Built to be trusted
with your documents.
Your documents are encrypted in transit and at rest, processed privately, and auto-deleted after anonymous use. Every signature is auditable.
Protected at every stage.
Multiple layers of security protect your documents from the moment they leave your device to the moment they are deleted.
Encryption in transit & at rest
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your files are protected from the moment they leave your device.
Zero-retention policy
Files are automatically deleted from our servers within 30 minutes of processing. We never store your documents permanently.
Private by default
Anonymous files are processed and deleted automatically — no account required, and your files are never stored or used to profile you. Persistent storage only happens when you sign in and opt in.
Auditable signatures
Every completed signature includes a tamper-evident audit trail and a certificate of completion, aligned with the ESIGN Act and eIDAS framework.
Designed around recognized frameworks.
We design to recognized data-protection and e-signature frameworks.
Formal certifications are in progress and not yet claimed as complete. Data Processing Agreements are available on request.
Legally binding, cryptographically provable.
Our electronic signatures are designed to align with the ESIGN Act (US), eIDAS (EU), and other global electronic signature frameworks — and every completed document carries its own proof.
- ✓ ESIGN Act, UETA & eIDAS aligned
- ✓ Tamper-evident audit trail — timestamps, IP addresses, activity logs
- ✓ SHA-256 hash verification detects any change made to a document after signing
- ✓ Certificate of completion with every completed document
- ✓ Email one-time-code verification for invited, unauthenticated signers
Example record — not a real customer document.
Enterprise security controls.
Additional controls for Business and Enterprise customers.
Multi-factor authentication
Protect accounts with two-factor authentication using any TOTP authenticator app, plus single-use backup codes.
SSO integration coming soon
Single Sign-On with SAML 2.0 for Okta, Azure AD, Google Workspace, and other identity providers — on the roadmap, not yet available.
Role-based access control
Granular permissions control who can access, edit, and sign documents. Define custom roles for your organization.
Admin dashboard
A centralized panel for managing users, monitoring activity, and enforcing security policies.
Questions about security?
Our team is here to help — contact us for a detailed security review or to discuss your compliance requirements. To report a vulnerability, email security@lexosign.com.