Yousign has introduced a series of measures to guarantee its compliance with the GDPR.
This page informs you of the measures taken by Yousign regarding the collection, storage, protection and use of data.
All data is stored on storage spaces located in France with three service providers: OVH, Amazon AWS and Microsoft Azure. The physical security of these data centers is managed by these partners.
Among the security measures put in place are:
We are working to spread our services over several physical locations to ensure maximum resiliency of our services.
In addition, documents are stored encrypted in our partners' data centers using the AES256 encryption algorithm, with the encryption keys operated and maintained by Yousign.
Yousign may collect different types of personal data, depending on the services you use.
The personal data that may be collected depends on the services you have subscribed to. The data may include your first and last name, email address, phone number, IP address or your ID.
Your data is entered by the client of Yousign when he creates a signature request. Among the data entered are your last name, first name, email address and phone number. Depending on the service used, Yousign may collect your IP address, or your ID.
Yousign is committed to respecting your data. We have implemented a variety of technical and organizational measures to ensure the security of the personal data you provide to us, including:
For more information, please visit our GDPR page dedicated to the subject.
Yousign is both a processor and a controller under the GDPR.
Yousign is committed to protecting your data, which is why we respect your rights of access, rectification, deletion, limitation of processing, opposition to processing, portability, or not to be subject to an automated individual decision.
You can send your request by email to our data protection officer at firstname.lastname@example.org.
In this case, Yousign acts as a subprocessor of these data, we are not entitled to manage your requests for rights. You must therefore contact the organization that uses Yousign's services directly for your electronic signature request. Naturally, Yousign is committed to collaborating with its customers for whom it acts as a subprocessor to respond to requests.
Whatever your status, you can lodge a complaint with your national Data Protection Authority.