Skip to main content
Yousign & the GDPR
Ferdinand avatar
Written by Ferdinand
Updated over 4 months ago

📖 Table of contents

Yousign & the GDPR


Yousign has introduced a series of measures to guarantee its compliance with the GDPR.

This page informs you of the measures taken by Yousign regarding the collection, storage, protection and use of data.

Where is my personal data hosted?


All data is stored on storage spaces located in France with three service providers: OVH, Amazon AWS and Microsoft Azure. The physical security of these data centers is managed by these partners.

Among the security measures put in place are:

  • A 24/7 surveillance staff;

  • An access control system;

  • Video surveillance;

  • Motion detection system.

We are working to spread our services over several physical locations to ensure maximum resiliency of our services.

In addition, documents are stored encrypted in our partners' data centers using the AES256 encryption algorithm, with the encryption keys operated and maintained by Yousign.

What personal data does Yousign collect?


Yousign may collect different types of personal data, depending on the services you use.

I am a Yousign paying customer

The personal data that may be collected depends on the services you have subscribed to. The data collected can include your surname, first name, e-mail address, telephone number, IP address and proof of identity.

I am a user of the free version of Yousign

The personal data that may be collected depends on the services you use. The data collected includes your surname, first name, e-mail address, telephone number and IP address.

I am an external signer

Your data is entered by the customer of the paid or free version of Yousign when they create a signature request. The data entered includes your last name, first name, email address, and phone number. Depending on the service used, Yousign may collect your IP address, or your ID.

I receive marketing or commercial communications from Yousign

Your data is entered by you or via a third-party partner, depending on your choices and applicable regulations. The information you provide includes your last name, first name, e-mail address and telephone number.

You can object to the use of your data for marketing purposes at any time by completing this form.

I am visiting the Yousign website

Like most websites, Yousign uses cookies to make it easier for you to use our site. Depending on the preferences you have set, cookies may be deposited and/or read when you visit our website. You can access these settings at any time from the Cookie Policy.

For more information, see our Privacy Policy.

What measures does Yousign put in place to protect my data?


Yousign is committed to respecting your data. We have implemented a variety of technical and organizational measures to ensure the security of the personal data you provide to us, including:

  • encryption of documents;

  • data segregation;

  • internal and external security audits;

  • data availability and resilience.

For more information, please visit our GDPR page and Security page dedicated to the subject.

Is Yousign contractually committed to its customers regarding the GDPR?


Yes. The RGPD requires that the subcontracting of a data processing is framed by a contract. Yousign has integrated directly into its Terms and Conditions data protection clauses providing for the duration of the processing, the nature and purpose of the processing, the type of personal data and the categories of data subjects, as well as the obligations and rights of the controller.

What is the role of Yousign in the framework of the GDPR?


Yousign is both a processor and a controller under the GDPR.

  • Yousign acts as a subprocessor when its its paying customers or free users use its services as described in the Terms and Conditions. Customers can use the features available in the Yousign application to manage personal data.

  • Yousign acts as a data controller when Yousign determines the purposes and means of processing the personal data collected (for example, when Yousign stores account information for administration purposes, managing access to services or providing customer support).

For more information, see our Terms and Conditions and Privacy Policy.

How to exercise my rights?


Yousign is committed to protecting your data, which is why we respect your rights of access, rectification, deletion, limitation of processing, opposition to processing, portability, or not to be subject to an automated individual decision.

I am a customer of the paid version, a user of the free version, a recipient of marketing or commercial communications or a visitor to the Yousign website.

You can exercise your rights by completing this form.

I am an external signer

In this case, Yousign acts as a subprocessor of this data, we are not entitled to manage your requests for rights. You must therefore contact the organization that uses Yousign's services directly for your electronic signature request. Naturally, Yousign is committed to collaborating with its customers for whom it acts as a subprocessor to respond to requests.

You can exercise your rights by completing this form.

Did this answer your question?