Scriboflow

Trust Center

Trust built into every contract

Secure electronic signatures, complete audit trails, European infrastructure, and transparent security practices designed for modern contract work.

View security overviewLegal & privacy

Trust at a glance

The essentials, clearly documented

A quick overview of how Scriboflow handles contract security, signing evidence, and privacy.

European Infrastructure
Customer data is hosted in Europe, with a primary region in Frankfurt, Germany.
Secure Signatures
Electronic signatures support clear signer actions and identity options such as MitID and BankID through Idura.
Complete Audit Trails
Important contract actions are recorded from creation through signing and completion.
Privacy & Transparency
Policies, infrastructure details, and privacy-focused practices are kept clear and easy to review.

Infrastructure

Transparent infrastructure foundations

Customer data is stored and processed in Europe, supported by clear infrastructure provider information.

Data Residency
Customer data is stored and processed in Europe, with a primary region in Frankfurt, Germany. Scriboflow documents where core application data, contract records, and supporting metadata are hosted, and keeps infrastructure choices transparent for customers.

Infrastructure Providers

Supabase
Supports database and application infrastructure for Scriboflow.
Google Cloud
Supports document storage and processing infrastructure.
Vercel
Supports application hosting and delivery.

Security

Core practices for protecting contract work

Scriboflow combines account controls, data protection, and activity visibility to help keep contract work protected.

Account Security
Controls for keeping workspace access protected.
  • Multi-factor authentication
  • Email verification
  • Automatic session expiration
Data Protection
Safeguards for documents, metadata, and contract records.
  • Encryption in transit and at rest
  • Daily backups
  • European data hosting
Monitoring & Logging
Visibility into important product and contract events.
  • Activity logs
  • Contract audit timelines
  • IP tracking
View security overview

Signatures & audit trails

Evidence for every important signing moment

Scriboflow is designed to keep signature choices and contract history visible from one place.

Timeline preview
Contract timeline

  1. Contract created

    Timestamp and actor details

  2. Signature request sent

    Timestamp and actor details

  3. First signer opened request

    Timestamp and actor details

  4. First signer signed

    Timestamp and actor details

  5. Second signer opened request

    Timestamp and actor details

  6. Second signer signed

    Timestamp and actor details

  7. All signatures completed

    Timestamp and actor details

Evidence trail
Clear contract history
  • Timestamps
  • Signer activity
  • IP tracking
  • Signature events
  • Full contract history
Signature options
Flexible signing flows
  • Email-link signatures
  • Drawn signatures
  • Checkbox consent
  • MitID / BankID / identity-based signatures through Idura

Contract protection

How Scriboflow Protects Your Contracts

A simple view of the contract journey from secure creation to preserved evidence.

Create
Contract work starts in a secure workspace with verified user access.
Store
Contract data is stored in Europe and protected with encryption and daily backups.
Sign
Signees access contracts through secure signing links, with optional identity verification through supported providers.
Preserve
Important events are recorded in the audit timeline, including views, signing actions, timestamps, and IP tracking.

Transparency

Transparency by default

Scriboflow clearly explains how customer data is stored, processed, and protected before businesses upload contracts.

Clear Infrastructure
European hosting details and infrastructure providers are documented in one place.
Visible Security Practices
Security practices such as MFA, encryption, backups, and activity logs are easy to review.
Honest Compliance Roadmap
Scriboflow is actively working toward SOC 2 compliance without claiming certification before it is complete.
Public Documentation
Security, privacy, legal, DPA, and subprocessor information is organized for customer review.

Privacy & compliance

Built with clear privacy expectations

Scriboflow is built with European privacy expectations in mind and keeps its compliance roadmap clear.

GDPR
Scriboflow is built with European privacy requirements in mind.
DPA
A Data Processing Agreement will be made available to customers.
SOC 2
Scriboflow is actively working toward SOC 2 compliance.