Skip to content
Signeto
EE RU EN

Privacy Policy

Last updated: 8 May 2026

1. Data Controller

The data controller for your personal data is Relond Grupp OÜ, registry code 12197858, address: Kooli 10, Jõhvi, 41532, Estonia. Contact: info@signeto.eu.

2. Data We Collect

When you use the Signeto service, we process the following personal data:

  • Identification data: name, email address, phone number.
  • Company data: company name, registry code, address.
  • Usage data: login activity, IP addresses, device type, browser information, activity logs.
  • Signature data: documents contained in digital work acts and metadata associated with electronic signatures (timestamp, signatory identity).
  • Billing data: invoice details (we do not store card numbers; payments are processed by a third party).

3. Legal Basis for Processing

We process your data on the following legal grounds:

  • Contract performance (GDPR Art. 6(1)(b)): account management, service delivery, subscription billing.
  • Legitimate interest (GDPR Art. 6(1)(f)): service security, fraud prevention, usage analytics.
  • Consent (GDPR Art. 6(1)(a)): marketing communications, which you may withdraw at any time.
  • Legal obligation (GDPR Art. 6(1)(c)): obligations under accounting and tax legislation.

4. Data Retention

  • Account data: retained until account deletion plus a mandatory 3-year retention period.
  • Activity logs: 12 months.
  • Invoice data: 7 years (accounting legislation requirement).
  • Marketing communications: until consent is withdrawn.

5. Data Processors and Third Parties

We share data only to the extent necessary with the following processors:

  • Hetzner GmbH (Germany/Finland): cloud infrastructure provider; servers are located in Helsinki, Finland (EU territory). Data is protected with TLS 1.3 and daily backups are performed.
  • Email service provider: sending transactional emails.
  • Payment provider: subscription payment processing (card data is not transmitted to us).

Data is not transferred to third countries outside the EU/EEA without appropriate safeguards.

6. Your Rights

Under the GDPR you have the following rights:

  • Right of access (Art. 15): you may request a copy of your data.
  • Right to rectification (Art. 16): you may request correction of inaccurate data.
  • Right to erasure (Art. 17): you may request deletion of data where there is no lawful basis for continued processing.
  • Right to data portability (Art. 20): you may receive your data in a machine-readable format.
  • Right to object (Art. 21): you may object to processing based on legitimate interest.
  • Right to restriction of processing (Art. 18): in certain cases you may request restriction of processing.

To submit a request, write to info@signeto.eu. We will respond within 30 days.

7. Data Protection Contact

For data protection enquiries, contact us at info@signeto.eu (subject: "Data Protection").

8. Supervisory Authority

You have the right to lodge a complaint with the supervisory authority: Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate), Tatari 39, 10134 Tallinn, email: info@aki.ee, website: www.aki.ee.

9. Cookies

Signeto uses only session cookies that are strictly necessary for the service to function (authentication, CSRF protection). We do not use tracking cookies or third-party advertising cookies. Session cookies are deleted when you close your browser.

10. Changes to This Policy

We reserve the right to update this privacy policy. For material changes we will notify you by email or via an in-service notice at least 30 days in advance. The current version of this document is always available at signeto.eu/en/privacy.