Security & Architecture
Transparency is core to trust. Dive deep into the cryptographic principles and regulatory frameworks that make SignToSee secure, sovereign, and verifiable.
Cryptographic Integrity
by Design.
SignToSee is not just a gate — it is a mathematically verifiable sequence of access events. Keep control over what you share. Every interaction is logged, hashed, and sealed permanently in an isolated per-gate ledger.
Zero-Knowledge Encryption
The browser encrypts the file URL before it leaves the device. Our servers store only an opaque ciphertext blob. The decryption key lives exclusively in the URL fragment — technically unreachable by SignToSee or any third party.
- Algorithm
- AES-256-GCM
- Key scope
- Sender / Recipient only
- Server access
- None (zero-knowledge URL mode)
eIDAS-Compliant Access Log
When a recipient clicks Agree, we capture an Access Snapshot under EU eIDAS Regulation No 910/2014. Three data points are recorded atomically and sealed against retroactive alteration.
- IP Address
- Verified + logged
- Timestamp
- UTC — ms precision
- Fingerprint
- Browser fingerprint hash
Isolated Per-Gate Ledgers
Instead of a fragile global ledger, each Gate gets its own strictly isolated cryptographic hash chain. Every signature is linked only to prior signatures on that exact document. You can safely delete or archive a Gate without breaking the integrity of your other work.
- Hash function
- SHA-256
- Architecture
- Isolated Per-Gate Chains
- Output
- Verifiable audit log
Live Integrity Mockup // SHA-256 Hash Chain
Tamper-proof by design.
Our database uses a strict append-only ledger. If any actor — including a SignToSee engineer — attempts to retroactively alter a historical signature record, all subsequent hashes immediately invalidate.
Compliance Standards
"But can you steal my client's link?"
No. Even if compelled.
A step-by-step look at how our zero-knowledge architecture protects your data from the moment you paste a link or upload a file.
1. You paste your destination URL
Your Figma, Notion, PDF, or any link. Your browser immediately generates a random encryption key — it never leaves your device at this point.
2. Encryption happens in your browser, before anything leaves
AES-256-GCM runs client-side. The URL is transformed into an unreadable ciphertext. Only the ciphertext travels to our server — the key does not.
3. Our server stores only the ciphertext — never the plaintext
This is what sits in our database. Even if someone queried it directly, there is nothing readable here.
4. The key lives in the URL fragment — the part the server never sees
The gate link you send to your client has two parts. The browser knows about both. The server only ever receives what comes before the # — the fragment is a client-side-only mechanism defined in the HTTP spec.
5. After the recipient accepts the terms, the key is used — in their browser
The recipient's browser reads the key from the fragment, decrypts the ciphertext, and redirects. The decryption happens entirely client-side. The destination URL is never sent to — or revealed by — our servers at any point.
Result: we cannot read your destination, even if compelled
We store access logs and acceptance events — not your files or URLs. Immune to the US CLOUD Act because there is nothing to hand over.
Terminology Explained
We use advanced cryptography and strict legal frameworks to protect your work. Here is what those terms mean in plain English.
Zero-Knowledge Encryption
A security model where the service provider (SignToSee) mathematically cannot read your data. We never have access to the decryption keys, ensuring absolute privacy.
AES-256-GCM
Advanced Encryption Standard with a 256-bit key in Galois/Counter Mode. This is military-grade encryption that not only keeps data secret but also verifies that it hasn't been tampered with.
eIDAS Regulation No 910/2014
The European Union's framework for electronic identification and trust services. Our access logs provide Simple Electronic Signatures (SES) that are legally admissible in EU courts.
SHA-256 Hash Chains
A cryptographic method where each new signature is mathematically linked to the previous one using the SHA-256 algorithm. This creates an unbroken, tamper-evident ledger for each of your gated links.
EU-Sovereign Infrastructure
Our servers are physically located in the EU and owned by European entities. This means your data is fully protected by the GDPR and is immune to foreign data requests like the US CLOUD Act.
Standards & Frameworks
SignToSee is engineered for compliance with European regulations from the ground up — not as an afterthought.
eIDAS Regulation No 910/2014
Art. 25 — Legal Effect
Access acceptance events qualify as Simple Electronic Signatures (SES), which are legally admissible as evidence in all EU member states.
GDPR Art. 17(3)(e)
Integrity Obligation
Our append-only ledger architecture satisfies the GDPR requirement to maintain data integrity for the establishment, exercise, or defence of legal claims.
EU-Sovereign Hosting
CLOUD Act Immune
All servers are physically located in the EU and owned by European entities. Your data is fully protected by the GDPR and immune to foreign data requests.
Zero-Knowledge Architecture
Privacy by Design
We mathematically cannot read your destination URLs or uploaded files. The decryption keys never touch our servers — privacy is enforced by cryptography, not policy.
Trust the architecture?
Try it yourself.
Every security claim on this page is backed by real cryptography running in your browser. Create a free gate and see the zero-knowledge flow in action.
No credit card required · Scout tier is permanently free