Document security, locked down
At Signable, your security is our priority. We use advanced encryption to protect your documents and meet trusted compliance standards like ISO 27001 and GDPR. Our platform is built with robust measures to keep your data safe, giving you peace of mind with every signature.
Signable’s security accreditations
eIDAS
The eIDAS regulation (Electronic Identification, Authentication, and Trust Services) sets the rules for using electronic signatures legally in the UK and EU. It ensures that electronic transactions are secure, reliable, and legally recognised. Signable fully complies with these standards, offering a trusted solution for seamless and secure electronic interactions.
USA ESIGN Act
and UETA
The ESIGN Act (Electronic Signatures in Global and National Commerce Act) and UETA (Uniform Electronic Transactions Act) are U.S. laws that give electronic signatures the same legal status as handwritten ones. Signable is fully compliant with these regulations so you can trust our solution wherever you do business in the U.S.
ISO 27001
ISO 27001 is the globally recognised gold standard for managing information security. Signable is ISO 27001 certified, demonstrating our commitment to managing and protecting your sensitive data with the highest level of care.
Cyber Essentials
Cyber Essentials is a UK government-backed certification that helps organisations protect themselves against common cyber threats. Signable is Cyber Essentials certified, which means we’ve taken robust steps to defend against cyber threats. Our systems are equipped with strong security controls to keep your data safe.
GDPR
GDPR (General Data Protection Regulation) is an EU law designed to protect your personal data and privacy. We fully adhere to GDPR requirements, ensuring your personal and business data is handled responsibly and securely. Signable follows strict privacy principles to give you confidence in how your data is used and protected.
AES
Advanced Electronic Signatures (AES) offer enhanced security and authentication for electronic transactions. They are designed to verify the signer’s identity and ensure the document remains tamper-proof. Signable is actively working to support AES, bringing you an even stronger and more secure solution for handling sensitive and high-value documents.
Software security & compliance
eSignature compliance
Our platform meets and exceeds all regulations for handling documents signed with electronic signatures. With SSL 256-bit encryption protecting every page, your documents stay secure from start to finish.
Secure UK data storage
All data stored and processed within Signable remains securely within the UK. Our infrastructure is hosted in Amazon AWS’s advanced data centre in London, keeping your information compliant and protected.
Vulnerability scanning
We routinely run automated vulnerability scans and commission penetration tests to identify and fix any potential security risks. It’s part of how we maintain ISO 27001 standards.
Encryption
All your data is encrypted – both at rest and in transit. We manage encryption keys using AWS’s secure Hardware Security Module (HSM), limiting access to authorised personnel only.
Employee access
Your data is tightly controlled. Signable employees cannot view your documents without your explicit permission, and every action is logged for full transparency.
Incident response
We have robust plans in place to manage unexpected incidents or disasters. From technical hiccups to major incidents, our team is ready to respond quickly. You’ll get clear updates on our status page to keep you informed.
Service level and backups
Signable delivers high service availability (99.78% uptime in 2024) and takes regular backups of critical data, to safeguard against loss. We’re ready to restore systems fast if an issue arises.
Internal awareness and training
Security is a team effort. Every Signable employee receives ongoing training to stay up to date with the latest best practices, keeping our operations secure from the inside out.
Built-in product security
Two Factor Authentication (2FA) login
Add extra protection to your account with 2FA. Logins require both your password and a code from your authenticator app, ensuring only you can access your account.
Password protection for documents
Choose to add a password to any document you send, so only the right people can view it. Share the password securely for extra peace of mind.
Full audit trail
Every document you send comes with a detailed audit trail. It tracks every step of the signing process, providing clear evidence that can be used in court.
IP address allow lists
Control who can log into your account by setting up an IP address allowlist. Only devices from approved networks can access your Signable account.
User roles
Grant users the appropriate permission levels for their role in your organisation. Control what access each team member receives and keep your sensitive business documents secure.
2FA for signers
Add an extra layer of security by enabling 2FA for your signers. Recipients will need to enter a one-time code sent to their mobile device via SMS to confirm their identity before viewing or signing a document.