We comply with the highest security standards and guarantee a high level of confidentiality, integrity, and accessibility in our services by implementing our Information Security Management System (ISMS):
At Signaturit, we have passed the corresponding audit that certifies that our ISMS complies with the ISO/IEC 27001:2014 standard.
ISO 27001 is an information security standard that was originally published in 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
This standard’s security approach is based on globally recognized standards. These standards describe the requirements that any organization’s information security management systems (ISMS) must meet to be considered secure.
We have defined development processes for creating safe products. These processes guide the activities that product teams must follow in the different stages of development (requirements, design, implementation, and launch). We also perform numerous security activities for trust services, including:
Signaturit employees periodically undergo the company’s security and privacy training, covering security policies, best security practices, and the company’s privacy principles, among other topics.
At Signaturit, we also undergo phishing awareness campaigns and notify employees of emerging threats.
As qualified trust service providers and trusted third parties, it is our duty and commitment to comply with the highest security standards in terms of information security and data protection:
We fully comply with EU Regulation No. 2016/679 regarding protections for processing the personal data of natur persons and the free circulation of these data (GDPR), and with Organic Law 3/2018 on data protection and guaranteeing digital rights. It is our priority to properly manage personal data protection through our platform.
In order to, we have implemented various security measures to put the proactive responsibility principle into practice.
Here are some of them:
According to the GDPR, biometric data is understood as those “personal data obtained from a specific technical process, related to the physical, physiological, or behavioural characteristics of a natural person that allow for or confirm the unique identification of said person, such as facial images or fingerprint data.”
Given that the GDPR considers biometric data to be a special category of personal data, the consent of the owner is required to process said data in compliance with article 9.2 of the GDPR. With this in mind, before collecting biometric data, Signaturit requests the express consent of the signer by having him or her fill in a mandatory checkbox within the signing process.
More than 2,500 companies already trust us