Evidence and controls built for legal review.
How SumoSign handles encryption, audit trails, tenant isolation, and exportable evidence — without claiming certifications we have not earned.
Encryption in transit
TLS on every connection — API calls, signing ceremonies, webhook deliveries.
Document hashing
SHA-256 hash in the completion certificate. Tamper detection is built into the evidence bundle.
Append-only audit trail
Every action logged with timestamp, IP address, and user agent. Actor type always recorded: human, API key, recipient, or system.
Tenant isolation
Organization-scoped data paths and API keys. Queries enforce tenant boundaries at the database layer.
ESIGN / UETA alignment
Signer intent capture, consent records, and audit-grade evidence structured for US enforceability.
Evidence export
Certificate of completion plus raw audit JSON — downloadable for counsel and compliance review.
An audit log you would not be embarrassed
to send to outside counsel.
Every relevant event is captured at the moment it happens. Each entry records the actor type — human, API key, recipient, or system — along with identity, IP address, and user agent where applicable.
Events captured
- Envelope created, sent, delivered, opened, viewed, signed, completed
- Voided, expired, signer replaced, reminder sent
- Webhook delivered, access-code failure
Structured for review,
not screenshots.
The audit table is append-only by design. Completed signed PDFs and certificates are written to object storage with Object Lock so they cannot be tampered with or deleted within the retention window — even by an admin.
- Certificate of completion generated at envelope completion
- Evidence bundle: signed PDF + certificate + raw audit JSON
- Completed PDFs stored with Object Lock within the retention window
- Append-only audit table — application role cannot update or delete rows