SignFlow

Privacy Policy

This document has been reviewed for accuracy. Consider having a licensed attorney review before relying on it for legal purposes.

Last updated: April 2026.

What SignFlow Is

SignFlow is a software product developed by Team Palani LLC ("we," "us") that enables organizations to collect electronic signatures and manage document signing workflows. SignFlow does not sell, rent, or trade any data to third parties.

Two Modes — Two Very Different Data Flows

How data is handled depends entirely on which mode the Operator has configured:

Standard Mode — Signed documents and associated form data are stored on infrastructure operated by Team Palani LLC on behalf of the Operator. Data is encrypted at rest using AES-GCM field-level encryption. The Operator controls all access through SignFlow's permission system.

HIPAA Mode (zero-PHI architecture) — When an Operator enables HIPAA Mode, all Protected Health Information stays in the signer's browser at all times. Specifically:

Nothing from the signing session reaches Team Palani LLC servers. Form responses, signer information, and completed documents are assembled and transmitted exclusively from the client's browser directly to the Operator's own storage. Team Palani LLC receives only a SHA-256 cryptographic hash for audit verification purposes — this hash cannot be reversed, cannot identify any individual, and cannot reconstruct any document.

In HIPAA Mode, Team Palani LLC never receives, stores, processes, or has access to any Protected Health Information. We are not a Business Associate under HIPAA. No Business Associate Agreement with Team Palani LLC is required or offered.

The Operator is the data controller and is solely responsible for their own HIPAA compliance, including any BAA they may need with their cloud storage provider.

What We Do Collect (All Modes)

  • Operator account data — name, email address, billing information (processed by Stripe — we do not store payment card details)
  • Audit log entries — anonymous event records (login, submission created, document deleted) with no PII stored in log entries
  • IP addresses — captured at signing time for audit trail purposes, encrypted at rest
  • Usage data — aggregate metrics used to operate and improve the service

Security

  • All data in transit is encrypted via TLS
  • Sensitive fields are encrypted at rest using AES-GCM
  • Authentication uses one-time magic links — no passwords are stored
  • Role-based access controls limit what each user can see within the platform
  • Audit logs are append-only and cannot be modified

Third-Party Services

SignFlow integrates with the following third-party services at the Operator's direction:

  • Stripe — billing and subscription management
  • Google Drive, Dropbox, OneDrive, Box, Amazon S3 / S3-compatible — optional cloud storage, configured by the Operator using their own credentials
  • SMTP providers — email delivery (configured by the Operator)

When cloud storage is configured, the Operator is responsible for the compliance posture of their chosen provider and any agreements required with that provider.

Data Retention & Deletion

Operators may delete documents, submissions, and member records at any time through the SignFlow admin interface. Upon subscription cancellation, Operator data is retained for up to 60 days to allow export, then deleted. Contact [email protected] to request deletion within 30 days.

Contact

Questions about this policy or your data: [email protected]

Privacy Policy Terms of Service Security Sign In