Privacy Policy

1. Introduction

SigPDF (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website at sigpdf.com (the “Service”).

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws in Germany and the European Union.

2. Data We Collect

2.1 PDF Documents

We do not collect, upload, or store your PDF documents. All PDF processing (viewing, signature placement, and signed PDF generation) happens entirely within your web browser. Your files never leave your device and are never transmitted to our servers.

2.2 Account & Email

When you subscribe, Stripe collects your email address during checkout. We use this email to send you transactional emails (welcome email, sign-in links, subscription confirmations) via our email provider Resend. We store a Stripe customer identifier in an encrypted, HttpOnly cookie to keep you signed in.

2.3 Payment Information

When you make a purchase, payment is processed by Stripe, Inc. We do not collect or store your credit card details. Stripe processes your payment data in accordance with their Privacy Policy. We receive only a transaction confirmation, customer identifier, and email address from Stripe.

2.4 Usage Data

We use Google Analytics to collect anonymous usage data such as page views, browser type, and approximate location to improve our Service. Google Analytics uses cookies to track interactions. This data does not directly identify individual users. Google Analytics is only loaded after you consent to analytics cookies.

3. Cookies

We use the following types of cookies:

• Essential cookies: An authentication cookie (pdfsigner_auth) to keep you signed in to your subscription. This cookie is strictly necessary for the Service to function and does not require consent.
• Analytics cookies: Google Analytics cookies to understand how visitors use our site. These are only loaded after you give explicit consent via our cookie banner. You can withdraw consent at any time by clearing your browser cookies.

We do not use advertising cookies or sell data to third parties.

4. Data Processing

The legal basis for processing your data (payment information) is the performance of a contract (Art. 6(1)(b) GDPR) — specifically, to deliver the digital product you purchased. For usage data, the legal basis is our legitimate interest in improving the Service (Art. 6(1)(f) GDPR).

5. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate personal data
• Request deletion of your personal data
• Object to or restrict processing of your data
• Data portability
• Lodge a complaint with a supervisory authority

Since we do not store your PDF files and only receive limited payment data via Stripe, the personal data we hold is minimal. To exercise your rights, please contact us at privacy@sigpdf.com.

6. Data Retention

Payment transaction records are retained as required by German tax law (typically 10 years). No PDF document data is ever stored.

7. Third-Party Services

We use the following third-party services:

• Stripe — Payment processing (Privacy Policy)
• Vercel — Website hosting (Privacy Policy)
• Resend — Transactional email delivery (Privacy Policy)
• Google Analytics — Website analytics, loaded only with consent (Privacy Policy)

8. Contact

For privacy-related inquiries, please contact us at: privacy@sigpdf.com