Each client gets a unique encryption key that provides the highest security level. Encrypted key information is secured and stored in SonT servers, using the AWS Key Management Service (KMS) system. All our clients’ documents and data are secured with the KMS key. KMS facilitates generating and distributing encryption keys among connected applications.

Our clients’ data is stored and secured in AWS S3 servers in Stockholm. We use AWS because they are leading security service providers globally. AWS servers suit businesses regardless of type and size, providing our clients with more flexibility and higher security standards.

Signed documents and other information are stored and secured on the SonT system. However, clients can transfer data to ERP/CRM tools of their choice. The integration with SonT is performed through API. Clients can also transfer data using the SFTP file transfer protocol.

For the clients using the Standard plan, after completion of the signing process, your data is encrypted with the KMS key and stored on the SonT system. Enterprise plan users can transfer their data to their own business or document management tools through API. The information is then stored on a client’s system upon an agreement (a few days, as a backup, or deleted when the storage limit is exceeded).

Further actions depend on the plan and integration. The standard plan doesn’t need integration, therefore, if the signing process is canceled, data won’t be saved. The Enterprise plan needs integration between the SonT system and a client’s business management tools. In the case of cancelation, the SonT system receives a response through API, and data isn’t saved.

A signature initiated using the SonT system or an integration with a client’s ERP/CRM tools has the same legal power as a physical signature on paper. To ensure security, we use physical identification.

We collect biometric data to verify a person’s identity. Signature biometric data includes specific characteristics of a person that helps to identify that person later. This information can also be used to perform an examination to identify a particular person. We collect data about the tilt angle, speed, and imprint depth of a pencil.

We use special hardware to collect biometric data. Biometric data collection requires a customized tablet and an active pencil, adjusted to the tablet to identify unique signature features.

The integration between a client’s business management tools and the SonT system is performed using special documentation and API. We connect the SonT system with a client’s ERP/CRM or other tools and send documents and metadata. After a client initiates the signing process on his/her system, the request comes to the SonT system, where documents appear on a tablet. After the signing is completed, data is transferred to a client’s digital archive. We customize integration depending on your business needs. Please, contact us to find more information.

To integrate the Print to Tab functionality, a client’s PMS needs to be compatible with the Windows operating system and a printer.

GDPR (General Data Protection Regulation) is the EU regulation put into effect in May 2018. This regulation is set to protect consumers’ data and information movement between different parties. GDPR protects personal information from unauthorized possession of customers’ data.

The company ensures a full data management process (the right to be informed, the right to be forgotten, the right to access data, etc.). It commits to provide a juridical data management base (who controls and manages data), agreement, and personal data violation investigation procedures.

GDPR protects personal data. Personal data is information linked to an individual (data subject), who can be identified directly or indirectly, using ID information or other unique characteristics (physical, physiological, psychological, cultural, social features). Personal data also includes the IP address, location address, or income details.

Regarding GDPR, companies need to follow a set of rules for data collection, transportation, and storage. The company also needs to control access to private information. When contracts are signed on paper, the whole process becomes much more complicated because the company needs to ensure additional data protection to transport data (special envelopes to send contracts, a depersonalized identification system). Data access control is also more complicated using paper documents. Using a digitized system to manage information can help ease the process of protecting personal data and customers’ privacy.