Privacy Policy

GuidedSign (“we,” “us,” “our”) operates the website at www.guidedsign.com and the GuidedSign e-signing platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials through our authentication provider (Clerk). If you subscribe to a paid plan, payment information is processed by Stripe — we do not store credit card numbers.

Documents and Signing Data

When you upload documents for signing, we store the PDF files securely in Cloudflare R2 object storage. When signers complete fields (signatures, initials, text, dates), we store the completed field data in our database.

Signing Audit Trail

For each signing session, we collect and store an audit trail that includes: IP address, browser user agent, timestamps for each action (session opened, consent given, each field completed, session completed), and inactivity/stall detection data. This audit trail is required for legal compliance with the ESIGN Act and UETA.

Signer Information

When a document sender adds signers, we collect signer names and email addresses. Signers do not need to create an account to sign documents. Signer email addresses are used solely to deliver signing links.

Automatically Collected Information

We automatically collect certain information when you visit our website, including IP address, browser type and version, operating system, referring URL, and pages visited.

2. How We Use Your Information

We use collected information to:

• Provide and operate the GuidedSign e-signing platform
• Send signing links and notifications via email
• Maintain legally compliant audit trails for signed documents
• Process payments and manage subscriptions
• Improve our service and user experience
• Respond to support requests
• Comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We share information only with service providers necessary to operate GuidedSign:

• Clerk — Authentication and user management
• Neon — PostgreSQL database hosting
• Cloudflare R2 — Secure document storage
• Resend — Transactional email delivery
• Stripe — Payment processing
• Vercel — Application hosting

We may also disclose information if required by law, court order, or government request.

4. Data Storage and Security

Your data is stored in the United States using industry-standard cloud infrastructure. Documents are encrypted at rest in Cloudflare R2. Database connections use TLS encryption. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

5. Data Retention

We retain your account data for as long as your account is active. Signed documents and their audit trails are retained for a minimum of 7 years from the date of signing to comply with standard legal retention requirements. You may request deletion of your account and associated data by contacting us.

6. Your Rights

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your account and data (subject to legal retention requirements)
• Opt out of marketing communications

California residents may have additional rights under the CCPA. Contact us for more information.

7. Children’s Privacy

GuidedSign is not intended for use by children under 18. We do not knowingly collect personal information from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of GuidedSign after changes constitutes acceptance of the updated policy.

9. Contact Us

If you have questions about this Privacy Policy or your data, contact us at: support@guidedsign.com