As a Trusted Service Provider, the security and confidentiality of the data we collect has always been at the heart of our concerns. Yousign has therefore ensured that it complies with GDPR across all its activities and guarantees the confidentiality of documents and information processed and hosted on our servers and those of our subcontractors.
Yousign collects, processes and stores confidential data of its customers and third-party signatories such as first and last name, email address, telephone number and IP address. This processing is carried out within the framework of the electronic signature service agreement binding Yousign to its customers. Yousign retains this data for the entire duration of the agreement.
The data in the audit trail, created during each signature procedure, is retained by the third-party archiver for a period of 10 years from its creation without the expiry or termination of the agreement being able to call into question this retention period.
When our customers use our Services, we collect and process certain information on their behalf. Our customers are therefore controllers of the data in accordance with Article 4 of GDPR. Yousign, as a service provider, then acts as a processor. As such, we undertake to assist our customers in ensuring the compliance of their processing.
We have technical and organisational measures in place for the security and protection of your data.
For more details, please see our security page.
Yousign has put in place a series of measures to ensure compliance with GDPR.
Yes. We keep up to date a comprehensive list of all our subcontractors and have ensured that all those who might process personal data undertake to comply with existing legal frameworks. We can provide you with this list upon request.
From your customer space you have the option to amend and update your personal information. For more details, please refer to the Help center.
You may also exercise your right of access, rights to rectification, erasure and data portability, and rights to object and restrict processing, in accordance with the regulations in force. To do so, you can send your request by e-mail to the following address: firstname.lastname@example.org.
If you feel that we have not respected your rights, you may refer the matter to the Supervisory Authority in the country in which you reside.
Yousign is authorised to process the personal data necessary on behalf of its customers to provide the services to which they have subscribed.
In this case, Yousign acts as the processor of this data, so we are not authorised to manage your requests regarding right of access, rights to rectification, erasure and data portability, and rights to object and restrict processing. Therefore, you should directly contact the organisation that uses Yousign's services as part of your electronic signature process.
Of course, Yousign is committed to working with its customers to respond to the requests submitted.