Data are encrypted when stored with the AES symmetric encryption algorithm and a 256 bit key handled by Yousign. Data in transit are encrypted using the TLS protocol. Only state-of-the-art TLS versions are authorised.
Access to infrastructure is protected by a VPN. The VPN authentication is personal and depends on several authentication factors including a password, a physical security key and a certificate.
Data are replicated in real time in several geographical areas.
Yousign solutions are exclusively hosted in France. The evidence files we create for each electronic signature are legally archived at Arkhinéo, a third-party archiver certified at European level.
Yousign deploys an audit programme to have its solutions continuously tested by independent experts (annual technical audits) and by the community (Bug Bounty). If you have identified a vulnerability, please report it to firstname.lastname@example.org.
All Yousign team members have the SecNumacadémie Certificate of Achievement for awareness training modules produced by the French National Agency for the Security of Information Systems (ANSSI)
The eIDAS regulations standardise the rules for the use and legal recognition of the electronic signature processes of EU member countries. Yousign is a trusted third party and has eIDAS certifications for electronic signature, electronic seal and time stamping.
The European Data Protection Regulation (GDPR) strengthens the protection of the personal data of EU citizens. Yousign is a trusted third party and ensures the highest level of compliance with the GDPR.
Their agreements are powered by Yousign
and 15,000+ other beloved companies
free 14-day trial
15 000+ growing SMBs trust Yousign to sign their documents