Privacy Policy
Last updated: February 20, 2026
Who We Are
This service is operated by Idura ApS, Gl. Kongevej 3E, 1., 1610 København V. We provide a document signing service that enables individuals to send documents for legally-binding electronic signatures using national e-ID systems (BankID, MitID, etc.).
What Data We Collect
When You Send a Document for Signing (Requestor)
| Data | Purpose | Retention |
|---|---|---|
| Phone number | Account identifier, SMS notifications | 90 days after last activity |
| Passkey credential | Secure login to dashboard | 90 days after last activity |
| Uploaded PDF documents | For signers to review and sign | 90 days after signing complete |
| Payment information | Process payment via Stripe | Handled by Stripe per their privacy policy |
When You Sign a Document (Signer)
| Data | Purpose | Retention |
|---|---|---|
| Phone number | Send signing invitation via SMS | 90 days after signing complete |
| e-ID signature data | Create legally-binding signature | Embedded in signed document |
Note: We do not store your e-ID credentials. Authentication is handled securely by the e-ID provider (MitID, BankID, etc.) through our partner Idura.
How We Use Your Data
We use your data only to:
- Send SMS notifications about signing requests
- Enable you to track signing progress and download signed documents
- Process payments
- Comply with legal obligations
We do not:
- Sell your data to third parties
- Use your data for marketing without consent
- Profile your behavior
- Share your documents with anyone except the parties involved in signing
Third-Party Services
We use the following services to provide our product:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Idura (Criipto) | e-ID signatures (BankID, MitID, etc.) | idura.eu/privacy |
| Stripe | Payment processing | stripe.com/privacy |
| Twilio | SMS delivery | twilio.com/legal/privacy |
Data Storage & Security
- All data is stored in the European Union
- Documents are encrypted at rest
- All connections use HTTPS encryption
- Passkey authentication (no passwords stored)
- Signed download URLs with short expiry times
- Webhook communications are cryptographically signed to prevent tampering
Data Retention
- Active signing orders: Until all parties sign or order expires (14 days)
- Completed orders: 90 days from completion, then automatically deleted
- Expired/cancelled orders: 90 days from expiry, then automatically deleted
After the retention period, all associated data (documents, phone numbers, signing records) is permanently deleted.
Your Rights (GDPR)
Under GDPR, you have the right to:
| Right | How to Exercise |
|---|---|
| Access your data | Contact us at hello@idura.eu |
| Correct inaccurate data | Contact us at hello@idura.eu |
| Delete your data | Contact us or wait for automatic 90-day deletion |
| Export your data | Download your signed documents from the dashboard |
| Object to processing | Contact us at hello@idura.eu |
| Withdraw consent | Contact us at hello@idura.eu |
We will respond to requests within 30 days.
Cookies
We use only strictly necessary cookies for:
- Session management (keeping you logged in)
- Security (CSRF protection)
We do not use:
- Analytics cookies
- Advertising cookies
- Third-party tracking
Because our cookies are strictly necessary for the service to function, no cookie consent banner is required.
Legal Basis for Processing
| Data Subject | Legal Basis |
|---|---|
| Requestor (person sending document) | Contract performance — you pay for and use our service |
| Signer (person receiving document) | Legitimate interest — the requestor has a legitimate need to obtain your signature on a document you are party to |
Changes to This Policy
We may update this policy from time to time. We will notify you of significant changes via SMS or by posting a notice on our website.
Contact Us
For privacy-related questions or to exercise your rights:
- Email: hello@idura.eu
- Address: Idura ApS, Gl. Kongevej 3E, 1., 1610 København V
This privacy policy complies with GDPR (EU) and applies to users in Denmark, Norway, Sweden, and Finland.