Privacy Policy

Effective: January 1, 2026

1. Introduction

SignDelta Inc. ("we", "us", "our") operates the SignDelta platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service. We are committed to handling your data transparently and in accordance with applicable law.

This Policy applies to data we collect about registered users ("Users") and, to a limited extent, about third parties whose information Users submit when creating change orders ("Counterparties"). By using the Service, you accept the practices described in this Policy.

2. Information We Collect

We collect the following types of information:

Account Information

Name, email address, and authentication credentials when you create an account.

Change Order Data

Project descriptions, line items, amounts, counterparty names, and contact details that you enter when creating change orders. This data is provided entirely by you; we do not verify its accuracy or the legitimacy of the underlying business relationship.

Signature & Audit Trail Data

Electronic signatures, IP addresses at the time of signing, timestamps, and browser user-agent information collected to create an audit trail as required for e-signature compliance under the ESIGN Act and UETA.

Payment Information

Payment processing is handled by Stripe, Inc. We do not store full credit card numbers or sensitive payment credentials. We receive limited transaction metadata (last four digits, card type, transaction status) from Stripe.

Usage Data

Pages visited, features used, browser type, device information, IP address, and referral source collected automatically when you interact with the Service.

3. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To process change orders, signatures, and payments on your behalf.
  • To send transactional emails (signature requests, payment confirmations, status updates).
  • To provide customer support.
  • To detect, prevent, and address fraud, abuse, or technical issues.
  • To comply with applicable legal obligations.

We do not use your data or your counterparties' data to make decisions about the content, enforceability, or outcome of any agreement created through the Service.

4. Information Sharing

We do not sell your personal information. We share data only in the following circumstances:

  • With your counterparties: When you send a change order, the recipient receives the information included in that document. You are responsible for ensuring you have the right to share any information you include.
  • Service providers: We use sub-processors (Stripe for payments, e-signature providers, email delivery services) that process data on our behalf under contractual data processing obligations.
  • Legal process: We may disclose information when required by valid subpoena, court order, law enforcement request, or other compulsory legal process. We are not required to notify you prior to disclosure if prohibited by law or court order. We are not a party to any dispute between you and your counterparties and cannot act as an advocate for either side in response to legal process.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

5. No Involvement in User-Counterparty Disputes

SignDelta is a software tool. We store data about your change orders and signatures as a byproduct of providing the Service. We do not review the content of your agreements for accuracy or legal validity. If a dispute arises between you and a counterparty:

  • We will not voluntarily produce records, witnesses, or legal opinions on behalf of either party.
  • We will respond to valid legal process directed at us, but only to the extent legally required.
  • Any costs we incur responding to legal process related to your disputes may be charged to you under our Terms of Service.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS/SSL), encrypted storage, and role-based access controls. While we take reasonable steps to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security and disclaim liability for breaches outside our reasonable control.

7. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. Change order records and signature audit trails are retained for a minimum of seven (7) years to support the enforceability of electronic signatures under applicable law. Even after account deletion, we may retain records where required by law, for fraud prevention, or to respond to legal process. You may request deletion of your account at any time by contacting us; retention obligations may limit what we can delete.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to legal retention requirements.
  • Object to or restrict certain processing of your data.
  • Receive your data in a portable format.

Note: exercising your rights applies only to data we hold about you in our capacity as a service provider. We have no ability to remove your data from systems controlled by your counterparties or from third-party services you have used.

To exercise any of these rights, contact us at legal@signdelta.com. We will respond within 30 days.

9. Cookies

We use essential cookies required for the Service to function (authentication, session management). We do not use third-party advertising or tracking cookies. We may use basic analytics to understand aggregate usage patterns.

10. International Transfers & EU/UK Users

The Service is operated in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your data is transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other appropriate safeguards, for such transfers.

Lawful basis for processing. Where GDPR or UK GDPR applies, we process your personal data on the following bases:

  • Contract performance — processing necessary to provide the Service to registered users (Article 6(1)(b) GDPR).
  • Legal obligation — retention of e-signature audit trails as required by applicable law (Article 6(1)(c) GDPR).
  • Legitimate interests — fraud prevention, security, and processing counterparty data to facilitate change order workflows on behalf of our users (Article 6(1)(f) GDPR).

EEA, UK, and Swiss residents have the same rights described in Section 8. If you believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local data protection authority.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the revised policy on this page and updating the effective date. Continued use of the Service after changes constitutes acceptance of the revised Policy.

13. Contact

Questions or concerns about this Privacy Policy? Contact us at legal@signdelta.com.

© 2026 SignDelta Inc. All rights reserved.

Terms Privacy Contact