Privacy Policy (Beta)

Last updated: July 2025

At Subnoto SAS ("Subnoto", "we", "us", "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal data when you use our e-signature platform (the "Service").

Who We Are

Subnoto is operated by Subnoto SAS, based in France. We are subject to the General Data Protection Regulation (GDPR).

You can reach us at [email protected]

Data We Collect

We collect:

Account information: Name, email address, organization, and credentials when you create or use your account.

Usage data: Logs, IP address, browser/device info, and interaction data.

Document Metadata: Names, sender/recipient info, timestamps, and signature status.

Support Data: Messages sent to our support or feedback channels.

For beta users, we may collect additional feedback and usage data to help us improve the product.

We do not access document contents unless explicitly authorized by you for support or troubleshooting. Subnoto uses confidential computing to enhance document confidentiality — including from us.

Legal Basis

We process your data based on:

Contractual necessity: To provide you access to the Service

Legitimate interest: To improve the beta experience

Consent: For optional email updates (you can unsubscribe)

How We Use Your Data

We use your data to:

Deliver and improve the Service

Respond to support inquiries

Comply with legal obligations

Analyze anonymized usage patterns

We never sell your personal data or document contents.

Subprocessors

We use third-party services to operate Subnoto:

Scaleway: hosting, EU-based

Cloudflare: security and performance

Brevo: email delivery

We will update this list as new subprocessors are added. All subprocessors are GDPR-compliant or covered by appropriate data processing agreements.

Data Storage and Retention

User data is stored in France.

We use TLS encryption, secure infrastructure, and strict access controls.

Your data is retained for as long as your account is active or legally required.

You may request deletion at any time by contacting [email protected]

Your Rights

Under GDPR, you have the right to:

Access your data

Correct inaccurate data

Request data deletion

Object to processing in certain cases

Contact us at [email protected]

Data Security

We use encryption in transit and at rest, plus confidential computing for document protection. While no system is 100% secure, we take reasonable technical and organizational measures to protect your data.

Cookies

Subnoto uses minimal cookies necessary for authentication and performance. We do not use tracking or advertising cookies.

Changes to This Policy

We may update this Privacy Policy over time. If significant changes occur, we will notify you via email or through the platform.

Contact

Privacy Questions

Subnoto SAS, France

[email protected]

Logo

Privacy-friendly e-signatures made in France 🇫🇷

© 2025 Subnoto. All rights reserved.

Company

AboutStatusLegalPrivacyTerms of ServiceSecurityResearchersCookie Preferences

Subscribe

BlogTry now

Socials

LinkedinInstagramBlueskyMastodon