Privacy Policy
Effective date: 15 July 2026
1.Information we collect
| Account data | Name, email, password (hashed), and workspace membership. |
| Documents & signer data | The files you upload, the fields and values entered, and signers’ names, emails, and signatures. |
| Signing audit data | Timestamps, IP addresses, and events recorded to evidence a signature. |
| Payment data | Handled by Stripe. We receive billing status and the last four digits of the card — never full card numbers. |
| Technical data | Log data such as browser type, IP, and access times, used for security and reliability. |
2.How we use it
- To provide the signing service and deliver documents to your signers.
- To process subscriptions and metered billing.
- To generate the signature audit trail that gives a completed document evidentiary value.
- To secure the service, prevent abuse, and provide support.
- To send service and transactional emails.
3.Legal bases
We process data to perform our contract with you, to comply with legal obligations, for our legitimate interests in operating and securing the service, and — where required — with your consent.
4.Who we share it with
We do not sell your data. We share it only with service providers acting on our behalf:
- Stripe — our third-party payment processor; it collects and stores your card details on its own PCI-DSS-compliant systems and charges your payment method on our behalf. Stripe processes this data under its own privacy policy. CheapSign never receives your full card number.
- Our hosting provider — servers where the service and your documents are stored.
- Google (SMTP relay) — outbound email delivery.
- Authorities, where required by law.
5.Data retention
We keep your documents and account data for as long as your account is active and as needed to provide the service. After account closure we retain data only as long as necessary for legal, accounting, or dispute-resolution purposes, then delete or anonymise it. You may request earlier deletion (subject to legal retention duties).
6.Security
We use encryption in transit (HTTPS), access controls, and reputable infrastructure. No system is perfectly secure, but we work to protect your data and will notify you of a breach where required by law.
7.Your rights
Depending on your location, you may have the right to access, correct, delete, export, or object to the processing of your personal data, and to withdraw consent. To exercise these rights, contact us. If you are a signer, please also contact the sender who initiated the document.
8.International transfers
Your data may be processed in countries other than your own. Where required, we rely on appropriate safeguards for such transfers.
9.Cookies
We use strictly necessary cookies to keep you signed in and to operate the service. We do not use advertising cookies.
10.Children
CheapSign is not directed to children under 18 and we do not knowingly collect their data.
11.Changes & contact
We may update this policy and will note the new effective date. Questions or requests: contact@qalamsoftware.com.