Privacy Policy

Last updated: 2026-04-16

Your privacy matters. This policy explains what data we collect, why, and how we protect it.

Data We Collect

Account information (name, email), documents you upload, signature data (IP address, timestamp, user agent for legal compliance), usage analytics, and payment information (processed by our payment provider — we never store card details).

How We Use Your Data

To provide and improve the service, send transactional emails (signature requests, notifications), process payments, and comply with legal obligations. We do not sell your data.

Data Sharing

We share data only with: our infrastructure providers (hosting, email delivery, payment processing), when required by law, or when you explicitly share documents with others via the platform.

Data Retention

We retain your data as long as your account is active. Deleted documents are permanently removed within 30 days. Audit logs are retained per your plan settings (7–90 days). You can request full data export or deletion at any time.

Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We support MFA, SSO/SAML, and IP whitelisting. Access to production systems is restricted and audited.

Your Rights

You have the right to access, correct, export, or delete your personal data. You can manage email preferences or unsubscribe at any time. Contact us at privacy@scriflow.com for any requests.

Cookies

We use essential cookies for authentication and preferences. We do not use tracking or advertising cookies.