Legal Documents
Access the documents that govern the use of the QuickSigner.com platform, the protection of personal data, and information security.
Terms and Conditions
The conditions for using the QuickSigner.com platform and the contractual relationship between users and the Provider.
Privacy Policy
Information on how personal data is processed, in accordance with GDPR.
Data Processing Agreement (DPA)
Governs data processing when QuickSigner.com acts as a data processor.
Security & Data Retention
Technical and organizational measures regarding information security and data retention.
Acceptable Use Policy
Rules regarding the proper and lawful use of the QuickSigner.com platform.
Subprocessors List
Providers and partners who may process data on behalf of QuickSigner.com, in accordance with GDPR.
Terms and Conditions
These Terms and Conditions ("T&C") govern the access to and use of the
QuickSigner.com platform ("Platform", "Services"), operated by
Innovoris Labs IT SRL ("Provider").
By creating an account or using the Platform, the Customer agrees to these T&C,
as well as the documents expressly referenced herein.
1. Definitions
For the purposes of these T&C:
- Customer / Client – the natural or legal person using the Platform;
- User – any person authorized by the Customer to use the Platform;
- Services – SaaS electronic signing, document management, and storage services;
- Customer Content – documents and data uploaded to the Platform;
- Agreement – the set consisting of these T&C, the DPA, and applicable policies.
2. Subject of the Agreement
The Provider grants the Customer a limited, non-exclusive, non-transferable, and revocable right to access and use the Services solely for lawful purposes and in accordance with this Agreement.
3. Account creation and access
- 3.1. The Customer is responsible for:
- the accuracy of the provided data;
- the security of credentials;
- all activities carried out through their account.
- 3.2. The Provider may suspend access in case of:
- unauthorized use;
- breach of the Agreement;
- security risks.
4. Use of the Services
- 4.1. The Customer agrees to use the Platform:
- in accordance with applicable law;
- in accordance with the Acceptable Use Policy;
- without affecting the operation of the Platform.
- 4.2. The Provider does not verify or control the content of uploaded documents.
5. Customer Content
- 5.1. The Customer retains all rights to their Content.
- 5.2. The Customer grants the Provider a limited right to process the Content solely for providing the Services.
- 5.3. The Customer warrants that they have the legal right to use and process the Content.
6. Intellectual property
All intellectual property rights in the Platform, software, and documentation belong to the Provider. No rights are transferred to the Customer except those expressly stated.
7. Pricing, payments, and billing
- 7.1. The Services are provided on a subscription and/or usage basis.
- 7.2. Payments are made online at the time of purchase.
- 7.3. The invoice is issued automatically after payment.
- 7.4. Usage overages may require the purchase of additional credits.
8. Term of the Agreement
- 8.1. The Agreement is concluded for the duration of the selected subscription.
- 8.2. It may renew automatically.
9. Suspension and termination
- 9.1. The Provider may suspend/terminate the Agreement for: breaches, non-payment, or legal reasons.
- 9.2. Upon termination, access is stopped, and data is handled in accordance with the DPA.
10. Data protection
- 10.1. Data processing is governed by the Privacy Policy and the DPA.
- 10.2. The Provider generally acts as a data processor.
11. Information security
The Provider implements appropriate technical and organizational measures, including within an information security management system aligned with ISO/IEC 27001.
12. Confidentiality
The parties shall maintain the confidentiality of non-public information, subject to legal exceptions.
14. Limitation of liability
- 14.1. The Provider is not liable for indirect damages, loss of profit, or Customer Content.
- 14.2. Total liability is limited to the amounts paid in the last 6 months.
15. No legal advice
The Services do not constitute legal advice. The Provider does not guarantee the legal validity of documents in terms of their content.
16. Legal basis regarding electronic signature
According to Law no. 214/2024 regarding the use of electronic signatures:
Article 3 – General legal effects
(1) All types of electronic signatures provided in Regulation (EU) No. 910/2014 or in this law produce legal effects and may be used as evidence in court.
(2) An electronic document signed with a type of electronic signature provided by law or with a qualified electronic signature produces the same legal effects as the same document in paper form.
By using the Platform, the Customer confirms that they understand and accept that the electronic signature used through the Services has legal value and produces legal effects under applicable law, including Law no. 214/2024.
17. Force majeure
Neither party shall be liable for failure to perform obligations due to force majeure events.
18. Amendments
The Provider may modify the T&C by publishing the updated version on the website. Continued use constitutes acceptance.
19. Governing law and jurisdiction
The Agreement is governed by Romanian law. Disputes shall be settled by the courts of Romania.
20. Final provisions – Order of precedence
In case of conflict between documents, the order is:
- Data Processing Agreement (DPA)
- Terms and Conditions
- Platform public policies
Privacy Policy
This Privacy Policy explains how QuickSigner.com ("Platform", "Provider", "we") processes personal data of:
- visitors of the QuickSigner.com website;
- users of the Platform, including after authentication;
- individuals who complete forms available on the website,
in accordance with Regulation (EU) 2016/679 ("GDPR").
1. Who we are
QuickSigner.com is an electronic signature and document management platform, operated by Innovoris Labs IT SRL, a Romanian legal entity, headquartered in Bucharest.
📧 GDPR Contact: contact@quicksigner.com
2. Our role in data processing
Depending on the context, QuickSigner may have one of the following roles:
2.1. Processor
In most cases, QuickSigner acts as a processor, processing personal data on behalf of its customers in the context of documents uploaded, signed, and managed through the Platform.
2.2. Controller
QuickSigner acts as a controller for data necessary for:
- account creation and management;
- billing and payments;
- commercial and operational communications;
- security and operation of the Platform and website;
- compliance with legal obligations.
3. What data we process
We may process the following categories of data:
- identification data (first name, last name);
- contact data (email address, phone number);
- professional data;
- authentication data;
- electronic signatures;
- log data and technical metadata;
- billing data;
- content of documents uploaded by users (as Processor).
⚠️ QuickSigner does not verify or control the content of uploaded documents.
4. Purposes and legal bases of processing
| Purpose | Legal basis |
|---|---|
| Provision of services | Performance of a contract |
| Account management | Performance of a contract |
| Billing and payments | Legal obligation |
| Operational communication | Legitimate interest |
| Responding to requests via forms | Pre-contractual steps / legitimate interest |
| Marketing (newsletter) | Consent |
| Security and fraud prevention | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
5. Data sources
Data is collected:
- directly from users or visitors;
- through the use of the Platform;
- through forms available on the website;
- from customers, in the case of invited signers.
6. Data disclosure
Data may be disclosed to:
- our subprocessors (public list);
- authorities, where required by law;
- providers necessary for operating the Platform and website.
QuickSigner does not sell or share data with third parties for commercial purposes.
7. Subprocessors
The updated list includes, but is not limited to:
- Google Cloud Platform
- Brevo (Sendinblue)
- CloudConvert
- Sentry
- CookieYes
- 4Pay
8. Data processing location
Data is processed exclusively within the European Union. QuickSigner does not transfer data outside the EU.
9. Retention period
Data is retained:
- for the duration of the contractual relationship;
- thereafter, in accordance with legal obligations;
- until account or data deletion, as applicable.
Documents can be deleted by the user from the Platform.
10. Data subject rights
Data subjects benefit from the rights provided by GDPR:
- right of access;
- right to rectification;
- right to erasure;
- right to restriction;
- right to object;
- right to data portability;
- right to lodge a complaint with ANSPDCP.
📌 When QuickSigner acts as a processor, requests are forwarded to the relevant Controller.
11. Data security
QuickSigner implements appropriate technical and organizational measures, including an information security management system aligned with ISO/IEC 27001.
For details, see the Security & Data Retention Policy.
12. Cookies
The website and Platform use necessary and optional cookies. Consent is managed through a dedicated mechanism.
13. Updates
This Policy may be updated periodically. The applicable version is published on the website.
14. Contact
📧 contact@quicksigner.com
Data Processing Agreement (DPA)
This Data Processing Agreement ("DPA") forms an integral part of the QuickSigner.com Terms and Conditions ("Agreement") and applies to the extent that, in the provision of the Platform, the Provider processes personal data on behalf of the Customer, acting as a processor within the meaning of Regulation (EU) 2016/679 ("GDPR").
1. Definitions
The terms "personal data", "processing", "controller", "processor", "data subject", "security incident" have the meaning set out in the GDPR. Other capitalized terms have the meaning assigned in the Agreement.
2. Roles of the parties
- 2.1. The Customer acts as the Data Controller.
- 2.2. The Provider acts as a Data Processor, processing data solely on behalf of and in accordance with the Customer’s instructions.
- 2.3. The Provider does not determine the purposes and means of processing and does not verify the legality of document content.
3. Subject matter, duration, and nature of processing
- 3.1. The subject of processing consists of providing electronic signature, document management, storage, and access services.
- 3.2. Processing takes place for the duration of the Agreement and, where applicable, in accordance with legal or technical obligations.
- 3.3. The nature of processing includes collection, storage, use, transmission, and deletion of data.
4. Types of data and categories of data subjects
Types of data:
- identification data;
- contact data;
- professional data;
- electronic signatures;
- log data (technical logs).
Categories of data subjects:
- employees of the Customer;
- contractors;
- legal representatives;
- other individuals included in documents.
5. Customer instructions
- 5.1. Instructions result from the use of the Platform.
- 5.2. The Provider does not accept customized instructions outside standard functionalities.
- 5.3. If an instruction is unlawful, the Provider will inform the Customer.
6. Provider obligations
- a) processing only in accordance with instructions;
- b) ensuring confidentiality;
- c) implementing appropriate security measures;
- d) not disclosing data to unauthorized third parties.
7. Subprocessors
The Customer grants general authorization for the use of the following subprocessors:
- Google Cloud Platform – cloud infrastructure (EU)
- Brevo (Sendinblue) – email delivery (EU)
- CloudConvert – file conversion (EU)
- Sentry – error monitoring (data processed in the EU)
- CookieYes – cookie consent management (EU)
- 4Pay – SMS services (Romania)
The Provider will inform the Customer of any changes, and the Customer may raise a justified objection within 15 days if a significant material risk is demonstrated.
8. Processing location
Data is stored and processed exclusively within the European Union. No transfers outside the EU are carried out.
9. Data security
The Provider implements appropriate technical and organizational measures, including an ISMS aligned with ISO/IEC 27001, without guaranteeing absolute security.
10. Data subject rights
The Provider reasonably assists the Customer, while the Customer remains responsible for handling requests.
11. Security incidents
The Provider will notify the Customer without undue delay, providing available information.
12. Audit
The Customer may conduct a documentary audit at most once per year, without affecting the operation of the Platform.
13. Deletion or return of data
Upon termination of the Agreement, data will be deleted or returned, except where retention is required by law.
14. Liability
The Provider’s liability is limited in accordance with the Agreement, including the liability cap agreed between the parties.
15. Final provisions
This Annex is governed by Romanian law and prevails with regard to data processing, except where a separate individual agreement applies.
Security & Data Retention Policy
This Policy describes the information security measures and data retention rules implemented by QuickSigner.com ("Platform", "we"), in the context of providing electronic signature and document management services.
This Policy is for informational purposes and is drafted in accordance with Regulation (EU) 2016/679 ("GDPR") and industry best practices.
1. General security framework
QuickSigner has implemented an information security management system (ISMS) aligned with the ISO/IEC 27001 standard, aiming to protect the confidentiality, integrity, and availability of information processed through the Platform.
Measures are established based on:
- risk assessment;
- the nature of processed data;
- the current state of technology;
- implementation costs.
2. Security principles
We consistently apply the following principles:
- least privilege access (need-to-know);
- segregation of duties;
- proportionality of measures relative to risks;
- continuous monitoring and improvement.
3. Technical and organizational measures
3.1. Access control
- access is granted only to authorized personnel;
- secure authentication;
- password policies and credential management.
3.2. Infrastructure security
- cloud infrastructure hosted within the EU;
- environment isolation (development, staging, production);
- regular application of security patches.
3.3. Encryption and data protection
- encryption in transit (TLS);
- data-at-rest protection mechanisms;
- protection of keys and technical secrets.
3.4. Monitoring and logging
- platform monitoring;
- collection of technical logs for diagnostics and security;
- error and incident detection systems.
4. Security incident management
QuickSigner has internal procedures for:
- incident identification;
- impact assessment;
- remediation.
In the event of an incident affecting personal data, customers are notified without undue delay, in accordance with legal obligations.
5. Business continuity
Measures are implemented to ensure:
- service availability;
- data recovery;
- resumption of operations in case of technical incidents.
6. Subprocessors and providers
QuickSigner uses only providers that comply with GDPR requirements and process data exclusively within the EU. The updated list is published separately.
7. Data retention
7.1. General principles
- data is retained only for as long as necessary;
- in accordance with legal obligations;
- according to customer instructions when QuickSigner acts as a Processor.
7.2. Customer data (documents)
- retained for the duration of the contractual relationship;
- can be deleted manually by the customer;
- upon termination, deleted or returned in accordance with the DPA.
7.3. Technical and log data
- retained for limited periods;
- used exclusively for security, diagnostics, and improvement.
8. Limitations
Although QuickSigner implements appropriate measures, no IT system can guarantee absolute security. The Platform operates on reasonable and proportionate efforts.
9. Updates
This Policy may be updated periodically. The applicable version is the one published on the website.
10. Contact
For questions regarding data security:
📧 contact@quicksigner.com
Acceptable Use Policy (AUP)
This Acceptable Use Policy ("AUP") sets out the rules and conditions under which users may access and use the QuickSigner.com platform ("Platform", "we").
By using the Platform, you agree to comply with this Policy, as well as the applicable Terms and Conditions.
1. Purpose of the Platform
The QuickSigner platform is intended for:
- creating, sending, signing, and managing electronic documents;
- use for lawful, professional, and legitimate commercial purposes.
2. Permitted use
Users may use the Platform exclusively:
- in accordance with applicable law;
- in accordance with the Agreement, DPA, and related policies;
- for documents for which they have the legal right to use and process.
3. Prohibited use
3.1. Illegal activities
- violation of applicable laws (including GDPR);
- fraudulent, deceptive, or abusive activities;
- impersonation or falsification of identities or signatures.
3.2. Illegal or unauthorized content
- documents containing illegal content;
- infringement of copyright, trademarks, or other intellectual property rights;
- documents for which the user does not have the right to use or process.
3.3. Technical abuse
- attempts to gain unauthorized access to the Platform or infrastructure;
- vulnerability scanning, DoS/DDoS attacks;
- use of unauthorized scripts or automation;
- interference with the normal operation of the Platform.
3.4. Excessive or improper use
- usage that affects performance or service availability;
- disproportionate consumption of resources compared to normal Platform use.
4. User responsibility
The user is fully responsible for:
- the content of uploaded, signed, or managed documents;
- the legality of processing personal data included;
- obtaining necessary consents or legal bases;
- compliance with obligations toward data subjects.
QuickSigner does not verify or validate the content of processed documents.
5. Monitoring and enforcement
For the purpose of Platform security and operation, QuickSigner reserves the right to:
- reasonably monitor usage;
- investigate suspicious or non-compliant activities;
- suspend access temporarily or permanently;
- limit functionalities or resources;
- take other reasonable measures to protect the Platform and its users.
6. Suspension or termination of access
Violation of this Policy may result in:
- temporary suspension of the account;
- termination of the Agreement;
- blocking or deletion of access to documents, within legal limits.
These measures may be applied without prior notice where necessary for security or legal compliance.
7. No obligation to monitor
QuickSigner has no general obligation to:
- monitor document content;
- verify the legality of Platform use;
- intervene proactively in processed documents.
8. Limitation of liability
Use of the Platform is at the user's own risk, within the limits set by the Agreement. QuickSigner is not liable for damages resulting from:
- improper or unauthorized use;
- the content of processed documents;
- violation of this Policy.
9. Updates
This Policy may be updated periodically. The version in force is the one published on the website.
10. Contact
For questions regarding acceptable use of the Platform:
📧 contact@quicksigner.com
Subprocessors List
Last updated: March 2026
This page provides information about the subprocessors used by QuickSigner.com in the context of providing electronic signature and document management services, in accordance with GDPR and the Data Processing Agreement (DPA).
Google Cloud Platform
Provider: Google LLC
Data location: EU
Services: cloud infrastructure, databases, file storage
Role: Subprocessor
GDPR compliant: Yes
Brevo (Sendinblue)
Provider: Brevo SAS
Location: European Union
Services: email delivery
Role: Subprocessor
GDPR compliant: Yes
Sentry
Provider: Functional Software, Inc.
Location: European Union
Services: error monitoring
Role: Subprocessor
GDPR compliant: Yes
CookieYes
Provider: CookieYes Ltd
Location: European Union
Services: cookie consent management
Role: Subprocessor
GDPR compliant: Yes
Changes to the list
This list may be updated as needed. Customers may raise a justified objection, in accordance with the provisions of the DPA.
Contact
For questions regarding subprocessors:
📧 contact@quicksigner.com