Cloud-based Contract Management System and Esignature: Our Security Practices

Data Security at PactSafe

Securely Hosted

You can be confident that your contracts are safe with PactSafe. We follow industry best practices in security, leveraging the latest and greatest technology to keep your data safe, including third party security audits into our practices.

Scalable & Available

We have invested heavily in architecting a system that is always there for you when you need it. Our APIs, our core application, and our overall system are separated logically with load balancers in place to handle peaks in system load.

Accessible Anywhere

You'll be guaranteed to access your data wherever you are on whatever device you're on. Our system is designed to serve your needs around the globe.

We make it our business to keep you feeling secure when you put your trust in PactSafe.

Moving contracts into the cloud can be daunting, but at PactSafe we take security incredibly seriously and have put many security best practices in place from the great minds in Software-as-a-Service in the world.

System Availability

PactSafe works to ensure our system and your contracts are available 100% of the time. We have a dedicated team to monitor our application availability with alerts based upon availability thresholds as dictated by our Service Legal Agreements with our customers.

Application and API Scalability

The database, API, and application are designed to be highly scalable and to handle billions of signatures a month. As such, we have built load balancers and horizontally scalable logic into the core infrastructure powering our systems. Notifications are monitored by our team at all times should the need arise to increase system capacity due to peak loads.

Data Encryption

All access to PactSafe is protected over an SSL connection encrypted and authenticated using AES-128 using ECDHE-RSA as the key exchange mechanism. All information transferred to and from PactSafe is 256-bit SSL encrypted, including usernames and passwords. Our electronic signature platform is designed to keep your contracts secure and prevent and tampering of your contracts, your electronic signatures, and your electronic records.

How we provide an audit trail

We create a unique record of every contract before any party electronically signs it, and of each revision. We then create another unique record of the contract and version associated with the electronic signatures. Additionally, we encrypt all of your static files and electronic signature information in Amazon's S3 servers, which are housed in an ISO 27001 certified data center.

Your Credit Card Details

No credit card information is stored inside of PactSafe's databases. All private information related to your credit card is stored in Stripe, our payments processor and service that is a PCI Service Provider Level 1.

System Access (Cloud-based)

Access to our system is powered through the internet. When creating a PactSafe account, you will be given a user name (your email address) and a password. From there, you can log in to your account and change your settings. Access to the system is not governed by location—simply an internet connection.

Upon termination of your PactSafe account, your contracts and signatures will remain in our system in perpetuity. Should you require access to that information, please email help@pactsafe.com.

Other Privacy-related Questions

To review more detail on data privacy at PactSafe, check out our Privacy Policy (which, coincidentally, is hosted by PactSafe!).