Signavow is built for organisations where a signature carries commercial, legal, or regulatory weight.
TLS 1.3 in transit, AES-256 at rest. Documents are encrypted from the moment they leave your browser to the moment a signer opens them. Keys are managed via AWS KMS with automatic rotation.
Every event is individually logged: upload, email delivery, link click, document view, consent (with full consent text), signature, and download. Each entry includes IP address, user agent, and ISO 8601 timestamp. Exportable as a signed audit certificate.
SHA-256 hash computed at upload and recorded immutably. Verify at any point that the document presented for signing is identical to what was uploaded. Tamper-evident by design.
All data stored on AWS infrastructure in the UK (eu-west-2). Documents, audit logs, and metadata never leave UK jurisdiction unless explicitly configured for multi-region.
The signing experience contains no analytics cookies, no tracking pixels, no third-party JavaScript. Your counterparties' data stays between you and them. Full stop.
eIDAS (EU), ESIGN Act (US), UK Electronic Communications Act 2000. GDPR-ready with data processing agreements available. Configurable retention policies from 90 days to 7+ years.
Our team is happy to walk through our security architecture with you.
Contact us