background pattern
MusiSign Logo

Data Processing & GDPR

This page summarises how Musifacts Europe BV approaches data processing for MusiSignunder Regulation (EU) 2016/679 (GDPR).

1. Controller and processor roles

Musifacts Europe BV may act as a controller for account, security, audit, support and platform operation data. Where a User or Organisation uploads Documents or personal data for its own purposes, Musifacts Europe BV may process that data as a processor or service provider in accordance with applicable instructions and agreements.

2. Processing instructions

Users and Organisations are responsible for ensuring that they have a lawful basis and appropriate authority to upload, send, store and sign Documents through MusiSign.Musifacts Europe BV processes Document data to provide the requested signing and document management services.

3. Data location

Documents, metadata and audit records are stored on internal servers located in Europe. Operational providers may be used for limited functions such as email delivery, domain routing, security or technical support, subject to appropriate safeguards.

4. Confidentiality

Access to personal data and Documents should be limited to authorised personnel, systems and service providers that need access to operate, secure, support or legally protect MusiSign.

5. Data subject requests

Requests concerning personal data may be sent to info@musisign.com. Requests may be subject to verification and may be limited where retention is required for legal, evidential, contractual or audit purposes.

6. Deletion and retention

Document deletion or account closure may not immediately remove all audit records, backups, legal records or evidence required to preserve the integrity of completed Documents. Retention periods depend on legal, contractual and operational requirements.

7. Security measures

Musifacts Europe BV maintains technical and organisational measures intended to protect personal data against unauthorised access, alteration, disclosure or loss, including access controls, encrypted transport and audit logging.

8. Subprocessors and integrations

Depending on configuration, processing may involve providers for email delivery, object storage, analytics and feature flags, billing, identity providers, webhooks, DNS or security operations. Musifacts Europe BV should maintain an internal record of enabled providers and make relevant subprocessor information available on request where required.

Data Processing & GDPR • Version 1.0 • Effective date: 4 July 2026 • Last updated: 4 July 2026

This legal page forms part of the MusiSign Legal & Compliance documentation.