Built on cryptographic signing

How signing works

AppliFlo seals signatures using PAdES (PDF Advanced Electronic Signatures), which embeds a cryptographic signature into the PDF and binds it to the document's contents through a certificate chain. If the document is altered after signing, the seal breaks and the change is detectable independently — not just within our system.

Encryption

Documents are encrypted with AES-256 at rest and protected with TLS in transit, so your files are secured throughout their lifecycle.

Audit trail

Each envelope carries a complete record of activity: who acted, when, from what IP address, and approximate geolocation — so you can show a full, time-stamped history of every signature.

AI data handling

AppliFlo uses AI to detect fields and summarize documents. Our intent is that customer and CRM data is used to operate the service for you — not to train foundation models. We are confirming the exact wording of this commitment with our team before publishing it as a formal policy.

AI data-handling statement is being finalized with our team — treat this as our current intent, not a contractual commitment yet.

Compliance

We are deliberate about compliance language. PAdES cryptographic signing is real and built. AppliFlo is designed to support ESIGN/UETA and eIDAS signing workflows.

We do not claim certifications we do not hold. We are not making “SOC 2 certified,” “HIPAA compliant,” or “eIDAS qualified” claims. As formal programs progress, we will state their status plainly here.

Sub-processors & status

A list of sub-processors and a public status page will be linked here as they are published. If you need details for a security review in the meantime, please reach out.