eSignly Privacy Policy

Last Updated: January 14, 2026

Your trust is important to us. This policy explains our commitment to protecting your privacy.

1. Introduction

Welcome to eSignly. This Privacy Policy outlines how eSignly, operated by Cyber Infrastructure Inc. ("we," "us," or "our"), collects, uses, maintains, and discloses information collected from users (each, a "User") of the www.esignly.com website, our mobile applications, and our related services, including our API (collectively, the "Service"). This policy applies to the Service and all products and services offered by eSignly. We are committed to protecting your privacy and handling your data in an open and transparent manner. Our goal is to provide you with a secure and reliable e-signature solution while respecting your privacy rights.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation or set of operations which is performed on Personal Data, such as collection, recording, organization, structuring, storage, adaptation, or alteration.
  • Data Controller: The natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of Personal Data. For the purpose of this policy, eSignly is the Data Controller of our Users' information.
  • Data Processor: A natural or legal person which processes Personal Data on behalf of the controller. When you use our Service to process documents containing personal data of third parties, you are the Data Controller and eSignly is the Data Processor.
  • User: Any individual who accesses or uses our Service. This includes account holders and individuals who are invited to sign documents.

3. Information We Collect

We collect information to provide and improve our Service. The types of information we collect depend on how you interact with us.

3.1 Information You Provide to Us

  • Account Information: When you register for an eSignly account, we collect your name, email address, password, phone number, and company name.
  • Payment Information: If you subscribe to a paid plan, we collect billing information, such as your credit card details and billing address. This information is processed securely by our third-party payment processor, Stripe.
  • Content: We collect and store the files, documents, and other content you upload, send, or receive through our Service. This includes the electronic signatures themselves and the associated audit trails.
  • Communications: If you contact us directly for support or other inquiries, we may receive additional information about you, such as the contents of your message and any attachments you may provide.

3.2 Information We Collect Automatically

  • Usage Data: We collect information about your interactions with our Service, such as the pages you visit, the features you use, the time, frequency, and duration of your activities.
  • Device and Connection Information: We collect information about the computer or mobile device you use to access our Service, including the hardware model, operating system, IP address, browser type, and language.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Please see our "Cookies & Tracking" section below for more details.

4. How We Use Information

We use the information we collect for various purposes, grounded in legitimate business interests and legal compliance.

  • To Provide and Maintain the Service: To create and manage your account, process transactions, facilitate the signing of documents, and provide you with the core functionalities of our platform.
  • To Improve and Personalize the Service: To understand how our users interact with the Service, to develop new features, and to personalize your experience.
  • To Communicate with You: To send you service-related announcements, technical notices, updates, security alerts, and support messages. We may also send you marketing communications, which you can opt-out of at any time.
  • For Security and Fraud Prevention: To verify accounts and activity, to monitor for suspicious or fraudulent behavior, and to identify and address violations of our terms of service.
  • For Legal Compliance: To comply with legal obligations, such as responding to lawful requests from public authorities, and to enforce our agreements and policies.

5. How We Share Information

We do not sell your Personal Data. We may share your information only in the limited circumstances described below.

  • With Other Users: When you use the Service to send a document for signature, we share information about you (like your name and email address) with the other parties to that transaction to facilitate the signing process.
  • With Service Providers: We work with third-party service providers (subprocessors) to help us operate, provide, improve, and secure our Service. These include payment processors (e.g., Stripe), cloud hosting providers (e.g., AWS), and customer support platforms. These providers have access to your information only to perform tasks on our behalf and are obligated not to disclose or use it for any other purpose.
  • For Legal Reasons: We may disclose your information if we believe it's required by applicable law, regulation, legal process, or government request. This includes protecting the rights, property, and safety of eSignly, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, bankruptcy, or other sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your Personal Data.

6. Data Security

We take the security of your data very seriously. We implement a variety of technical and organizational measures designed to protect your information from unauthorized access, use, alteration, or disclosure. These measures include:

  • Encryption: Data is encrypted in transit using TLS and at rest using AES-256 encryption.
  • Access Control: We follow the principle of least privilege, limiting access to your data to authorized personnel who have a legitimate business need.
  • Compliance and Certifications: We are compliant with leading industry standards, including SOC 2 Type II, ISO 27001, HIPAA, and GDPR, to ensure our security practices are robust and independently verified.
  • Audit Trails: We maintain detailed, tamper-evident audit trails for every document, capturing every action taken during the signing process.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

7. Data Retention

We retain your Personal Data for as long as your account is active or as needed to provide you with the Service. We may also retain your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Once the retention period expires, we will securely delete or anonymize your information.

8. Your Rights & Choices

Depending on your location, you may have certain rights regarding your Personal Data under local data protection laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

8.1 Rights for Users in the EEA/UK (GDPR)

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

8.2 Rights for Users in California (CCPA)

  • Right to Know: You have the right to know what personal information is being collected about you and how it is used and shared.
  • Right to Delete: You have the right to request the deletion of your personal information held by us.
  • Right to Opt-Out: We do not sell personal information, so the right to opt-out of the sale of your data is not applicable.
  • Right to Non-Discrimination: You have the right not to be discriminated against for exercising your privacy rights.

To exercise any of these rights, please contact us at help@esignly.com. We will respond to your request within the timeframes required by law.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to provide and support our website and Service. Cookies are small text files stored on your device that help us operate our sites, remember your preferences, and understand user activity. We use both session cookies (which expire when you close your browser) and persistent cookies (which stay on your device for a set period). We use them for essential operations, performance analytics, and functionality. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Service.

10. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, using legal mechanisms such as Standard Contractual Clauses for transfers of data where required.

11. Children's Privacy

Our Service is not intended for use by individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

12. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:

eSignly / Cyber Infrastructure Inc.
2880 Zanker Road, #203
San Jose, CA 95134, USA
Email: help@esignly.com
Phone: +1 (908) 460-1084

Frequently Asked Questions

No. eSignly does not sell, trade, or rent your Personal Data to others. We only share information with trusted third-party service providers who assist us in operating our Service, and they are bound by strict confidentiality agreements.

You can request to access, update, or delete your personal information by contacting our support team at help@esignly.com. We will process your request in accordance with applicable data protection laws, as detailed in the "Your Rights & Choices" section of this policy.

Yes. We are committed to full compliance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our policy outlines the specific rights you have under these regulations and how you can exercise them.

Our services are hosted on secure servers located in the United States, managed by leading cloud infrastructure providers like Amazon Web Services (AWS). We employ robust security measures and legal frameworks for any international data transfers to ensure your data is protected.