Application Security

At HelloSign the Security and Privacy of customer data is our #1 Priority

Beyond traditional encryption

HelloSign protects data in transit between our apps and our servers, and at rest.  Documents are stored behind a firewall and authenticated against the sender’s session every time a request for that document is made. We enforce the use of industry-best practice for the transmission of data to our platform (Transport Layer Security TLS) and data is stored in a SOC 1 Type II, SOC 2 Type I and ISO 27001 certified data centres. Your documents are stored and encrypted at rest using AES 256-bit encryption.

Rigorous security testing

We regularly test our infrastructure and apps to identify and patch vulnerabilities. We also work with third-party specialists, industry security teams and the security research community to keep our users and their files safe. Potential security bugs and vulnerabilities can be reported to us on the third-party service HackerOne.