Every CalmSign document is protected by cryptographic hashing and a complete audit trail. Nothing is hidden.
When the signer completes their signature, we capture their identity, device, IP address, and a precise timestamp.
A unique SHA-256 fingerprint of the entire document is computed. This hash is mathematically unique to the document's exact contents.
The hash, signature, and metadata are embedded in the document. Both parties receive an identical, sealed copy.
SHA-256 produces a completely different hash if even a single bit of the document is changed. There's no way to alter a CalmSign document without the tampering being detected.
CalmSign logs the full lifecycle of every document: creation, delivery, viewing, signing, and verification. Each event includes a timestamp, IP address, and device information.
Every signed document carries a SHA-256 seal over an immutable snapshot. CalmSign verifies that seal automatically and surfaces any tampering — backed by a full audit trail of who signed, when, from which IP and device.
Data is encrypted in transit and at rest using industry-standard TLS and AES-256, so documents stay protected on the wire and in storage.
We don't embed third-party analytics or tracking scripts in the signing experience. Your signers' data stays between you and them.
CalmSign is designed with privacy by default. We collect only what's needed for the signature process and nothing more.
Delete your documents anytime. When you delete, we remove the document from our systems entirely — no residual copies.
Every document is tamper-proof from day one. Free to start.
Create free account