Privacy Policy

We consider your privacy and the security of your personal data of great importance. This Privacy Policy applies to the data we process when you use SignPath as well as to the data of our website visitors and informs you about the personal data we collect and how we process it.

Who is responsible for the processing of your personal data?

When you visit our website, your data is processed by:

SignPath GmbH
Gonzagagasse 11/23
1010 Vienna
Commercial register ID: 475506z

Data protection officer

You can reach our data protection officer at

Data we process when you use SignPath

Registration Data

If you create a SignPath account, you are required to provide us with some basic information:

  • Your name
  • Your business email address
  • Your job title (only for administrators)

This data is only processed because it is necessary for the performance of the contract between you and us. After the termination of your account, your registration data will be stored for a retention period of 6 months.

Usage Data

When you use SignPath, we collect some basic information that most services collect based on our legitimate interests. This includes information about how you use SignPath, such as your IP address, session information and the date and time of each request.

Sub-processors and third country notice

We share your data with a limited number of third party service providers who process it on our behalf to provide or improve our service, and who have agreed to privacy restrictions by signing data protection agreements. In case of data transfers outside of the European Economic Area, we make sure to implement appropriate safeguards with our sub-processors, including Standard Contractual Clauses.

Sub-processor Description of data processing Location Security measures documentation
RUBICON IT GmbH Application management, administration, support Europe RUBICON Managed Services
Microsoft Ireland Operations Limited Hosting Platform Microsoft Azure Europe Azure security documentation
Twilio Inc. Email delivery service SendGrid United States Twilio Security Overview
Okta Inc. Account management Europe Okta Security & Privacy Documentation

Data we process when you visit our Website

Contact form

If you use the contact form on our website to ask more about our products, we process the data you submit in the contact form in order to process your inquiry. If your inquiry also concerns our partner products, your data may be forwarded to these partners. The processing is based on Art 6 para 1 lit b and f GDPR, because it serves to initiate a contract with us and is in our legitimate interest. Your data will be stored for as long as necessary to process your request.


You have the possibility to subscribe to our newsletter on our website. We will process the personal data you provide in order to send you our newsletter. The processing of this data is only possible with your consent. You are free to revoke your consent and unsubscribe from our newsletter at any time. To do so, just click on the unsubscribe-Link that is included in every newsletter mail you receive from us.


Our website uses so-called “cookies”. Cookies are small text files which are stored on a visitor’s computer or device. There are two main types of cookies: Essential cookies, which are necessary to make a website operational and non-essential cookies, which collect e.g. browsing and usage statistics. While essential cookies are stored automatically on your computer or device based on our legitimate interests, non-essential cookies require your consent.

Some of the cookies used on our website originate from service providers outside the EU (primarily the US). It is therefore possible that some of your data (e.g. IP address, usage behavior, technical data) may be transmitted to the US. We only work with companies that are part of the Data Privacy Framework between the EU and the USA or use standard contractual clauses for the transfer of personal data to third countries according to Art 46 para 2 lit c GDPR. The participating companies of the Data Privacy Framework fall under the adequacy decision for secure data traffic of the EU.

You are free to revoke your given consent for the use of non-essential cookies and/or cookies from third countries at any time here:

Revoke consent

Google Analytics

In order to evaluate and improve our website, we use website analysis software Google Analytics provided by Google Ireland Limited. Google Analytics enables us to create statistical reports on visitor activity and to improve our content and website performance. For this purpose, your IP address is transmitted to Google and usually stored for 26 months. The use of Google Analytics requires a non-essential cookie, which is only set with your express consent. For more information, please refer to the privacy policies of Google and Google Analytics.

We use Google Signals as an extension of Google Analytics. Signals is an alternative function to identify users on our website. Google Signals requires a Google account login and the activation of personalised advertising on your device.

In order to make our website more attractive, we use Google Ads, a service provided by Google Ireland Limited. Google Ads enables us to make advertisements for our website in the Google search engine or on external websites and to evaluate how effective our advertising measures are. If you access our website via a Google ad, Google Ads will store a non-essential cookie on your PC or device. Google Ireland Limited is the responsible data controller when using Google Ads. We ourselves do not collect and process any personal data when using Google Ads. We only receive statistical evaluations from Google. For more information, please refer to the privacy policies of Google and Google Ads.


dealfront is a web analytics service and evaluation tool operated by Liidio Oy / dealfront (Mikonkatu 17 C, 00100 Helsinki). For this purpose, dealfront collects the IP address of visitors. dealfront uses a cookie called “_lfa” and has an expiry date of two years from when it was first set. The cookie can only be set for this website domain and requires your consent. For more information, please refer to the privacy policy of dealfront.

Your rights

When we process your personal data, you have the following rights under applicable European and Austrian data protection laws:

  • Information
  • Correction
  • Deletion
  • Restriction
  • Data portability
  • Object

If you believe that the processing of your data constitutes a violation of data protection laws, you are free to contact the Austrian Data Protection Authority at Barichgasse 40-42, 1030 Vienna, phone +43 1 52152-0, email

Sign up for news and special offers