Nota Sign
Trust Center

At Nota Sign the security and privacy of customer data is our #1 priority. Nota Sign meets or exceeds stringent US, EU and global security standards.

Contact Sales

U.S. ESIGN Act and UETA

The U.S. Electronic Signatures in Global and National Commerce (ESIGN) Act and the Uniform Electronic Transactions Act (UETA) each require four conditions for a valid electronic signature: (a) intent to sign, (b) consent to do business electronically, (c) association of the signature with the record, and (d) retention of records. Nota Sign ensures compliance with these requirements under U.S. ESIGN and UETA laws.

eIDAS

Regulation (EU) No 910/2014 (“eIDAS”) sets the legal framework for three types of electronic signatures—simple (SES), advanced (AES) and qualified (QES)—across the EU and, via the UK’s retained eIDAS regime, in the UK. QES is the highest assurance level and has the same legal effect as a handwritten signature under Article 25; Nota Sign provides QES-level signatures.

ISO 27001 & ISO27701

Nota Sign is ISO 27001, ISO 27701 certified, which demonstrates our unwavering commitment to information security and showcases our proactive approach to safeguarding sensitive data.

SOC2

Nota Sign has implemented comprehensive controls designed to meet the SOC 2 Trust Services Criteria. Our services run on a hardened, multi-region cloud infrastructure with geo-redundant data centers, strong encryption, continuous monitoring, and strict access controls. This document describes our control environment and how we leverage industry-leading cloud security capabilities to protect customer data.

GDPR

The EU GDPR is a consolidated legal framework intend to ensure the protection of “fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data”. Nota Sign committed to strict compliance with GDPR.

CCPA

The California Consumer Privacy Act (CCPA) establishes consumer privacy rights for California residents and regulates businesses handling personal information. As the first U.S. consumer privacy law, it’s comparable to the EU’s GDPR. Effective January 1, 2020, the CCPA has been amended by the CPRA as of March 29, 2023. Nota Sign is CCPA compliant.

Nota Sign’s priority is to ensure that your experience is both safe and secure.

Privacy

We put your data sovereignty first: rigorous protection with end-to-end transparency so your data is visible, controllable, and revocable across collection, storage, and use.

Security

On our cloud platform, security is deeply integrated into the infrastructure architecture from the bottom design, combined with built-in multiple protection mechanisms and a global network system, to build a comprehensive security guarantee for your information, identity, applications, and devices from the root to the end.

Compliance

As a specialist in agreements technology, we operate on a compliance-by-design principle: a service stack built to rigorous standards and validated by recognized certifications. With deep industry adaptation, we align signing workflows, evidence management, and data governance with sector-specific rules, providing continuous, auditable support for compliant operations.

Nota SignTrust Center