HandySignature IS FULLY GDPR COMPLIANT

The purpose of the General Data Protection Regulation (GDPR) is to strengthen and harmonize the rights of registered citizens, as well as to protect the free exchange of personal data in the EU. The regulation basically imposes higher requirements on organizations processing personal data (organizations responsible for data, data controllers, as well as data processors), whereas registered persons whose personal data is handled will benefit from extended rights.

HandySignature is Fully GDPR Compliant

At HandySignature we process employee data on behalf of companies when they manage their email signatures in our platform. All our data is stored in secure ISO 27001 certified environments and the location of where data is stored will never leave the location they are stored in. We are fully GDPR compliant.

Is Data in an Email Signature Sensitive Data?

An essential part of the General Data Protection Regulation is the processing of information about persons, which is defined as any type of information about an identifiable person. The term “personal data” is very broad and can relate to everything from a person’s name, gender, address and phone number to income, illnesses, employment and education. Data in an email signature is rarely sensitive data. This is data, which everyone can get hold of without much hassle, and there is nothing sensitive even in a mobile phone number. However, HandySignature processes all data as if it was personal data and therefore we offer the best possible security when processing data.

Data Processing Agreement (DPA)

As HandySignature very often processes data, we are aware of the requirements for the processing of other companies’ personal data. Therefore we have prepared a Data Processing Agreement (DPA) for our customers in order to meet the high requirements of the GDPR. This applies to the processing of data in order to continue to be able to serve our clients with the best possible data protection. The EU´s data privacy law of 25 may, 2018 applies not only to EU-based organizations, but also anyone who has customers or contacts in EU.
To download and approve our DPA please login with your account and return to this page.

Storage of Data

The GDPR also stipulates significant requirements to the data processor’s implementation of security measures related to storage of personal data. The data processor must secure its data from attacks. It must also be secure from accidental destruction, by establishing digital and physical measures to protect the integrity of the stored data. Examples hereof involves encryption and pseudonymization of data files, physical locking and fireproofing of server facilities and ensuring a proper policy for the transfer of data. HandySignature already meets these requirements as all data is hosted by Microsoft Azure’s ISO27001 certified data centers in the US and in the EU. As such, we can make sure that data never leaves the EU (until the client sends data in a signature in an email). HandySignature works proactively and continuously to secure the best possible protection of our users’ personal data. We do so by keeping up to date on developments in the personal data rights and on how to secure safe storage and processing of user information. Your company’s data is completely safe with HandySignature.

Download and delete all your data

You are able to delete and download all your data that has been downloaded to our servers. To download or delete your data - Login with your account and return to this page.

Questions? Just Ask Us!


You can always ask us about any issues or concerns related to the GDPR and the data we process for your company.

Delete all your data

Send us an Email

attach files
Send Message