Be on the safe side
when you sign
Skribbe meets the highest standards for security and complies with data protection regulations in the EU and Switzerland.
Our security measures include:
- GDPR compliance
- Active information security management
- Regular security scans & penetration tests
Security on our e-signing platform
Skribble conducts annual penetration tests and regular vulnerability scans. Our code repositories are continuously scanned for known vulnerabilities.
Our systems are hardened following best practices, and monitored for vulnerabilities or intrusions. Documents are scanned for malicious code.
Every user action generates an audit trail stored in an insert-only database, guaranteeing its integrity. Skribble retains audit logs for 10 years for evidence purposes.
Customers have full control over authentication and authorisation when using Single sign-on (SSO) via OpenID Connect (OIDC) or SAMLv2.
Our systems are constantly mirrored across two redundant clusters. Infrastructure and services are continuously monitored for availability and outages swiftly corrected.
Hosted in Switzerland
Our platform and all associated data is hosted in Switzerland on two geo-redundant Tier IV data centres with ISO 27001 certification (FINMA* compliant).
"Skribble has given me enormous peace of mind in my daily work. We can now get contracts with affiliates in Austria, Central & Eastern Europe signed in a timely and more secure manner."
Security for your data & documents
Customer data is protected at all times using strong encryption. For data in transit, we use TLS 1.2+ with RSA-4096 bit. For data at rest, we use full-disk encryption with AES-128-CBC.
Every document is encrypted with a unique AES-256 key, which is only shared with its owner and those granted access to it. Skribble employees have no access to customer documents.
All data is secured according to the highest security standards in Switzerland and in compliance with the EU General Data Protection Regulation (GDPR) and the Swiss Federal Data Protection Act.
"We were looking for a solution with maximum legal weight and the highest level of data protection, which is at the same time absolutely user-friendly. In other words: Skribble."
Our internal security culture
We regularly carry out security and compliance training for all employees and security best practice training for engineers.
We perform background checks for selected new employees as required by the financial industry. All employees sign a non-disclosure agreement.
Access to systems and data inside Skribble is managed on a pure need-to-know basis and access rights are reviewed regularly.
*FINMA is the Swiss government body responsible for financial regulation. This includes the supervision of banks, insurance companies, stock exchanges and securities dealers, as well as other financial intermediaries in Switzerland.