Frequently asked questions
How does Sign on Tab ensure document and data security and sensitive information privacy?
Each client gets a unique encryption key that provides the highest security level. Encrypted key information is secured and stored in SonT servers, using the AWS Key Management Service (KMS) system. All our clients’ documents and data are secured with the KMS key. KMS facilitates generating and distributing encryption keys among connected applications.
Where does SonT store clients’ data?
Our clients’ data is stored and secured in AWS S3 servers in Stockholm. We use AWS because they are leading security service providers globally. AWS servers suit businesses regardless of type and size, providing our clients with more flexibility and higher security standards.
Can a client store data outside the SonT system?
Signed documents and other information are stored and secured on the SonT system. However, clients can transfer data to ERP/CRM tools of their choice. The integration with SonT is performed through API. Clients can also transfer data using the SFTP file transfer protocol.
What happens with clients’ data after completing the signing process?
For the clients using the Standard plan, after completion of the signing process, your data is encrypted with the KMS key and stored on the SonT system. Enterprise plan users can transfer their data to their own business or document management tools through API. The information is then stored on a client’s system upon an agreement (a few days, as a backup, or deleted when the storage limit is exceeded).
What happens with clients’ data if the signing process is canceled?
Further actions depend on the plan and integration. The standard plan doesn’t need integration, therefore, if the signing process is canceled, data won’t be saved. The Enterprise plan needs integration between the SonT system and a client’s business management tools. In the case of cancelation, the SonT system receives a response through API, and data isn’t saved.
What legal power does the Sign on Tab signature have?
A signature initiated using the SonT system or an integration with a client’s ERP/CRM tools has the same legal power as a physical signature on paper. To ensure security, we use physical identification.
What is biometric data, and why is it important?
What resources are needed to collect biometric data?
We use special hardware to collect biometric data. Biometric data collection requires a customized tablet and an active pencil, adjusted to the tablet to identify unique signature features.
How is the Enterprise plan integration process performed?
What criteria does the PMS (property management system) need to meet for successful integration with the Print to Tab functionality?
To integrate the Print to Tab functionality, a client’s PMS needs to be compatible with the Windows operating system and a printer.
What is GDPR?
GDPR (General Data Protection Regulation) is the EU regulation put into effect in May 2018. This regulation is set to protect consumers’ data and information movement between different parties. GDPR protects personal information from unauthorized possession of customers’ data.
What responsibilities does the company take to comply with GDPR requirements?
The company ensures a full data management process (the right to be informed, the right to be forgotten, the right to access data, etc.). It commits to provide a juridical data management base (who controls and manages data), agreement, and personal data violation investigation procedures.
What data is protected with GDPR?
GDPR protects personal data. Personal data is information linked to an individual (data subject), who can be identified directly or indirectly, using ID information or other unique characteristics (physical, physiological, psychological, cultural, social features). Personal data also includes the IP address, location address, or income details.
What are the mandatory rules for the business to comply with GDPR?
Regarding GDPR, companies need to follow a set of rules for data collection, transportation, and storage. The company also needs to control access to private information. When contracts are signed on paper, the whole process becomes much more complicated because the company needs to ensure additional data protection to transport data (special envelopes to send contracts, a depersonalized identification system). Data access control is also more complicated using paper documents. Using a digitized system to manage information can help ease the process of protecting personal data and customers’ privacy.