Signority, Privacy, and Data Localization
For governments there has to be a balance between privacy protection and innovating technologies that provide the best accessibility to its citizens. As a global eSignature company, Signority makes every effort to comply with the laws of every jurisdiction globally. To comply with data sovereignty it is not just matter of where the data centre is located.
Signority eSignature Platform (SeSP) has the full competence to implement a data localization solution to isolate customer data within the enterprise’s designated geographic locations, anywhere globally.
How Ensure Data Localization
Your Choice of Data Centre Locations:
Signority gives options to enterprise customers by offering a dedicated private cloud solution. SeSP is hosted in the state-of-art AWS data re in Canada for the public cloud and can host on any customer designated geographic locations through AWS’s global zones.
Your Choice of 3rd party integration vendors
Through Signority RestFul API integrations, customers can replace their qualified vendors to replace the SeSP out-of-box 3rd party vendors, such as email notification vendor, SMS vendor for 2-factor-authentication and digital certificate vendor for document encryption.
Your Choice of Backups and Retention Policy
Through integration, our customers can synchronize and store every signed document to their record management system or network devices. You can configure the retention period and delete signed documents from the Signority cloud after they are fully backed up to your own systems.
Restricted IP Address Range for Access
Often corporate policy only permits certain access points to access highly sensitive documents. Signority’s enterprise customers can configure their user’s IP address ranges when they log in to their Signority accounts. This also offers a great protection for hacking incidents from unauthorized geographic areas.
Signority has a Data Protection Agreement (DPA) along with an Enterprise Agreement that is based on the European General Data Protection Regulation (GDPR). Our Data Atlas details how the different types of data are processed and managed in SeSP.
Empower Signority Employees with Processes and Training to Protect Your Privacy
Security training is a mandatory objective in every employee’s annual performance review. Customer Success staff must go through a rigid privacy training to what to ask and how to ask when confronted with sensitive data. Customer Service is important, and is not outsourced overseas. We believe people that represent Signority must share the same value and the same security and privacy awareness.
The Signority Enterprise Solution allows for customized location, scale, and backup format. No matter where you are, Signority, as a global player, aims to provide an efficient eSignature technology.
I encourage you to read two of our previous blogs about Signority’s security practice:
How Signority Secures Your Data
Where do you “warehouse” your data?
If you were warehousing physical goods, you would want to know what laws apply to your goods. The data centre location question is equivalent: foreign location means foreign legislation.
Privacy Officers, Legal Counsel, or the Compliance Teams of your organization have an understanding of the risks factors associated with data residency requirements. Signority has the full capability of meeting your needs. If you’d like to learn more, contact us:
- Phone: 833-222-1088
- using the chat icon on the bottom right of your screen,
- or through our contact form.
Frequently Asked Questions
A company has a “.ca” domain name. Does it mean the data centre is in Canada?
Not at all. Having a “.ca” website has nothing to do with data centre locations. To get a “.ca” domain you must meet the Canadian Presence Requirements: https://www.cira.ca/policy/rules-and-procedures/canadian-presence-requirements-registrants
Once you have the “.ca” domain name, the hosting servers can be anywhere in the world.
A company claims on the website that their data is located in Canada for Canadian customers but refused to sign our privacy act that has clear requirements for Canadian data residency. Why is this?
No matter what the marketing collateral statements, signing your privacy agreement is the actual commitment. If this ever occurs, please question their business integrity. Privacy has become a prominent risk factor. Do not compromise on that unless your Privacy Officer has completed a Privacy Impact Assessment (PIA) and agreed to it.