Privacy Policy

We collect: (a) Account data: name, email address, and encrypted password when you register. (b) Documents: the PDF files you upload and the signers' data (name and email). (c) Signature data: IP address, user-agent, browser, operating system, date and time of each signature, as part of the audit trail. (d) Usage data: pages visited and actions taken within the service. (e) Payment data: managed by Paddle; Firmiu does not store card numbers.

We use your information to: provide the electronic signature service and manage your account; send notifications about the status of your documents; generate legally valid audit trails; improve the security and performance of the service; comply with legal and regulatory obligations; process payments through Paddle.

Your documents are stored encrypted on secure cloud servers (Supabase on AWS infrastructure). We use encryption in transit via HTTPS/TLS and encryption at rest. Access to documents is controlled through Row Level Security (RLS) policies. Only you and authorized signers can access your documents.

We do not sell or rent your personal information to third parties. We share data only: with designated signers, to complete the document signing process; with service providers necessary to operate (Supabase for storage, Resend for emails, Paddle for payments); when required by law, court order, or competent authority.

You have the right to: access the personal data we hold about you; request correction of incorrect information; request deletion of your account and data; export your documents before deleting your account; object to the processing of your data in certain circumstances. To exercise these rights, contact us at privacidad@firmiu.com.

Firmiu uses only strictly necessary cookies to keep your session active and ensure the secure operation of the service. We do not use third-party tracking, advertising, or behavioral analytics cookies.

Documents and signatures are retained according to your plan: 30 days on the Free plan, 1 year on the Starter plan, and unlimited on Pro and Business plans. Account data is retained while the account remains active. After account deletion, your data is erased within a maximum of 30 days.

Firmiu is not directed at persons under 18 years of age and we do not intentionally collect personal information from minors. If you believe a minor has provided personal information, contact us at privacidad@firmiu.com to have it removed.

We may update this Privacy Policy periodically. We will notify you of material changes by email at least 15 days in advance. The date of the last update will always be visible at the top of this document.

For any inquiry, request, or complaint related to your privacy and personal data, contact us at privacidad@firmiu.com. We will respond within a maximum of 5 business days.