 2021
This Privacy Policy details how Signaturely, LLC (“Signaturely”, “we”, “us”, and “our”) collects, uses, discloses and secures personal information:
- When you visit or interact with our website at www.signaturely.com (“Site”);
- From our customers (“Customers”) who sign up for and use our products and services (“Services”) and
- When you otherwise communicate with us, such as through email or via social media platforms.
If, after reviewing this Privacy Policy, you have any questions or concerns, please send us an email to [email protected].
IF YOU ARE AN INDIVIDUAL LOCATED IN THE EUROPEAN ECONOMIC AREA OR THE UNITED KINGDOM: If you are located in the European Economic Area (“EEA”) or the United Kingdom (U.K.), this entire Privacy Policy applies to you. In addition, please see Additional Information for Individuals in the EEA and the U.K. below, which also applies to you and will inform you in detail about our legal bases for processing and which rights you have in connection with our processing of your personal information.
IF YOU ARE A RESIDENT OF NEVADA: If you are a resident of Nevada, this entire Privacy Policy applies to you. However, please see Notice for Nevada Consumers below, which will also apply to you.
Who We Are
Signaturely is a California limited liability company with the following contact information:
Signaturely, LLC
440 N Barranca Ave Ste 1760
Covina, CA 91723
United States
With respect to its collection and processing of personal information, Signaturely acts as either a:
- ‘Data controller’ when it collects personal information on its own behalf and for its own commercial and business purposes, such as from Site visitors or to register Customers, or
- ‘Data processor’ when it collects and processes personal information on behalf of its Customers in order to provide the Services.
Please note that how you exercise certain rights will depend on whether Signaturely is processing your personal information as a ‘data controller’ or as a ‘data processor’ – as further explained throughout this Privacy Policy.
How to Contact Us about Privacy
Any questions about this Privacy Policy or requests for access to or deletion or rectification of personal information that Signaturely collects and processes should be addressed to [email protected] or by mail at:
Attn: Privacy Team
440 N Barranca Ave Ste 1760
Covina, CA 91723
United States
Individuals in the EEA or the U.K. may contact us as set forth in the section Additional Information for Individuals in the EEA and the U.K. below.
Changes to this Privacy Policy
Signaturely may update this Privacy Policy from time to time, in its sole discretion. If we do so, we will post an updated Privacy Policy on the Site along with a change notice. Changes, modifications, additions, or deletions will be effective immediately upon their posting to the Site unless otherwise stated in the change notice. If we make material or significant changes, we may also send registered Customers a notice that this Privacy Policy has been changed. We encourage you to review this Privacy Policy regularly for any changes. Your continued use of the Site and/or Services, and/or your continued provision of personal information to us after the posting of such notice, will be deemed an acceptance of any changes and subject to the terms of the then-current Privacy Policy.
International Transfers
We are located in the United States, and the personal information that we collect is stored on servers hosted by us or our authorized third-party service providers located in the United States. This means that your personal information will be collected, processed, and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the EU’s General Data Protection Regulation (“GDPR”).
By sending us personal information, you agree and consent to the processing of your personal information on servers located in the United States, which may not offer an equivalent level of protection to that required in other regions (particularly the European Union or the U.K.).
We have implemented safeguards designed to ensure that the personal information we process remains protected in accordance with this Privacy Policy, including when processed internationally or by our third-party service providers and partners. The safeguards we may take in our discretion include, for instance, entering into specific agreements in connection with any onward transfers of personal information. We may implement other mechanisms and take similar appropriate safeguards with our third-party service providers and partners. Further details can be provided upon request.
Personal Information We Collect
We collect information directly from you when you provide it to us, such as when visit our Site and request a demo or sign up for our Services. We also collect information indirectly , such as through the use of cookies and similar technology. We also collect and process information on behalf of our Customers in connection with our Services.
Information Collected Directly from You
Communicating With Us
When you visit the Site, you may choose to fill out a web form, such as on our “Contact Us” page or when you chat with us. In this case, you are sharing your personal information with us directly. Information that we collect from you consists of:
- Name
- E-mail address
- Company name and website
- Other information you may provide in the message box
In addition, if you send us an email or otherwise contact us, we will collect the personal information that you provide to us at that time.
Using our Services
Creating an Account
When you become a Customer (including when you register for a free account), we will also collect personal information from you:
- Name
- E-mail address
- Username and password
- Company name and website
If you use Google Sign-in to access the Services, we may collect your Google ID, name, profile URL, and email address unless you decline to share that information with us through Google’s settings. How Google uses your information, information about your use of Google Sign-in to log into the Site, is governed by Google’s privacy policy, which may be accessed here.
Information Collected Indirectly
When you visit the Site, we, or authorized third parties, collect some information, including Device and Usage Information described below, using automated means such as cookies, web beacons, SDKs and server logs. For more information on our use of these technologies and the data that they collect, please see our Cookie Statement.
We may also collect information from third parties, as explained below.
Device and Usage Information
When you visit, use or interact with the Site, even if you do not have an account, we, or authorized third parties (such as service providers or, as explained below, External Ad Partners), may collect information about your use of the Site via your device. Device and Usage Information that we, or these authorized third parties, collect consists of:
- Information About your Device: information about the devices and software you use to access the Site. This primarily incudes the internet browser or mobile device that you use, the website or source that linked or referred you to the Site, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, device screen size, and other similar technical information.
- Usage Information: information about your interactions with the Site. This includes access dates and times, hardware and software information, device event information, crash data, and cookie data. This information allows us to understand the screens that you view, how you have used the Site (which may include administrative and support communications with us or whether you have clicked on third party links), and other actions on the Site. We, or our authorized third parties, automatically collect log data when you access and use the Site, even if you have not created an account or logged in. We use this information to administer and improve the Site, analyze trends, track visitors’ use of the Site, and gather broad demographic information for aggregate use.
- Location Data: we, or authorized third parties, collect your location data, including city, metro code, zip code, state, country, latitude and longitude, and area code through your IP address.
Information from Third Parties
We also collect and process personal information from third parties:
- We collect information from our partners and service providers, such as transaction information from providers of payment services or analytics providers.
- We collect data from our External Ad Partners (described here).
Information Collected and Processed on Behalf of Customers
Services Data
We process and store certain personal information on behalf of our Customers. In those instances, we are a data processor (or service provider) and the Customer is the data controller. When a Customer uploads documents – which may contain personal information – in connection with its use of our Services (“Services Data”), we process and store such Services Data on the Customer’s behalf, and only in accordance with the Customer’s instructions. In addition, when using our Services, Customers may provide us with personal information about other individuals who are not registered with our Services (“Contacts”). For instance, a Customer may request an electronic signature from a Contact and provide us with personal information about the Contact, such as an email address and name (“Contact Information”). When you share Contact Information with us, we will store it on our systems. Please do not share any Contact Information unless you have permission to do so.
If you are a Contact or if your information is processed by Signaturely on behalf of a Customer (including as a Customer employee) in connection with the Services, please direct any questions about the processing of your personal information to the Customer. As explained further below, if you wish to exercise any individual rights under applicable privacy laws, please direct such requests to the Customer. To the extent that we receive any such requests or other queries when we act as a data processor, we will pass your request or query on to the relevant Customer.
Contact Information Exceptions
Please note that with respect to Contacts who visit our Site (including those who are directed to our landing page after completing a signature or a task from a Customer) or otherwise subscribe to marketing communications from us, we are a data controller.
Why We Collect Your Personal Information and How We Use It
General Purposes
We, or our authorized partners, collect and process personal information in order to:
- Provide the Site and Services, including to collect payments
- Ensure that the Site and Services are operational and optimized for user experience
- Improve the content and general administration of the Site and Services
- Enhance Customer experience, including to provide customer support
- Detect, prevent and investigate fraud, illegal activities, unauthorized access to or use of our Services, security breaches or any other wrongful behavior/behavior
- Deliver content and tailored advertising, and generally market and advertise Services
- Ensure compliance with mandatory retention requirements
- Provide you with notices regarding Services that you have purchased
- Provide you with notices regarding Services that you may wish to purchase in the future including, in some cases, to send you direct marketing communications regarding other services that we may think are of interest to you
- Respond to your queries and requests, or otherwise communicate directly with you
- Perform system maintenance and upgrades, and enable new features
- Understand how you access and use the Site and Services in order to provide technical functionality and/or develop new products and services
- Conduct statistical analyses and analytics based on usage and activity on the Site
- Enforce our agreements with you if necessary
- Provide information to regulatory bodies when legally required, and only as outlined in this Privacy Policy
In some cases, we combine or aggregate the information for the purposes stated above.
Individuals located in the EEA and the U.K., please see Additional Information for Individuals in the EEA and the U.K. below for more information, including our legal bases for processing.
Note that Services Data is processed by Signaturely solely to provide the Services and in accordance with data processing agreements, except with respect to Contact Information when we act as a data controller as explained above.
Disclosure of Your Personal Information
We disclose your personal information under certain circumstances as further described below.
Third Parties and Service Providers
Service Providers
Signaturely shares personal information, including End User Information, with our third party agents, contractors, or service providers who are hired to perform services on our behalf or in order to assist with certain business purposes. These providers may operate or support certain functions of the Site and/or Services. Below is a list of categories of service providers that we may use to perform these functions (which are subject to change):
- Analytics services
- Customer support services
- Billing services and payment gateway providers
- Hosting and content delivery network services
- Communication tools
- Professional services (such as auditors, lawyers, consultants, accountants and insurers)
- Customer Relationship Management (CRM) solutions
Service providers process your personal information for the specific purpose of providing their services to us (and in accordance with our instructions). In some cases, service providers collect your personal information directly from you, such as via cookies.
External Ad Partners
As explained here, we also disclose personal information regarding Site visitors as well as our Customers and their Contacts (excluding Services Data) to External Ad Partners who assist us with advertising and marketing our Services. You may opt-in or opt-out depending on where you are located, as explained in this Privacy Policy. In most cases, External Ad Partners collect your personal information directly from you, such as via cookies.
Affiliates
We may share your personal information with other companies under common ownership or control with Signaturely, provided that these companies use your personal information as described in this Privacy Policy.
Other Customers or Contacts
When you allow others to access, use, edit or sign Services Data (including contracts or other documents) via the Services, we share your personal information and that content with them. If you are a Contact, when a Customer wishes to provide access to the Services Data to another Customer or a Contact, we will share your personal information and your actions within the Services with the Customer. We will also share your personal information if you interact with another Customer.
Business Transfers
As we continue to grow, we may purchase websites, applications, subsidiaries, or other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities, obtain financing, and/or sell assets or stock, in some cases, as part of a reorganization or liquidation in bankruptcy. In order to evaluate and/or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation, or other corporate reorganization in which Signaturely participates, to investors and/or to a purchaser or acquirer of all or a portion of Signaturely’s assets, including bankruptcy.
Aggregated or Anonymized Information
We share anonymized, aggregated, automatically-collected, or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) business or marketing purposes; (iii) assistance for us and other parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, and/or functionality available through the Services. We do not share personal information about you in this case.
Legal Obligations and Security
Signaturely may preserve or disclose your personal information in limited circumstances (other than as set forth in this Privacy Policy), including: (i) with your consent; (ii) when we have a good faith belief it is required by law, such as pursuant to a valid subpoena, warrant, or other judicial or administrative order (as further explained below); (iii) to protect the safety of any person; (iv) to protect the safety or security of the Site and/or Services or to prevent spam, abuse, or other malicious activity of actors with respect to the Site and/or Services; or (v) to protect our rights or property and/or the rights or property of those who use the Site and/or Services.
If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant, or other judicial or administrative order, we will use reasonable efforts to provide you with notice of this disclosure requirement, unless we are prohibited from doing so by statute, subpoena or court or administrative order. Our policy is to respond to requests that are properly issued by law enforcement within the United States or via mutual legal assistance mechanism (such as a treaty), and to object to requests that we do not believe were issued properly. However, if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), which will be determined on a case-by-case basis.
With respect to Services Data, Customers must review our Terms of Use, which address our retention and disclosure of information if required by law.
Children’s Information
We do not knowingly collect any personal information directly from children under the age of 16. If we discover we have received any personal information from a child under the age of 16 in violation of this Policy, we will take reasonable steps to delete that information as quickly as possible. If you believe that we have any personal information from or about anyone under the age of 16, please contact us at [email protected].
Analytics
Google Analytics
The Site uses third-party analytics tools that drop cookies and/or similar technologies to collect and store information about your device and use of the Site. We use analytics tools to calculate visitor, session and campaign data for analytics reports.
One of our tools is Google Analytics. You can read more about Google’s practices in Google’s privacy policy. You can opt-out from being tracked by Google Analytics in a particular browser on a particular device by downloading and installing the Google Analytics Opt-out Browser Add-on for that browser.
Hotjar
We use Hotjar, a technology service that helps us better understand our users’ experience (e.g., how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our Site with user feedback. Hotjar uses cookies and other technologies to collect data on our Site visitors’ behavior and their devices. This includes Device Information, Usage Information and Location Information. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please click here. You may also opt-out by clicking here.
Marketing & Advertising
Direct Marketing
We market and advertise our company and Services in a variety of ways. We may gather information from or about you in the following different roles:
- Individuals who have no relationship with Signaturely, meaning that Signaturely has acquired data about them through a third party (“Leads”) or they have visited the Site, in some cases because our service providers suggest our Site and Services
- Individuals, entities or others who have contacted Signaturely or otherwise inquired about Signaturely’s Services
- Customers
- Contacts who visit our Site, including after signing a document or otherwise completing a task requested by a Customer.
In some cases, you provide personal information directly to Signaturely as part of a marketing event that Signaturely hosts or co-hosts, such as when you attend an event, through email or when you schedule a demo. Occasionally, and in some cases only with your consent, we may send you future communications. We may also acquire personal information about you when you visit our Site or Social Media Accounts (see below).
Customers have the option to register for a free account and access some of our Services free of charge. If you register for a free account – for instance if you’d like to try it out first – we will send you marketing communications about upgrading to the paid Services. If you do not wish to receive marketing communications from us, click the ‘unsubscribe’ link contained in the corresponding emails, or contact us using the contact details provided above.
Our communications to you for marketing purposes will contain instructions on how you can opt-out from receiving future communications, and if you consent to our use of your personal information for marketing purposes, you may always withdraw your consent. You may also directly contact Signaturely about its marketing activities at [email protected].
Targeted Advertising
Signaturely engages third-party advertising networks (“External Ad Partners”) to display advertising about our Services when you visit other websites within that advertising network. Like many other companies, we rely on retargeting, also known as remarketing, which is a type of marketing strategy that helps businesses “remind” visitors of their products and services after they leave their websites. For instance, through the use of cookies (and similar technologies) placed by External Ad Partners, Device Information, Usage Information and Location Information (as explained above) are collected and then used to identify visitors to our Site on other websites or social media platforms. With this information, our External Ad Partners may serve relevant ads on consumers who previously visited the Site.
Please note that with respect to advertising, our External Ad Partners share the information that they collect on our Site with many other companies within the advertising supply chain. Signaturely does not have a direct relationship with these other companies.
To learn more about advertising cookies are, how they are used, and how to opt-out, please review our Cookie Statement .
Individuals in the EEA and the U.K. have additional rights, as explained here.
Facebook Pixel
On our Site, we use Facebook Pixel, which tracks user behavior. This Facebook service enables us to measure Facebook activity on our dedicated Facebook page and measure the effectiveness of marketing campaigns. Facebook stores and processes your personal information and activity. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Privacy Policy. For individuals in the EEA, please note that by enabling Facebook Pixel, we are jointly responsible for the processing, as explained Signaturely as a ‘Joint Controller’ with Facebook.
To adjust how ads are targeted to you based on your activity on or off of Facebook, visit Facebook’s help page available here. Facebook also provides a tool called Off-Facebook-Activity, which can be found in your Facebook settings.
Signaturely maintains an online presence on social media platforms (“Social Media Platforms”) such as Instagram, Twitter or Facebook, to provide information about our Services and communicate with users and/or visitors to those pages or accounts. When you interact or post to our account, we process your personal information. In some cases, the Social Media Platforms are service providers or processors. In other cases, such as with Facebook, we are jointly responsible for the processing, as explained in the section titled Signaturely as a ‘Joint Controller’ with Facebook .
How We Secure Personal Information
We use reasonably appropriate security measures designed to protect the security of personal information both online and offline. These measures vary based on the sensitivity of the information that we collect, process and store and the current state of technology. Please note, though, that no website or internet transmission is completely secure, so while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur. You can read more about our security protocols by clicking here.
Do Not Track Signals
Certain internet web browsers allow a “do not track” (DNT) setting that relies on a technology known as a DNT header, which sends a signal to websites visited by the individual about the individual’s browser DNT setting. At this time, we do not currently respond to DNT signals, whether that signal is received on a computer or on a mobile device.
Your Choices
Use of Cookies and Automated Technologies on the Site
How you make choices about cookies and other tracking technologies depends on the type of cookie or tracking technology being used. For details on how to manage your preferences for cookies and tracking technologies within your web browser, please see our Cookie Statement.
Some visitors in some locations may be required opt-in to non-essential cookies, as explained in the Cookie Statement.
Marketing Activities
If you are receiving promotional emails from us, you can choose to stop receiving those by following the unsubscribe/opt-out instructions in those emails. You can also contact us at [email protected].
Accessing and Changing Your Information
To request access to, or to make changes to, data that we have collected from you via the Site or Services, please email us at [email protected].
Individuals in the EEA and the U.K. have additional rights, as explained here.
Notice to Nevada Consumers
We do not sell your personal information within the scope of, and according to the defined meaning of a “sale” under, NRS 603A.
Additional Information for Individuals in the EEA and the U.K.
For purposes of this section, “personal information” has the same meaning as “personal data” as such term is defined in applicable data protection laws.
Categories of Recipients of Personal Information
The categories of recipients of personal information with whom we may share your personal information are listed in Disclosure of Your Personal Information above.
Purposes of Processing and Legal Bases
Signaturely as ‘Data Controller’
As a ‘data controller’, Signaturely processes your personal information for a number of different purposes. Some are essential for us to provide the Services or to fulfill our legal obligations, some help us run the Services efficiently and effectively, and some enable us to provide you with more relevant and personalized offers and information. In all cases, with respect to individuals in the EEA, we must have a reason and a lawful basis for processing your personal information. The most common legal grounds on which we rely are briefly explained below:
- Performance of a Contract: we may process your personal information in order to enter into, or perform a contract to which you are a party – for instance, when a Customer signs up for the Services.
- Legitimate Interests: we may process personal information where it is necessary for our legitimate business interests, but only to the extent that they are not outweighed by your own interests or fundamental rights and freedoms. When we rely on this legal basis, if required, we will carry out a legitimate interest assessment to ensure we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.
- Consent: We rely on consent where it is required, such as when we are asking you to confirm your marketing preferences. When we rely on consent, you will be asked to confirm that you give your permission to Signaturely to process your personal information. You have the right to withdraw your consent at any time if you no longer want to be part of the Signaturely processing activity where your consent was sought.
- Legal Obligation: Signaturely may have legal obligations to retain and/or disclose your personal information, or may cooperate in a legal or governmental investigation. It is essential that Signaturely complies with its legal, regulatory, and contractual requirements, so if you object to this processing, Signaturely will not be able to provide its Services to you.
The following breakdown illustrates in more detail our processing activities and how the above legal bases for processing apply (in brackets):
- Provide the Services, including to collect payment [Legal Basis: Performance of a Contract]
- Provide the Site [Legal Basis: Legitimate Interests]
- Ensure that the Site and Services are operational and optimized for user experience [Legal Basis: Legitimate Interests or Performance of a Contract, depending on the specific use]
- Improve the content and general administration of the Site and Services [Legal Basis: Legitimate Interests]
- Enhance user experience, including to provide you with customer support [Legal Basis: Legitimate Interests]
- Detect, prevent and investigate fraud, illegal activities, unauthorized access to or use of our Services, security breaches or any other wrongful behavior [Legal Basis: Legitimate Interests]
- Deliver content and tailored advertising, and generally market and advertise Services [Legal Basis: Legitimate Interests or Consent, depending on the specific circumstances]
- Ensure compliance with mandatory retention requirements [Legal Basis: Compliance with a Legal Obligations]
- Provide you with notices regarding Services that you have purchased [Legal Basis: Performance of a Contract]
- Providing you information about Services that you may wish to purchase in the future including, in some cases, to send you direct marketing communications regarding other services that we may think are of interest to you [Legal Basis: Legitimate Interests]
- Respond to your queries and requests, or otherwise communicate directly with you [Legal Basis: Legitimate Interests or Performance of a Contract, depending on the specific use]
- Perform system maintenance and upgrades, and enable new features [Legal Basis: Legitimate Interests]
- Understand how you access and use the Site and Services in order to provide technical functionality and/or develop new products and services [Legal Basis: Legitimate Interests]
- Conduct statistical analyses and analytics based on usage and activity on the Site [Legal Basis: Legitimate Interests or Consent, depending on the specific circumstances]
- Enforce our agreements with you if necessary [Legal Basis: Legitimate Interests]
- Provide information to regulatory bodies when legally required, and only as outlined in this Privacy Policy [Legal Basis: Compliance with a Legal Obligations]
Signaturely as a ‘Joint Controller’ with Facebook
We have a presence on Facebook and use Facebook Pixel for re-targeting (both “Facebook Products”). With respect to our use of Facebook Products, we are jointly responsible with Facebook Ireland for the processing activities (“Joint Processing”) with respect to your personal information:
Facebook Ireland Ltd.,
4 Grand Canal Square, Grand Canal Harbor
Dublin 2, Ireland
Information about the personal information that is collected from you by Facebook, as well as how and why it is processed by Facebook, can be found at https://www.facebook.com/about/privacy.
Signaturely and Facebook have entered into entered into an agreement in order to determine the respective responsibilities for compliance with our obligations in connection with the Joint Processing within the meaning of the GDPR. This joint controller agreement, which sets out the reciprocal obligations, is available here.
We process your personal data on our Facebook page in the following ways:
- When you interact with our Facebook page, your public profile information (including display name)
- When you interact with our Facebook page by uploading a post and entering your personal information or contacting us via Facebook Messenger and providing your personal data.
When you interact with our Facebook page, Facebook Insights uses your data to gather statistics on page usage. For more information on the processing of Insights data when interacting with our Facebook page, please visit https://www.facebook.com/legal/terms/information_about_page_insights_data.
Note that if you contact us by email or via Facebook Messenger, the communication is unencrypted.
Signaturely’s legal basis for processing your personal information via Facebook is our legitimate interest in promoting our Services. This includes to:
- Evaluate analyses and statistics relating to user behavior on our Facebook page
- Optimize our Facebook page in terms of its user-friendliness and attractiveness, and to introduce user-friendly marketing measures
- Other communication and interactions initiated by Facebook users.
PLEASE NOTE THAT FACEBOOK IRELAND IS RESPONSIBLE FOR ENABLING DATA SUBJECTS’ RIGHTS UNDER ARTICLES 15-20 OF THE GDPR WITH REGARD TO THE PERSONAL DATA STORED BY FACEBOOK IRELAND IN CONNECTION WITH THE JOINT PROCESSING, AS FURTHER DESCRIBED IN FACEBOOK’S PRIVACY POLICY. TO EXERCISE YOUR RIGHTS, PLEASE GO TO YOUR FACEBOOK SETTINGS OR CONTACT FACEBOOK AS SET FORTH IN ITS PRIVACY POLICY.
It cannot be excluded that some processing by Facebook Ireland Ltd. will also take place in the United States by Facebook Inc.
How Long Do We Keep Your Personal Information?
We use the following criteria to determine our retention periods: the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal information, how long we have an ongoing relationship with you and provide you with access to our Services, and applicable legal requirements. We will retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax, or accounting requirements), when we are unable to reasonably verify your identity, or as may otherwise be required under GDPR. Additionally, we cannot delete information when it is needed for the establishment, exercise, or defense of legal claims (also known as a “litigation hold”). In this case, the information must be retained as long as needed for exercising respective potential legal claims.
When we have no ongoing business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible. If you have questions about, or need further information concerning, our data retention periods, please email [email protected].
Note that with respect to Services Data, our retention periods may vary as set forth in the Terms of Use.
Staying in Control of Your Information: Your Rights
WITH RESPECT TO SERVICES DATA OR IF YOU ARE A CONTACT, YOU MUST EXERCISE YOUR DATA SUBJECT RIGHTS REQUESTS WITH THE CUSTOMER(S) (ACTING AS ‘DATA CONTROLLER’) ON BEHALF OF WHICH SIGNATURELY PROVIDES THE SERVICES AND COLLECTS SERVICES DATA, AS EXPLAINED HERE. IF WE RECEIVE SUCH REQUESTS, WE WILL SEND THOSE REQUESTS TO THE RELEVANT CUSTOMER, WHO WILL BE RESPONSIBLE FOR RESPONDING TO AND ADDRESSING RIGHTS REQUESTS, WITH OUR COOPERATION.
If the GDPR (or its equivalent in the U.K.) applies to you because you are in the EEA or the U.K., you have certain rights in relation to your personal information:
- The right to be informed – our obligation to inform you that we process your personal information (and that is what we are doing in this Privacy Notice)
- The right of access – your right to request a copy of the personal information we hold about you (also known as a ‘data subject access request’)
- The right to rectification – your right to request that we correct personal information about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your Account Settings)
- The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the personal information we have about you (unless there is an overriding legal reason we need to keep it)
- The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your personal information
- The right to data portability – your right to ask us for a copy of your personal information in a common format (for example, a .csv file)
- The right to object – your right to object to us processing your personal information (for example, if you object to us processing your data for direct marketing)
- Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making.
- The right to withdraw your consent where you had previously given consent. To access our cookie banner, please click .
These rights are subject to certain rules around when you can exercise them. If are located in the EEA and wish to exercise any of the rights set out above, please contact us (see How to Contact Us about Privacy ).
You will not have to pay a fee to access your personal information (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request under those circumstances.
We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. Note that if we are unable to reasonably confirm your identity, we will not be able to honor certain requests.
We will respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.
In addition, if you no longer wish to receive our marketing/promotional information, we remind you that you may withdraw your consent to direct marketing at any time directly from the unsubscribe link included in each electronic marketing message we send to you. If you do so, we will promptly update our databases, and will take all reasonable steps to meet your request at the earliest possible opportunity, but we may continue to contact you to the extent necessary for the purposes of providing our Services.
Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us directly first.
Representative in the European Union and in the U.K.
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Signaturely has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by:
- Using EDPO’s online request form: https://edpo.com/gdpr-data-request/
- Writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK General Data Protection Regulation (GDPR) – UK Representative
Pursuant to Article 27 of the UK GDPR, Signaturely has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR by:
- Using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- Writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom.
Social Media