← Back to Login

Privacy Policy

Last updated: February 2026

1. Introduction

SignFlow by DP Technologies (“we”, “us”, “our”) is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our document compliance management platform.

2. Data We Collect

We collect the following personal data:

Account Information: Name, email address, phone number, department, and job title as provided by your employer or through Active Directory synchronization.

Usage Data: Document viewing history, signature timestamps, IP addresses for audit logging, and interaction with the platform.

Documents: PDF files uploaded by your organization's administrators for compliance purposes.

3. How We Use Your Data

Your data is used exclusively for:

  • Providing document compliance management services to your organization
  • Tracking document acknowledgment and signatures for legal compliance
  • Sending email notifications about pending documents and reminders
  • Generating compliance reports for your organization's administrators
  • Maintaining audit trails as required by regulatory standards

4. Data Protection

We implement the following security measures:

  • All data is transmitted over HTTPS (TLS encryption in transit)
  • Sensitive fields such as phone numbers are encrypted at rest using AES-256-GCM
  • Role-based access control ensures users only see data relevant to their role
  • All actions are logged in an immutable audit trail
  • Database hosted on Supabase with enterprise-grade security and daily backups

5. Data Sharing

We do not sell, trade, or share your personal data with third parties. Data is only accessible to:

  • Your organization's authorized administrators
  • SignFlow platform operators for technical support purposes

We use the following service providers who process data on our behalf:

  • Supabase (database hosting and authentication)
  • Vercel (application hosting)
  • Resend (email delivery)

6. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

Access: Request a copy of all personal data we hold about you.

Rectification: Request correction of inaccurate personal data.

Erasure: Request deletion of your personal data (“right to be forgotten”).

Data Portability: Receive your data in a structured, machine-readable format.

Objection: Object to the processing of your personal data.

To exercise any of these rights, contact your organization's administrator or email us at info@dp-technologies.net.

7. Data Retention

We retain your data for as long as your organization maintains an active subscription. Upon cancellation, all company data including personal information, documents, and audit logs is permanently deleted within 30 days unless a longer retention period is required by law.

8. Contact

For privacy-related inquiries:

DP Technologies

Email: info@dp-technologies.net

Website: dp-technologies.net