The Basics

What is eversign?

Our global economy is shifting rapidly and the digitalization is finding its way into every department we work in. What we once sent by post is now sent via email, what was once discussed in person now happens via Skype, and what was once signed on paper is now signed using platforms like eversign.

With digital signatures taking over in thousands of large companies already, taking care of business documents has become significantly easier, more cost-effective and less time consuming. This Help Center intends to outline in detail how to get started using eversign and its features, as well as give you a compelling idea about all of the little perks that come with taking the digital leap with us.

Is eversign secure?

eversign is a product built and maintained by apilayer, a European technology company focused on building productivity-boosting application programming interfaces (APIs) and Software-as-a-Service products. Looking back at many years in the industry, we are proud to have proven our expertise in keeping user data safe and ensuring encrypted transactions by implementing the highest grade of security standards currently available. Each data stream going into or out of eversign is secured by industry-standard 256-bit HTTPS encryption, documents are encrypted using unique hash keys, each signing process is accompanied by a tamper-evident Audit Trail carrying a detailed log of all transactions related to the document being signed, and as an additional security safeguard ensuring the security of client data, our entire data-set is stored in two separate secure locations.

Is eversign legally binding?

Electronic signatures processed by an online platform working in compliance with the requirements of the U.S. Electronic Signature in Global and National Commerce Act of 2000 (ESIGN), the Uniform Electronic Transactions Act (UETA), and the European Union eIDAS (EU No.910/2014), are considered legally binding around the world. In fact, due to our extensive data logging and identity authentication practices, documents signed using eversign are even more enforceable in a court of law than handwritten documents. Continue reading to learn about the key factors that have been considered during the development of the eversign digital signature and document management platform:

  • Signer Authentication:
    In order to offer the highest level of signer authentication, eversign systems will require signers to verify their identity using an email double opt-in. In addition to this initial verification, eversign will securely store a number of key parameters, such as full names, email addresses, IP addresses and time stamp data along with document transactions. If an eversign user chooses to enable In-Person Signing (signing in-person on a mobile device), email verification will be disabled and it will be the user's responsibility to verify the identity of all signers in person.

  • Unique Signatures:
    Each party involved in a signing process is prompted to generate, draw or upload a signature confirming their intention to make the respective eSignature a legal representation of their signature.

  • Tamper Evidence:
    All document data and signing metadata is stored securely in two locations, in both of which unique hash keys prevent document data from being manipulated retrospectively. Each document transaction is stored along with a unique key, which - if the content changed for any reason - would no longer be valid. This also makes it easy to legally prove that no tampering occurred during or after the signing of a document.

  • Secure Data Storage:
    All data related to eversign user accounts, documents and signing data is stored securely on penetration tested cloud servers hosted with IBM. All eversign transactions are transferred via 256-bit HTTPS encryption.

  • Comprehensive Audit Trail:
    Each signed document comes with a detailed log of transactions (signer data, signature time stamps, IP addresses, etc.) attached, which ultimately makes electronic signing even more enforceable in a court of law than traditional ink signatures.

Create an Account

In order to create an eversign account, simply go to eversign.com and click the top right orange "Sign Up Free" button. You will be taken to a 4-step registration:

Step 1: Log-in Details (Sign Up)
In this first step you will be asked to enter your email address and a password twice.

Your Password Since your password is the key to your eversign account, please choose it carefully. Your password must contain at least 6 characters.

Step 2: Account Details
In the second step you will be asked to enter your name and address details. Please note that all fields (except for "State") in the left section are required fields. On the right side you will be able to add your company name, website URL and Tax Identification Number (VAT Number).

Step 3: Subscription Plan (You're almost done!)
As the third step you will be asked to choose a subscription plan. You can choose between our Basic Plan, Professional Plan and Enterprise Plan. If you are looking to stay on the Free Plan instead, simply click the top right "Skip for now" button.

Step 4: Set Up your Business
The last step of your registration will be choosing a Business Name and Vanity URL:

  • Business Name: Your Business Name will be used to refer to your business throughout your eversign account. It will also be displayed to the signers of your document, on outgoing emails and notifications. If you are not representing a business, simply choose "I'm an individual" and our systems will automatically take your first and last name instead.

  • Vanity URL: Your Vanity URL is the URL signers will be able to access your documents through. For instance, if your business is called "My Company, Inc.", you can choose "mycompany" as your Vanity URL, resulting in "mycompany.eversign.com".

Your registration process is now completed and you are directly redirected to the Dashboard page.

Confirm your email address At this point our systems will have delivered an activation email to your account. Please check your email inbox and click on the activation link in order to access all eversign features.

Mobile Devices

Most parts of eversign are optimised for mobile devices, such as smartphones and tablets. This enables you to manage documents and send reminders on the go, and have your signers sign documents from wherever they currently are.

Please take note that there is no separate iOS or Android mobile app. When navigating to eversign.com, our systems will automatically detect which device you are currently using and adjust your user experience accordingly.




Compliance

At eversign we are aware that different industries come with different regulations, and in some areas there is more compliance pressure than in others. From the very start the eversign team has been committed to offering an e-Signature platform that is compliant or contributes to compliance to regulations like EU GDPR or HIPAA.

EU GDPR Compliance

What is GDPR?

In 2016 the European Union adopted the General Data Protection Regulation (GDPR), a regulation replacing the previous privacy directive (Directive 95/46/EC), in an attempt to improve and strengthen data protection law in the European Union and enhande the rights and freedoms of an individual with regards to their personal data and how it may be used by third parties.

eversign and GDPR Compliance

We have taken GDPR very seriously ever since its announcement and have taken various measures in order for the eversign platform and all its processes and workflows to become compliant with the requirements outlined throughout the GDPR regulation. Our aim at eversign is for our clients and prospective customers to be able to use eversign confidently knowing that both the eversign platform and the team behind it abide by GDPR principles.

Find below the key GDPR requirements and which measures have been taken by eversign:

  • Data Processing Agreement: The eversign Data Processing Agreement has been made available separately and adjusted to meet GDPR requirements in order for eversign to be able to continue to lawfully receive and process personal data of EU citizens as part of providing the eversign service.

  • Third-party vendor contracts: eversign has taken the European Union's GDPR as an occasion to review and (if required) adjust existing contracts with third parties that provide functionalities essential to the eversign e-Signature service.

  • Right to be forgotten: Customers may permanently delete their account at any given time. If an account is deleted permanently, all data associated with it will be removed from eversign and cannot be recovered.

  • Right to object: Customers may opt out of inclusion of their data in any data science projects conducted by eversign.

  • Right to rectification: Customers may access their eversign account at any time in order to complete or rectify any errors contained therein. Customers may also contact eversign Support in order to access their eversign account data.

  • Right of access: The eversign Privacy Policy outlines in detail which data is collected and used for which purposes. Customers may read the Privacy Policy at any time or contact eversign Support for clarification.

  • Right of portability: The customer may request their account data to be exported at any time by contacting eversign Support.

HIPAA Compliance

What is HIPAA Compliance?

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law established in 1996 that mandates industry-wide standards for health care organizations to implement and maintain technical, administrative and physical safeguards to protect the security, integrity, and confidentiality of information and data on patients.

eversign and HIPAA Compliance

Using the eversign electronic signature and document management platform significantly enhances the reliablity, authenticity and availability of signatures and signed documents. The eversign solution ensures electronically signed documents compliant with the U.S. Electronic Signature in Global and National Commerce Act of 2000 (ESIGN), the Uniform Electronic Transactions Act (UETA), and the European Union eIDAS (EU No.910/2014). Furthermore, e-Signatures by eversign come with tamper evidence and a complete and traceable audit trail document, making documents signed via eversign legally binding.

Although HIPAA does not mandate the way documents containing Protected Health Information (PHI) are signed, eversign supports a HIPAA compliant workflow of health care organizations and service providers by providing the tools they need to work in a HIPAA-compliant fashion. However, it must be noted that HIPAA compliance is subject to the individual practices of health care organizations and the use of eversign does not constitute compliance on its own.