ModySign
Back

Privacy Policy

Last updated: April 2025

1. Data Controller

HAIR INK PRECISION (SAS, SIREN 934 571 977, headquartered at 60 rue François 1er, 75008 Paris, France), operating the SaaS platform under the commercial name "ModySign", is the Data Controller for personal data collected through the modysign.com platform. The Data Controller is represented by Romain Fernandes Lopes.

Contact: romain@modysign.com

2. Data Collected

We collect the following data:

  • Identification data: first name, last name, business email
  • Company data: company name, team size
  • Connection data: IP address, access logs, browser type
  • Documents: the PDF files processed on the platform
  • Payment data: handled exclusively by Stripe (PCI DSS)

3. Purposes of Processing

  • Providing the electronic signature service
  • Managing user accounts and organizations
  • Billing and subscription management
  • Audit trail and traceability of signatures
  • Service-related communication (support, notifications)
  • Service improvement (anonymized statistics)

4. Legal Basis

Processing is based on the performance of the contract (Article 6.1.b of the GDPR) and the legitimate interest of the Data Controller (Article 6.1.f).

5. Hosting and Transfers

Data is hosted in Europe via Supabase (AWS eu-west infrastructure). No data is transferred outside the European Union without appropriate safeguards.

6. Retention Period

  • Account data: duration of the subscription + 1 year after deletion
  • Documents: deleted upon customer request or 90 days after end of subscription
  • Audit logs: 5 years (legal obligations)
  • Billing data: 10 years (accounting obligations)

7. Your Rights

In accordance with the GDPR, you have the following rights:

  • Right of access to your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object
  • Right to restriction of processing

To exercise your rights: romain@modysign.com. Response time: 30 days maximum.

8. Security

ModySign implements technical and organizational measures to protect your data: AES-256-GCM encryption, TLS 1.3, OAuth 2.0 authentication, role-based access control (RBAC), and regular security audits.

9. Cookies

ModySign only uses cookies strictly necessary for the operation of the service (session, authentication). No tracking or advertising cookies are used.