SteadSign

Privacy Policy

Last updated 2 July 2026

Your trust matters. This policy describes what we collect and how we handle it when you use SteadSign.

1. Overview

This Privacy Policy explains how Stead Group Pte. Ltd. (“SteadSign”, “we”) collects, uses, discloses, and protects personal data when you use SteadSign, in line with Singapore’s Personal Data Protection Act (PDPA). By using SteadSign you consent to the practices described here.

2. What we collect

Account data (name, email, organisation). Document metadata (title, recipients’ names and email addresses, signing status, timestamps, and IP address at the time of signing). Signature data (a typed name or a drawn signature image you provide). Usage and device data needed to operate and secure the service. We do not sell your personal data.

3. How we use it

To deliver documents for signature, capture and stamp signatures, generate the audit trail and verification certificate, notify the parties, provide support, prevent fraud and abuse, meet legal obligations, and improve the service.

4. Where data is stored

Document files (originals, signed PDFs, certificates, and signature images) are stored in encrypted object storage. Metadata and audit records are stored in our database. We aim to keep data within the Singapore/Asia-Pacific region and use reputable infrastructure providers under contract.

5. Retention

Signed document files are kept according to the sender’s chosen retention setting (delete after signing, a limited period, or vault storage). The verification record — certificate, audit trail, and document fingerprint — is retained on a longer, ongoing basis so signed documents remain verifiable. You may request deletion of personal data subject to our legal and record-keeping obligations.

6. Disclosure

We share document and signing details with the parties to that document (senders, signers, and copied recipients). We use service providers (for hosting, email delivery, and payments) bound to protect the data. We may disclose data where required by law or to protect our rights and users.

7. Verification and fingerprints

Public verification checks only a document’s fingerprint (a SHA-256 hash) against our record — it does not expose the document’s contents. When someone verifies a copy by uploading it, we compute its fingerprint to compare and do not retain the uploaded file.

8. Security

We use encryption in transit and at rest, access controls, and tamper-evident signing records. No system is perfectly secure; we work to protect your data and to respond promptly to any incident.

9. Your rights

Under the PDPA you may request access to, or correction of, your personal data, and may withdraw consent for certain uses. Contact us and we will respond within a reasonable time. Withdrawing consent may limit your ability to use parts of the service.

10. Cookies

We use essential cookies to keep you signed in and to operate the service. We do not use them for third-party advertising.

11. Changes

We may update this policy; material changes will be notified through the service or by email. The “last updated” date shows the current version.

12. Contact

For privacy questions or requests, contact us at contact@steadgroup.com.sg.


SteadSign is a product of Stead Group Pte. Ltd. (UEN 202216339M), 12 Woodlands Square #13-82/83, Woods Square, Singapore 737715. Questions: contact@steadgroup.com.sg.

TermsPrivacy