Xodo Sign is built on a security-first foundation, with multiple layers of protection for your documents and data.
Our security standards
- 256-bit AES encryption for all documents stored at rest
- TLS 1.2+ encryption for all data in transit
- SOC 2 Type II certification through our infrastructure partners
- Regular third-party security audits and penetration testing
Data storage and privacy
Your documents and data are stored on secure, access-controlled servers. Xodo Sign complies with major data protection regulations including:
- EU GDPR
- HIPAA (for eligible plans)
Access controls
- Only authorized team members can view documents based on their role and permissions
- All access is logged and auditable
- Two-factor authentication is available for added account security
Questions about security?
For detailed security documentation or enterprise compliance inquiries, contact our support team.