Resources

HelloSign Trust Center

Security & Compliance

Encryption

At HelloSign, each of your documents is stored behind a firewall and authenticated against the sender’s session every time a request for that document is made. All communications use SSL (Secure Sockets Layer) encryption and all data is stored in a SOC 1 Type II, SOC 2 Type I, and ISO 27001 certified data center. Your documents are stored and encrypted at rest using AES 256-bit encryption.

In addition, each document is encrypted with a unique key. As an additional safeguard, each key is encrypted with a regularly rotated master key. This means that even if someone were able to bypass physical security and access a hard drive, they wouldn’t be able to decrypt your data.

  • ‍All HelloSign documents are encrypted at rest using AES 256-bit encryption
  • ‍For any document in transit to be signed, all communications are encrypted using SSL/TLS
  • ‍All backups are encrypted
  • HSTS is enabled (HTTP Strict Transport Security)
  • HelloSign uses 2 levels of document encryption - Each document is encrypted using a unique key (a document encryption key or DEK), and that DEK is then encrypted using a master key that is regularly rotated