top of page

Data Security and Compliance

OptiSigns is AICPA SOC 2 Type II certified. By achieving certification with this globally recognized framework, OptiSigns has demonstrated commitment to protecting customer and company data.

To view our SOC2 Report:

For existing customer please contact our Support team

For new customer, please contact our Sales team


Service Organization Controls

(SOC 2 Type II)

Trusted by the world's most recognizable companies:

companies logo.png

How we protect your security at OptiSigns 

Security is built in every aspect of our product

work offline_1.png

Application Security

OptiSigns provides secured solution for you to protect your data. Your data is encrypted when use our application.


Product Security

Security features had been included in our product design, such as role-based security access, content permission, local folder.

editor tool.png

Infrastructure Security

Our platform is hosted on the world-leading cloud infrastructure provider. You have the option of deciding where you would like to store your data. 



Security practice is enforced internally at Optisigns. Our team is committed to follow the security protocols and meet the compliance requirements.

Frequently Asked Questions

Do you host or store customer data in EU data centers?

Yes, for enterprise plan, we do offer European based data region to store your data.

U.S customer can also request data to be store in U.S. data region only.

Please just make a request to our support team when creating new account.

How do I report a security vulnerability?

Our Site Reliability team quickly investigates all reported security issues. If you believe you’ve discovered an issue with OptiSigns security, please get in touch by email at We will respond as quickly as possible to your report. We request that you not publicly disclose the issue until it has been addressed by our Site Reliability team.

What is your PCI compliance status?

When you purchase a paid OptiSigns subscription, your credit card data is not transmitted through nor stored on our servers. Instead, we use Stripe, a company dedicated to handle payment services. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Stripe’s security information is available on their website.

What is your policy for encrypted data?

Data in transit is encrypted through the use of the HTTPS protocol using SSL certificates.

Data at rest is encrypted using 256-bit AES-XTS or AWS KMS.

What information you collect on users and
what’s your privacy policy?

OptiSigns collect user’s usage information to improve our product and services.
For details on what information collected and how we use those information, please refer
to our Privacy Policy

Try it for free
bottom of page