01 Purpose of the Policy
This Policy aims to clarify how Roger Signer handles data collected, processed, stored, or used within the Service, ensuring transparency for users and organizations and reinforcing trust in how data is managed.
02 Types of Data Used
The data used within the platform may include the following categories:
- User identification data related to the account and permissions.
- Document data that is uploaded, created, or sent for signing or approval.
- Signing, approval, and stamping data, and the associated records.
- Usage and activity data within the platform.
- Security and audit data, such as event logs and access records.
- Technical support and communication data associated with user requests.
03 Uses of Data
Roger Signer uses the data for the following purposes:
- Operating the platform and providing core services.
- Managing user accounts and permissions.
- Executing signing, approval, and stamping operations.
- Sending alerts and notifications related to activity within the platform.
- Improving performance and user experience.
- Generating operational and audit reports and logs.
- Strengthening protection and detecting unauthorized activity.
- Complying with applicable legal and regulatory obligations.
04 Limits on Use
Roger Signer does not use data outside the legitimate operational and regulatory purposes related to the Service, and does not sell personal data to other parties under any circumstances.
Any use of data is limited to what is required by the nature of the Service, while preserving the rights of users and organizations.
05 Access to Data
Access to data is restricted to authorized persons, systems, or service providers only, and to the extent necessary to perform, operate, or support the Service or to comply with applicable requirements.
All access to sensitive data is recorded within audit logs for accountability and transparency.
06 Retention Period
Roger Signer retains data for the period necessary to achieve specified purposes, or as required by laws, contracts, or relevant internal or institutional retention policies.
At the end of the retention period, data is processed according to approved procedures, whether by deletion, secure archiving, or anonymization, as applicable.
07 Security
Roger Signer applies appropriate protection measures to secure data and prevent its misuse or unauthorized access. These measures include:
- Encryption during transit and storage as applicable.
- Granular controls on permissions and access.
- Continuous monitoring of sensitive activity.
- Periodic security reviews of infrastructure and applications.
08 Updates
This Policy may be updated from time to time in line with operational, legal, or regulatory changes. The updated version is published on the official website, and continued use of the Service after publication constitutes implicit acceptance of the update, where permitted by law.