Compliance & Certifications
VoltSign maintains the highest standards of security, privacy, and regulatory compliance to protect your data and ensure legal validity of electronic signatures.
Security Certifications
SOC 2 Type II
Independently audited for security, availability, processing integrity, confidentiality, and privacy controls.
- • Annual third-party audits
- • Comprehensive security controls
- • Continuous monitoring and improvement
ISO 27001
International standard for information security management systems.
- • Risk-based security approach
- • Regular security assessments
- • Continuous improvement processes
Electronic Signature Compliance
United States
ESIGN Act (Electronic Signatures in Global and National Commerce Act)
Federal law establishing the legal validity of electronic signatures and records in interstate and foreign commerce.
- • Intent to sign verification
- • Consent to electronic transactions
- • Record retention requirements
- • Audit trail maintenance
UETA (Uniform Electronic Transactions Act)
State-level legislation adopted by 47 states plus DC and the US Virgin Islands.
- • Electronic signature attribution
- • Record integrity verification
- • Technology neutrality
- • Legal equivalence to handwritten signatures
European Union
eIDAS Regulation
European regulation on electronic identification and trust services for electronic transactions.
- • Simple Electronic Signatures (SES)
- • Advanced Electronic Signatures (AdES)
- • Qualified Electronic Signatures (QES)
- • Cross-border recognition
Other Jurisdictions
Canada - PIPEDA
Personal Information Protection and Electronic Documents Act compliance for electronic signatures and privacy.
Australia - Electronic Transactions Act
National and state-level electronic transaction legislation compliance.
UK - Electronic Communications Act
Post-Brexit electronic signature and digital communication regulations.
Singapore - Electronic Transactions Act
Comprehensive electronic signature and digital document framework.
Data Protection & Privacy
GDPR (General Data Protection Regulation)
Full compliance with EU data protection requirements for all European users.
- • Lawful basis for processing
- • Data subject rights implementation
- • Privacy by design principles
- • Data Protection Impact Assessments
- • Breach notification procedures
- • Data Processing Agreements (DPA)
- • Cross-border transfer safeguards
- • Regular compliance audits
CCPA/CPRA (California Consumer Privacy Act)
Comprehensive privacy rights for California residents including enhanced protections under CPRA.
- • Right to know about personal information collection
- • Right to delete personal information
- • Right to opt-out of sale of personal information
- • Right to non-discrimination for exercising privacy rights
- • Right to correct inaccurate personal information (CPRA)
- • Right to limit use of sensitive personal information (CPRA)
PIPEDA (Canada)
Personal Information Protection and Electronic Documents Act compliance.
- • Consent requirements
- • Purpose limitation
- • Data minimization
LGPD (Brazil)
Lei Geral de Proteção de Dados compliance for Brazilian users.
- • Data subject rights
- • Legal basis requirements
- • Data protection officer
Industry-Specific Compliance
HIPAA (Healthcare)
Health Insurance Portability and Accountability Act compliance for healthcare organizations.
- • Business Associate Agreements (BAA)
- • PHI encryption and access controls
- • Audit logging and monitoring
- • Risk assessments and safeguards
FERPA (Education)
Family Educational Rights and Privacy Act compliance for educational institutions.
- • Student record protection
- • Consent management
- • Directory information controls
- • Disclosure tracking
GLBA (Financial)
Gramm-Leach-Bliley Act compliance for financial services.
- • Financial privacy protection
- • Safeguards rule compliance
- • Information sharing controls
- • Customer notification requirements
21 CFR Part 11 (FDA)
FDA regulations for electronic records and signatures in life sciences.
- • Electronic signature validation
- • Audit trail requirements
- • System access controls
- • Record integrity verification
Email Service Provider Compliance
CAN-SPAM Act Compliance
Full compliance with US anti-spam legislation for all email communications.
- • Clear sender identification
- • Truthful subject lines
- • Physical address disclosure
- • Opt-out mechanism provision
- • Prompt unsubscribe processing
- • Third-party monitoring
- • Commercial email labeling
- • Responsibility for affiliates
CASL (Canada's Anti-Spam Legislation)
Compliance with Canadian anti-spam laws and consent requirements.
- • Express consent for commercial messages
- • Clear identification requirements
- • Unsubscribe mechanism provision
- • Consent record maintenance
Email Service Provider Requirements
Meeting requirements for major email service providers including Amazon SES, SendGrid, and Mailgun.
- • Domain authentication (SPF, DKIM, DMARC)
- • Bounce and complaint handling
- • List hygiene practices
- • Sending reputation monitoring
- • Suppression list management
- • Engagement tracking
- • Deliverability optimization
- • Abuse prevention measures
Audit & Compliance Monitoring
Continuous Monitoring
We maintain ongoing compliance through:
- • Quarterly compliance assessments
- • Annual third-party security audits
- • Regular penetration testing
- • Vulnerability scanning and remediation
- • Employee security training programs
- • Incident response and breach procedures
Compliance Documentation
Available compliance documentation includes:
- • SOC 2 Type II reports
- • Security questionnaire responses
- • Data Processing Agreements (DPA)
- • Business Associate Agreements (BAA)
- • Penetration testing summaries
- • Compliance attestations and certifications
Request Compliance Documentation
For specific compliance documentation or to discuss your organization's compliance requirements, please contact our compliance team:
VoltSign Compliance Team
7928 La Riviera Dr 201
Sacramento, CA 95826
Email: compliance@voltsign.net
Phone: (916) 841-3129
Security Questionnaires: security@voltsign.net
Legal Inquiries: legal@voltsign.net