EmailSigPro

GDPR Notice

Information for users in the European Economic Area (EEA) about their data protection rights under the General Data Protection Regulation (GDPR).

Last updated: 1/18/2026

1. Data Controller

EmailSigPro is the data controller responsible for your personal data. If you have any questions about how we handle your data, please contact us at privacy@emailsigpro.com

2. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contractual necessity: Processing necessary to provide our services, including creating and storing your email signatures
  • Legitimate interests: Processing for our legitimate business interests, such as improving our services and preventing fraud
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal obligation: Processing necessary to comply with legal requirements

3. Your Rights Under GDPR

As a resident of the EEA, you have the following data protection rights:

Right of Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You have the right to request that we delete your personal data in certain circumstances.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

4. Data We Collect

For users without an account, we store signature data locally in your browser. We do not collect or process this data on our servers.

For registered users, we collect and process:

  • Email address (for authentication)
  • Signature data you choose to save to your account
  • Payment information (processed by Stripe, not stored by us)
  • Usage data for premium analytics features

5. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequate data protection levels
  • Binding corporate rules where applicable

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account data: Until you delete your account or request deletion
  • Payment records: As required by law (typically 7 years for tax purposes)
  • Local storage data: Until you clear your browser data

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Regular security assessments
  • Access controls and authentication

8. Exercising Your Rights

To exercise any of your rights, please contact us at privacy@emailsigpro.com. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.

9. Contact Information

For any questions or concerns regarding this GDPR Notice or our data practices, please contact us:

  • Email: privacy@emailsigpro.com
  • Subject Line: GDPR Request