Products
Publisher - Trusted PDF Sealing Publisher Identity Validator
Pricing
Resources
API Docs CLI Docs Zapier Documenso
PDF Validator Download CLI
Support
Learn
Blog FAQ Announcements
Company / Contact
Sign in/up

Trust & Security

Effective Date: 10/31/2025

Last Updated: 10/31/2025

Trusted Signatures (“TS”) is built to minimize data exposure: we don’t upload or store your PDFs. Our service operates on non-reversible SHA-256 digests and certificate status data to apply standards-based seals.

Architecture at a glance

  • No PDF storage. We do not ingest, store, or inspect document content or filenames.
  • Hash-only workflow. We process SHA-256 digests, timestamps, and certificate status (OCSP/CRL) required for signing/verification.
  • Hosted in the U.S. Infrastructure runs on AWS U.S. (Central).

Core security controls

  • Encryption. TLS in transit; encryption at rest where applicable.
  • Access control. SSO/MFA, role-based access (RBAC), least privilege, audited admin actions.
  • Key management. Signing keys are protected by FIPS 140-3 Level 3-validated HSMs; keys are generated, stored, and used within the cryptographic boundary.
  • Monitoring. Centralized logging and metrics via AWS CloudWatch; alerting and incident response runbooks.
  • SDLC & vulnerability management. Code review, dependency scanning, secrets management, periodic penetration testing.
  • Business continuity. Backups, redundancy, and disaster-recovery objectives for critical systems.

Security & compliance frameworks

PCI DSS (payments via Stripe).

Trusted Signatures processes payments through Stripe, a PCI DSS Level 1–certified provider. We never store or transmit cardholder data on our own systems. All credit-card transactions and billing data are handled securely by Stripe.

FIPS 140-3 (cryptography).

Our cryptographic operations run inside FIPS 140-3 Level 3–validated hardware security modules (HSMs). This ensures that signing keys are generated, stored, and used entirely within a tamper-resistant, validated boundary.

SOC 2 (provider).

Our hosting and infrastructure providers (e.g., AWS) maintain SOC 2 Type II certification for operational security, data availability, and confidentiality controls. Trusted Signatures inherits these assurances as part of its secure cloud deployment.

ISO 27001 (alignment).

ISO 27001 is the international standard for managing information security. It provides a framework for how an organization protects data, controls access, and monitors risks.

Trusted Signatures follows ISO 27001-aligned practices through its cloud providers and internal controls, ensuring operational security complements our product’s compliance with ISO 32000, the open standard that defines the PDF format itself.

GDPR/CPRA (privacy).

Trusted Signatures is a controller for account/billing/support and a processor/service provider for limited operational data (e.g., digests, logs, certificate status). We comply with EU data-protection requirements for customer information. All personal or organizational data collected for identity verification or billing is processed under GDPR lawful-use and retention principles. See our Privacy Policy. Contact us to request a DPA, and Subprocessor List.

HIPAA (operations-only).

Publisher is not designed to receive or store PHI. Customers must not send PHI in PDFs, filenames, or support materials. If required, TS will execute a limited BAA covering narrowly defined operational metadata (e.g., API logs, digests, certificate status). See our HIPAA BAA Rider (Operations-Only).

Document trust standards (validation context)

  • ISO 32000 (PDF) and PAdES behaviors for approval vs. certification signatures, DocMDP/FieldMDP permissions, incremental updates.
  • AATL (Adobe trust ecosystem) and eIDAS Advanced (AdES) for PAdES via appropriate providers/programs. Viewer trust stores and configuration determine on-screen validation banners.

Data handling & retention

  • What we process: account/billing data, API/service logs, SHA-256 digests, certificate serials/issuer, OCSP/CRL responses, timestamp tokens.

  • Retention: security and API logs typically 12–24 months; verification metadata retained for the life of the account and a reasonable period thereafter. See Privacy Policy §5.

Transparency

Data Processing Addendum (DPA) Subprocessors HIPAA BAA Rider (Operations-Only): Available upon request Privacy Policy Terms of Service

Responsible disclosure

If you believe you’ve found a security issue, email privacy@trusted-signatures.com with steps to reproduce. Please avoid testing that could impact other users and give us reasonable time to investigate and remediate. Legal notices: Michelle@trusted-signatures.com, Brad@trusted-signatures.com.

Change log

2025-10-31: Initial Trust & Security page published (added HIPAA operations-only stance, AWS region, DPA/BAA/Subprocessors).