Your privacy is our priority. Here's how we collect, use, and protect your data.
Last updated: October 21, 2025
Welcome to OleSign's Privacy Policy. This policy describes how OleSign, Inc. ("OleSign", "we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our electronic signature platform, website, mobile applications, and related services (collectively, the "Services").
We are committed to protecting your privacy and ensuring you have a positive experience on our platform and in using our products and services. This Privacy Policy applies to all information collected through our Services and communications with you, including via email, SMS, or other electronic messaging.
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use our Services. This policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check this policy periodically for updates.
We collect several types of information from and about users of our Services, including:
Account Registration Information: When you create an OleSign account, we collect your name, email address, phone number, company name, job title, billing address, and password. For business accounts, we may also collect your company's tax identification number and business registration details.
Document Content: We process and store the documents you upload to our platform, including any text, images, signatures, initials, and other content contained within those documents. We also collect metadata associated with your documents, such as file names, timestamps, sender and recipient information, and document status (sent, viewed, signed, completed).
Payment Information: When you purchase our paid services, we collect payment information through our secure payment processor. This may include credit card numbers, billing addresses, and transaction history. Please note that we do not store complete credit card numbers on our servers; this information is securely processed and stored by our PCI DSS-compliant payment processor.
Communications: When you contact us via email, phone, chat, or other means, we collect the contents of your message, your contact information, and any attachments you send. We maintain records of our communications with you to provide better customer service and improve our Services.
Profile Information: You may choose to provide additional profile information, such as your profile photo, company logo, signature style preferences, and notification settings. This information helps us personalize your experience with our Services.
Usage Data: We automatically collect information about how you interact with our Services, including pages viewed, features used, documents created and sent, time spent on pages, links clicked, and the pages that referred you to our Services. This helps us understand user behavior and improve our platform.
Device and Browser Information: We collect information about the devices and browsers you use to access our Services, including device type, operating system, browser type and version, IP address, device identifiers, screen resolution, and language preferences. This information helps us optimize our Services for different devices and troubleshoot technical issues.
Location Information: We may collect general location information based on your IP address to provide localized services, prevent fraud, and comply with legal requirements. We do not collect precise geolocation data without your explicit consent.
Cookies and Similar Technologies: We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing activities. For detailed information about our use of cookies, please see our Cookie Policy.
Log Files: Our servers automatically record certain information in log files, including requests made to our servers, timestamps, referring URLs, and error messages. We use this information for system administration, security monitoring, and service improvement.
We may receive information about you from third-party sources, including business partners, service providers, identity verification services, and publicly available sources. This may include business contact information, employment information, and company details. We use this information to verify your identity, prevent fraud, and enhance our Services.
We use the information we collect for various purposes, including:
We use your information to create and manage your account, process your documents, facilitate electronic signatures, deliver notifications, provide customer support, and generally operate and maintain our Services. This includes processing payments, managing subscriptions, and providing technical support when you encounter issues.
We analyze usage patterns and user feedback to understand how our Services are used, identify areas for improvement, develop new features, and enhance the overall user experience. We may conduct surveys, A/B testing, and user research to inform our product development decisions.
We use your contact information to send you important service updates, security alerts, account notifications, and administrative messages. With your consent, we may also send you marketing communications about new features, special offers, and other information we think may interest you. You can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email or updating your communication preferences in your account settings.
We use your information to detect, prevent, and respond to fraud, unauthorized access, security incidents, and other potentially harmful or illegal activities. This includes verifying identities, monitoring for suspicious behavior, investigating security incidents, and enforcing our Terms of Service.
We may use your information to comply with applicable laws, regulations, legal processes, and governmental requests. This includes responding to court orders, subpoenas, and other legal demands, as well as protecting our rights, property, and safety and that of our users and the public.
We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:
When you send documents for signature, we share the necessary information with the recipients you specify. We may also share your information with third parties when you explicitly consent to such sharing, such as when integrating with third-party applications or services.
We engage trusted third-party service providers to perform functions on our behalf, such as hosting services, data storage, payment processing, email delivery, customer support, analytics, and marketing services. These service providers have access to your information only as necessary to perform their functions and are obligated to protect the confidentiality and security of your information.
If we are involved in a merger, acquisition, asset sale, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your information.
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government investigation). We may also disclose your information when we believe disclosure is necessary to protect our rights, property, or safety, or that of our users or the public, or to prevent or stop activity we consider to be illegal or unethical.
We may share aggregated or anonymized information that cannot reasonably be used to identify you. For example, we may share statistics about document signing trends, usage patterns, or industry benchmarks with partners, investors, or the public.
We implement comprehensive security measures to protect your information from unauthorized access, disclosure, alteration, and destruction. Our security practices include:
Encryption: All data transmitted between your device and our servers is encrypted using industry-standard TLS 1.3 protocol. Data at rest is encrypted using 256-bit AES encryption. All document uploads and downloads are encrypted end-to-end to ensure your sensitive information remains private.
Access Controls: We implement strict access controls and authentication mechanisms to limit access to your information. Access is granted on a need-to-know basis and is regularly reviewed and audited. All employees with access to user data undergo background checks and security training.
Infrastructure Security: Our infrastructure is hosted in secure, SOC 2 Type II certified data centers with 24/7 monitoring, redundant systems, and multiple layers of physical and network security. We regularly perform security audits, vulnerability assessments, and penetration testing to identify and address potential security risks.
Incident Response: We maintain an incident response plan to quickly detect, respond to, and recover from security incidents. In the event of a data breach that affects your personal information, we will notify you promptly in accordance with applicable laws and regulations.
Compliance Certifications: OleSign maintains compliance with industry standards and regulations, including SOC 2 Type II, ISO 27001, HIPAA, GDPR, and CCPA. We undergo regular third-party audits to verify our compliance with these standards.
While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information using industry best practices and continuously improving our security posture.
We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The retention period depends on the type of information and the purposes for which it is used:
Account Information: We retain your account information for as long as your account is active. If you close your account, we will delete or anonymize your account information within 90 days, except where we need to retain it for legal, regulatory, or business purposes.
Document Content: Active documents are retained for as long as needed to provide the Services. When you delete a document, it is marked for deletion and removed from active storage within 30 days. Backup copies are purged within 90 days. For compliance and legal purposes, we may retain certain document metadata (such as who signed a document and when) for up to 7 years after account closure.
Communication Records: Customer support communications, transaction records, and other business records are retained for up to 7 years to comply with legal requirements and resolve disputes.
Analytics and Log Data: Usage data, analytics, and log files are typically retained for 12-24 months for operational purposes and security monitoring. Aggregated and anonymized analytics may be retained indefinitely.
Depending on your location, you may have certain rights regarding your personal information:
You have the right to access your personal information and request a copy of the data we hold about you. You can download your documents and account information directly from your account dashboard. For additional information or to request data in a specific format, please contact our privacy team at privacy@olesign.net.
You can update your account information, profile details, and preferences at any time through your account settings. If you believe any information we hold about you is inaccurate or incomplete, you have the right to request correction.
You have the right to request deletion of your personal information, subject to certain exceptions. You can delete your account through your account settings, which will initiate the deletion process. Please note that we may retain certain information as required by law or for legitimate business purposes, such as completing transactions, resolving disputes, or enforcing our agreements.
You have the right to object to certain processing of your personal information and request restriction of processing in certain circumstances. For example, you can opt out of marketing communications or object to profiling activities. To exercise these rights, please contact us at privacy@olesign.net.
You can opt out of receiving promotional emails by clicking the unsubscribe link in any marketing email or updating your communication preferences in your account settings. Please note that even if you opt out of marketing communications, we will still send you transactional and service-related messages, such as account notifications, security alerts, and document status updates.
You can manage your cookie preferences through your browser settings or our cookie consent tool. For more information, please see our Cookie Policy.
OleSign is based in the United States, and we process and store information in the United States and other countries. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other jurisdictions where our servers and service providers are located.
These countries may have data protection laws that are different from the laws of your country. However, we take steps to ensure that your information receives an adequate level of protection wherever it is processed. We use appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your data is protected when transferred internationally.
Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information as soon as possible. If you believe we have collected information from a child under 16, please contact us at privacy@olesign.net.
OleSign is committed to preventing spam and maintaining a positive communication environment. Our anti-spam practices include:
We only send marketing emails to users who have explicitly consented to receive them. When you create an account, you can choose whether to receive marketing communications. We never purchase email lists or send unsolicited bulk emails. All marketing emails include a clear and easy way to unsubscribe.
When you send documents through OleSign, notifications are sent to recipients on your behalf. These are transactional emails necessary for the service to function and are not considered marketing communications. However, you are responsible for ensuring you have the right to contact your recipients and must comply with applicable anti-spam laws, including CAN-SPAM Act, CASL, and GDPR.
We implement rate limiting and monitoring systems to detect and prevent spam and abuse of our Services. Accounts that send excessive or suspicious volumes of documents may be flagged for review. We reserve the right to suspend or terminate accounts that violate our Terms of Service or use our platform for spam, phishing, or other malicious purposes.
If you receive spam or suspicious communications claiming to be from OleSign, please report it to abuse@olesign.net. We take reports seriously and investigate all claims of spam or abuse. If you received a legitimate document notification from OleSign but do not wish to receive future communications from that sender, you can contact the sender directly to request removal from their contact list.
Users of OleSign must comply with all applicable anti-spam laws and regulations, including:
Violation of these laws or our anti-spam policy may result in immediate suspension or termination of your account, and we may report violations to appropriate authorities.
Our Services may contain links to third-party websites, applications, or services that are not owned or controlled by OleSign. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you interact with. This Privacy Policy applies only to information collected by OleSign.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email (to the email address specified in your account) and/or by posting a prominent notice on our website before the change becomes effective. We will also update the "Last updated" date at the top of this policy.
We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and protect your information. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us on support@olesign.net.