Skip to main content
All CollectionsFAQGeneral information
Is SignatureSatori GDPR compliant?
Is SignatureSatori GDPR compliant?

Terms of Service | Privacy Policy | Data Processing Agreement

Updated over 3 years ago

The short answer: Yes.

The long answer: 

We’re dedicated to secure and responsible handling of any personal data you share with SignatureSatori. All the details about our practices are available in our Terms of Service, Privacy Policy and Data Processing Agreement, this article is just a brief summary of data-related roles and responsibilities.

SignatureSatori as Data Processor

An integral part of SignatureSatori is the Personal Data of your Users (name, email, phone number, etc); you are considered Controller for this data. By using SignatureSatori, you have engaged us as Data Processor to carry out certain activities on your behalf. 

According to Article 28 of the GDPR, the relationship between the Controller and the Processor needs to be made in writing (electronic form is acceptable under subsection (9) of the same Article). This is where our Terms of Service and Privacy Policy come in. These two documents also serve as your data processing contract, setting out the instructions that you are giving to SignatureSatori with regard to processing the Personal data you control and establishing the rights and responsibilities of both parties. 

Data Transfers

The GDPR establishes strict requirements for moving data outside of its scope of protection. To ensure the quality and speed of our services, we sometimes need to use the processing powers of several Sub-processors and transfer your data to them. We mainly utilize the Google Cloud for this. We carefully select our business partners and we will keep an up-to-date list of sub-processors and their Security certifications in our Terms of Service to be fully transparent about these transfers.

SignatureSatori as Data Controller

We also act as Data Controller for the Personal Data we collect about you, the user of our website and webapp.

First and foremost, we process data that is necessary for us to perform our contract with you (GDPR Article 6(1)(b)).

Secondly, we process data to meet our obligations under the law (GDPR Article 6(1)(c)) — this primarily involves financial data and information that we need to meet our accountability obligations under the GDPR.

Thirdly, we process your personal data for our legitimate interests in line with GDPR Article 6(1)(f).

What are these ‘legitimate interests’ we talk about?

  • Improving the app to help you reach new levels of productivity.

  • Making sure that your data and SignatureSatori systems are safe and secure.

  • Responsible marketing of our product and its features.

As the Controller for your personal data, SignatureSatori is committed to respect all your rights under the GDPR.

Did this answer your question?