We comply with the highest security standards and guarantee the highest level of confidentiality, integrity, and accessibility in our services, by implementing our Information Security Management System (ISMS).
We passed the corresponding audit that certifies that our ISMS complies with the ISO/IEC 27001:2014 standard.
ISO 27001 is an information security standard that was originally published in 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
This standard’s security approach is based on globally recognised standards. These standards describe the requirements that any organisation’s information security management systems (ISMS) must meet to be considered secure.
We have defined development processes for creating safe products. These processes guide the activities that product teams must follow in the different stages of development (requirements, design, implementation, and launch). We also perform numerous security activities for trust services, including:
All Signaturit employees periodically take security and privacy training, which covers security policies and practices, and the company’s privacy principles, among other topics.
We also do phishing awareness campaigns, and notify employees of emerging threats.
As qualified trust service providers and trusted third parties, it’s our duty and commitment to comply with the highest security standards in terms of information security and data protection.
We fully comply with EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), and with Spanish Organic Law 3/2018 on data protection and guaranteeing digital rights. It is our priority to properly manage personal data protection through our platform.
In order to comply with all our obligations regarding the protection of personal data, we’ve implemented various security measures to put the proactive responsibility principle into practice. Here are some of them:
According to the GDPR, biometric data is understood as “personal data obtained from a specific technical process, related to the physical, physiological, or behavioural characteristics of a natural person that allow for or confirm the unique identification of said person, such as facial images or fingerprint data.”
Given that the GDPR considers biometric data to be a special category of personal data, the consent of the owner is required to process that data, in compliance with article 9.2 of the GDPR. With this in mind, before collecting biometric data, Signaturit requests the express consent of the signatory, by having them fill in a mandatory checkbox in the signing process.
More than 2500 companies already trust us