Security & Compliance

Built for trust, designed for compliance

EU Data Sovereignty

All data is stored and processed exclusively within the European Union. We use EU-based infrastructure providers to ensure your documents never leave EU jurisdiction.

Encryption

All documents are encrypted at rest using AES-256 encryption. Data in transit is protected with TLS 1.3. Encryption keys are managed securely and rotated regularly.

GDPR Compliance

NotaryX is designed with privacy by default. We collect only essential data, provide full data portability, and honor deletion requests promptly.

eIDAS Alignment

Our electronic signatures meet the requirements for Advanced Electronic Signatures (AES) under the eIDAS regulation. See the detailed breakdown below.

Comprehensive Audit Trails

Every action is logged with timestamps, IP addresses, and user agent information. Evidence packages provide cryptographic proof of document integrity.

Access Control

Role-based access control ensures users only access what they need. Multi-factor authentication available for enhanced security.

Single Sign-On (SSO)

Enterprise teams can connect their identity provider via OpenID Connect for centralised authentication. Enforce SSO across your organisation so members authenticate through your existing identity infrastructure — no separate passwords to manage.

eIDAS Signature Levels Explained

Understanding the three levels of electronic signatures under EU regulation.

Simple Electronic Signature (SES)

The broadest category. Any electronic data attached to or logically associated with other data and used to sign. Examples include a typed name, a tick box, or a scanned signature. SES is legally admissible but offers the least evidence weight.

Included Every NotaryX signature is at minimum an SES.

Advanced Electronic Signature (AES)

Must be uniquely linked to and capable of identifying the signatory, created using data under the signatory's sole control, and linked to the signed data so that any subsequent change is detectable.

Included NotaryX meets all AES requirements: unique token-based signer links, SHA-256 document integrity hashing, and comprehensive evidence trails capturing IP addresses, timestamps, and user agents.

Qualified Electronic Signature (QES)

An AES created by a Qualified Signature Creation Device (QSCD) and based on a qualified certificate issued by a Qualified Trust Service Provider (QTSP). QES has the legal equivalent of a handwritten signature across all EU member states.

Coming soon QES support via QTSP integration is coming soon.

International Alignment

NotaryX's signature levels align with electronic signature regulations beyond the EU.

UK eIDAS — United Kingdom

The UK retained the eIDAS framework post-Brexit as domestic law. The same SES, AES, and QES tiers apply. NotaryX signatures are recognised under UK eIDAS on the same basis as under EU eIDAS.

ZertES — Switzerland

Switzerland's Federal Act on Electronic Signatures defines equivalent tiers to eIDAS. NotaryX's evidence-based approach aligns with the ZertES requirements for simple and advanced electronic signatures.

ESIGN Act & UETA — United States

US federal and state law broadly recognises electronic signatures without prescribing tiers. NotaryX's audit trails, unique signer links, and cryptographic integrity exceed the evidentiary standards typically expected in US proceedings.

UNCITRAL Model Law — International

The United Nations model framework for electronic signatures has been adopted by over 30 countries. Its technology-neutral approach means NotaryX's evidence-grade signatures satisfy the reliability requirements set out in the Model Law.