Where is my data stored?

In accordance with Signable’s registration with ICO as a ‘Data Controller’, and by the ICO Data Protection Act, all data is securely stored for a minimum of 5 years, within Europe.

Our main infrastructure is hosted in the Amazon AWS data centre in London. The Amazon AWS data centre itself is used by a number of prominent Internet-driven companies and fully complies with major certifications. More information on its compliance can be found here: https://aws.amazon.com/compliance/

When a document is sent out to a signer, we convert the document into a PDF (if it isn’t already). We then split the PDF into individual pages and convert them into images, allowing recipients to sign each page on any device, without having to open the PDF itself. Both the original PDF and images are all stored within the Amazon AWS data centre and also backed up to a cluster of dedicated servers that we solely control within Europe (London & Germany).

When the document is signed and completed, we merge the pages back together, combine them with the signature information and present the final signed PDF for download. The completed PDF also has a signature certificate or audit log on the back page detailing where and when the document has been ensuring the document was signed legally. Each party assigned to the document is instantly emailed to confirm their signature, with the PDF copy (including the signature certificate) included as an attachment. Finally, a copy of the completed document is then stored at Signable’s London-based Amazon AWS data entre to ensure parties are able to request this.

All data stored by Signable is encrypted at rest and during transport. Data transport between Signable’s internal systems is also encrypted, and every action logged and recorded. The keys required to encrypt and decrypt the data are stored in an HSM provided by AWS and restricted to the minimum number of required people.