How Signatura protects your documents, your signatures, and your audit trail.
All client-server traffic is encrypted with TLS 1.3. Documents and database records are encrypted at rest with AES-256. OAuth refresh tokens for cloud-storage integrations (Google Drive, Dropbox, OneDrive) are stored only server-side, encrypted with a separate key, and never exposed to the browser.
When a document is fully signed, Signatura computes a SHA-256 hash of the final PDF and records it in our database. Anyone can re-verify a Signatura-signed document at app.getsignatura.com/verify by uploading the PDF — we re-hash it in the browser and confirm whether it matches our completion record. This lets you detect modification of the file after it left Signatura. The verification check is against Signatura's records, not a third-party attestation.
Each completed document is delivered with an embedded Certificate of Completion PDF that lists every signer, their IP and timestamp, and the document's SHA-256 hash for offline reference.
For every signing event, Signatura logs:
The audit trail is preserved for the duration of your account and as required by applicable record-keeping laws, and is queryable per-document by the document owner via the dashboard.
Signatura runs on Supabase (PostgreSQL + storage), hosted in the United States. We use a small set of sub-processors and rely on each vendor's published data-protection terms (which generally include Standard Contractual Clauses or Data Privacy Framework certification where the vendor offers them) for international transfers.
See the full sub-processor list at getsignatura.com/sub-processors. We will notify account holders at least 30 days before engaging any new sub-processor.
Every database table has Postgres row-level security (RLS) policies enforcing per-user and per-organization
access. Server-side edge functions verify each request with supabase.auth.getUser()
or signing-token claims; we do not rely on client-side checks for authorization. SQL is parameterized
end-to-end — no string interpolation.
The Auto-Sign feature uses Anthropic Claude to detect signature, date, and text fields in your documents. It is opt-in per session. Pages are sent to Anthropic's API for real-time analysis. Anthropic does not retain your content after the API call, and its data-processing agreement prohibits training on customer inputs. The analysis result returned to Signatura (field positions and types only — not document content) is cached on our infrastructure for up to 1 hour to avoid re-running the analysis if you reload the page, and is then automatically deleted. You can disable Auto-Sign at any time without affecting any other feature.
If we become aware of a personal-data breach affecting you, we will notify you and any applicable supervisory authority without undue delay and within the timeframes required by applicable law. Notices will include the nature of the breach, the categories and approximate number of affected individuals and records, the likely consequences, and the measures we have taken or intend to take.
If you discover a security issue, please disclose it responsibly to security@getsignatura.com. We will acknowledge your report within 2 business days and provide regular updates while remediating.