Security & Architecture

Transparency is core to trust. Dive deep into the cryptographic principles and regulatory frameworks that make SignToSee secure, sovereign, and verifiable.

eIDAS & GDPR Art. 17(3)(e) Compliant Architecture

Cryptographic Integrity by Design.

SignToSee is not just a gate — it is a mathematically verifiable sequence of access events. Keep control over what you share. Every interaction is logged, hashed, and sealed permanently in an isolated per-gate ledger.

Step 01

Zero-Knowledge Encryption

AES-256-GCM

The browser encrypts the file URL before it leaves the device. Our servers store only an opaque ciphertext blob. The decryption key lives exclusively in the URL fragment — technically unreachable by SignToSee or any third party.

Algorithm
AES-256-GCM
Key scope
Sender / Recipient only
Server access
None (zero-knowledge URL mode)
Step 02

eIDAS-Compliant Access Log

SES — Simple Electronic Signature

When a recipient clicks Agree, we capture an Access Snapshot under EU eIDAS Regulation No 910/2014. Three data points are recorded atomically and sealed against retroactive alteration.

IP Address
Verified + logged
Timestamp
UTC — ms precision
Fingerprint
Browser fingerprint hash
Step 03

Isolated Per-Gate Ledgers

Isolated-by-Design Architecture

Instead of a fragile global ledger, each Gate gets its own strictly isolated cryptographic hash chain. Every signature is linked only to prior signatures on that exact document. You can safely delete or archive a Gate without breaking the integrity of your other work.

Hash function
SHA-256
Architecture
Isolated Per-Gate Chains
Output
Verifiable audit log

Live Integrity Mockup // SHA-256 Hash Chain

Tamper-proof by design.

Our database uses a strict append-only ledger. If any actor — including a SignToSee engineer — attempts to retroactively alter a historical signature record, all subsequent hashes immediately invalidate.

Compliance Standards

eIDAS Regulation No 910/2014 — Art. 25
GDPR Art. 17(3)(e) — Integrity obligation
Append-only access log (tamper-evident)
Block #1 — Signature #1Verified
recipientc.lepage@acme.fr
timestamp2026-03-11T14:23:08Z
sha2568f43434664bf6b96df89dda6...9e
prev_hash: ✓ verified
Block #2 — Signature #2Verified
recipientk.muller@ventures.eu
timestamp2026-03-12T09:44:55Z
sha2567b4c8921a12f8d1e3b4c6d...f1
prev_hash: ✓ verified
Block #3 — Signature #3Verified
recipients.ahmed@partner.io
timestamp2026-03-13T16:02:31Z
sha2569a2f1b4c6d8e5f3a2b4c7...e2
The Security Question

"But can you steal my client's link?"

No. Even if compelled.

A step-by-step look at how our zero-knowledge architecture protects your data from the moment you paste a link or upload a file.

1. You paste your destination URL

Your Figma, Notion, PDF, or any link. Your browser immediately generates a random encryption key — it never leaves your device at this point.

figma.com/file/abc123/my-concept

2. Encryption happens in your browser, before anything leaves

AES-256-GCM runs client-side. The URL is transformed into an unreadable ciphertext. Only the ciphertext travels to our server — the key does not.

3. Our server stores only the ciphertext — never the plaintext

This is what sits in our database. Even if someone queried it directly, there is nothing readable here.

SignToSee Database
gate_idg_x7k2m
ciphertexta7f9c2e1d4b8...3f92
plaintext_urlnull - never stored
decryption_keynull - never stored

4. The key lives in the URL fragment — the part the server never sees

The gate link you send to your client has two parts. The browser knows about both. The server only ever receives what comes before the # — the fragment is a client-side-only mechanism defined in the HTTP spec.

signtosee.eu/g/x7k2m
#?c=a7f9c2e1...
Server receives this
Browser-only — server never sees this

5. After the recipient accepts the terms, the key is used — in their browser

The recipient's browser reads the key from the fragment, decrypts the ciphertext, and redirects. The decryption happens entirely client-side. The destination URL is never sent to — or revealed by — our servers at any point.

Result: we cannot read your destination, even if compelled

We store access logs and acceptance events — not your files or URLs. Immune to the US CLOUD Act because there is nothing to hand over.

Terminology Explained

We use advanced cryptography and strict legal frameworks to protect your work. Here is what those terms mean in plain English.

Zero-Knowledge Encryption

A security model where the service provider (SignToSee) mathematically cannot read your data. We never have access to the decryption keys, ensuring absolute privacy.

AES-256-GCM

Advanced Encryption Standard with a 256-bit key in Galois/Counter Mode. This is military-grade encryption that not only keeps data secret but also verifies that it hasn't been tampered with.

eIDAS Regulation No 910/2014

The European Union's framework for electronic identification and trust services. Our access logs provide Simple Electronic Signatures (SES) that are legally admissible in EU courts.

SHA-256 Hash Chains

A cryptographic method where each new signature is mathematically linked to the previous one using the SHA-256 algorithm. This creates an unbroken, tamper-evident ledger for each of your gated links.

EU-Sovereign Infrastructure

Our servers are physically located in the EU and owned by European entities. This means your data is fully protected by the GDPR and is immune to foreign data requests like the US CLOUD Act.

Regulatory Compliance

Standards & Frameworks

SignToSee is engineered for compliance with European regulations from the ground up — not as an afterthought.

eIDAS Regulation No 910/2014

Art. 25 — Legal Effect

Access acceptance events qualify as Simple Electronic Signatures (SES), which are legally admissible as evidence in all EU member states.

GDPR Art. 17(3)(e)

Integrity Obligation

Our append-only ledger architecture satisfies the GDPR requirement to maintain data integrity for the establishment, exercise, or defence of legal claims.

EU-Sovereign Hosting

CLOUD Act Immune

All servers are physically located in the EU and owned by European entities. Your data is fully protected by the GDPR and immune to foreign data requests.

Zero-Knowledge Architecture

Privacy by Design

We mathematically cannot read your destination URLs or uploaded files. The decryption keys never touch our servers — privacy is enforced by cryptography, not policy.

Trust the architecture?
Try it yourself.

Every security claim on this page is backed by real cryptography running in your browser. Create a free gate and see the zero-knowledge flow in action.

No credit card required · Scout tier is permanently free