GrabSign Privacy Policy

Introduction

Grabsign Inc (GrabSign, we, us, our) views privacy with the utmost importance and is determined to make sure that personal information (Personal Information) is handled ethically, legally and safely. We use premium and top-grade cyber security mechanisms in addition to several best practices that ensure your data’s privacy and safety. To add to that, we comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). You can find a detailed copy of the APPs from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au.

We encourage you to read this privacy policy (Privacy Policy) which, in compliance with the APPs and the Privacy Act, governs and details the way in which we collect, use, disclose, secure, retain and dispose of your Personal Information. Our Privacy Policy also elaborates on what type of Personal Information is used and what your rights are.

By using our services, you provide your consent to the subject and detailed contents of this Privacy Policy, except for when direct and explicit consent is required as per law.

Defining Personal Information

Personal Information is any information that can reasonably identify an individual. Some examples include: names, addresses, email addresses, and phone number.

What Information Is Collected, How It Is Used, and When It Is Shared

For the primary purpose of providing our services as a digital signature service provider, GrabSign collects your Personal Information without which you may not be able to fully use our services. This information is obtained in many ways including when someone visits our website, becomes a user (User) of our services, or a customer (Customer) of one of our Users.

Personal Information of Customers will normally not be collected directly by GrabSign. Any Personal Information shared with us would be via the agreement between the User and Customer which should describe how and what Personal Information is shared with us.

  • Collection of Personal Information. Subject to the context and circumstance in which you provide Personal Information, it may include your name, email address, password, phone number, address, professional association, and billing information. For example, you provide this Personal Information when you:

    • Create or log-in to your GrabSign account
    • Register for a GrabSign paid plan
    • Contact GrabSign
    • Use SMS two-factor authentication
    • Initiate, provide your signature on, or review an electronic document
  • Sensitive Information. GrabSign will not collect any form of sensitive information such as race, ethnicity, political opinions, religious or philosophical beliefs, criminal record because it is not related to our purpose as a digital signature service. We also discourage the collection of any form of sensitive information as it goes against the principles of privacy and online safety.

  • Automatically Collected Information.We use cookies so that we can continue to provide and improve our services for you. Cookies refer to and contain information such as:

    • Data about your device like its model, manufacturer, type, operating system and screen resolution

    • Data about your browser like its type, IP address and version

    • Data about your usage like how long you spend on our website and service, what links you clicked, which other pages led you or referred you to our page

    You can choose to change your browser’s privacy settings and delete or control cookies. However, updating these settings may disrupt and affect your interaction with our features, products or services.

    Other information related to the usage and functioning of our services such as sharing a document, sending a signature request, sharing a template, and signing a document are recorded automatically as well.

    From time to time, we may also collect secondary information that is related to our primary purpose as a digital signature service. However, this is done with your permission.

  • Usage of Personal Information. We may use your Personal information in the following ways in order to provide our services:

    • Signature requests
    • Document Sharing
    • Sending product related and service relevant information that you request
    • Addressing customer support requests
    • Communicating for marketing purposes
    • Managing your account
    • Complying with legal and regulatory obligations such as data retention periods
  • Disclosure of Personal Information GrabSign does not rent or sell your Personal Information to unaffiliated or unauthorised third parties. We only share Personal Information with trusted entities such as other service providers that we utilise to support our own services. These include those who provide services such as advertising, accounting, auditing, data analysis, cloud-hosting, cyber-security, authentication and verification. Any such service provider is required by us to protect the security and confidentiality of your Personal Information through compliance with the appropriate global and national laws and regulations.

Your Privacy Rights

Your privacy is protected by rights and choices, highlighted below, regarding our usage and disclosure of your Personal Information.

  • You can opt out of receiving marketing communications. However, we may need to send important messages that are deemed necessary for providing our services.

  • You can opt out of receiving marketing communications. However, we may need to send important messages that are deemed necessary for providing our services.

  • You can view or change your Personal Information. You can do this by signing in to your GrabSign account and editing your profile or by contacting us at https://grabsign.com/contact.

  • Subject to your location, circumstances and the relevant law, you may have the following rights as well:

    • You can request a copy of your Personal Information that is processed by GrabSign.
    • You can withdraw your consent and request to have your Personal Information erased. In the case of multiple signatories, everyone’s consent would be required to erase Personal Information from the document in question.

Data Retention

We retain Personal Information and collected data for as long as we are providing our services to you. Based on our legal and regulatory compliance obligations, we may also retain Personal Information even after you are no longer using our services or even after you have closed your account.

Data Security

We employ organisational, technical, and administrative best practices designed to protect Personal Information against all threats. We ensure the security of your connection with GrabSign by using SSL (Secure Sockets Layer) encryption and an ISO-27001-certified data centre.

In addition to the measures and practices that we utilise, it is important that you adhere to safety practices to protect your Personal Information. For example, never share your password, use stronger passwords than normal, and do not stay logged in to your account if you are not using it.

Protection Against Fraudulent Emails

Fraudulent emails are dangerous for online safety. We discourage this and work towards making our service fully secure. If you ever receive a fraudulent email that looks like it was sent by GrabSign or by someone who works with us, contact us immediately and report that email at https://grabsign.com/contact.

You can also protect yourself against such fraudulent emails by adopting the following common email safety practices:

  • When you do not recognise the sender of an email in which there is a GrabSign document, contact the sender to verify the email’s authenticity.

  • GrabSign emails relating to signature requests do not have attachments. You should report any signature request emails with attachments at https://grabsign.com/contact.

  • Documents are sent by us as attachments only when they are completed and only if the sender of the document has enabled that feature.

  • We never request you to go to external websites that are not part of our grabsign.com domain for the purpose of electronically sending or signing documents. You should ignore any prompts to visit external links.

Incident Reporting

You can contact our team of security professionals with full details at https://grabsign.com/contact. for any concerns related to security and they will evaluate the incident and contact you if any further details or information is required.

Use by minors

GrabSign is not meant to be used by individuals under 14 years of age (minors). They should not provide Personal Information to us and are encouraged not to use our services.