SigningOSSigningOS

Last updated: May 4, 2026

Security & Compliance

SigningOS handles non-public personal information (NPI) tied to loan closings. We treat that as a serious responsibility. This page documents the technical and administrative controls in place, and the industry standards we align to.

Standards We Align To

No third party certifies mobile applications as "CFPB-compliant" — no such certification exists. Instead, SigningOS is built to align with the recognized standards that cover any business handling consumer financial data:

  • FTC Safeguards Rule (16 CFR Part 314, revised 2023) — the federal information security standard for financial institutions and their service providers.
  • GLBA Privacy Rule (15 U.S.C. §6801–6809) — federal privacy obligations for entities handling consumer financial information.
  • CFPB Bulletin 2012-03 (and Bulletin 2016-02) — third-party service provider expectations for vendors that touch consumer NPI.
  • NSA Code of Conduct— the National Notary Association's 10-point professional standard for Notary Signing Agents.
  • CCPA / state privacy laws — consumer access, export, and deletion rights.

Designated Qualified Individual

Per FTC Safeguards Rule §314.4(a), responsibility for our information security program is assigned to a single named individual: Shea Frison-Muhammad, Founder. Security questions can be directed to support@signingos.app.

Encryption

  • In transit: all network traffic uses TLS 1.2+. The app never makes plain HTTP requests.
  • At rest (cloud): Supabase storage and Postgres data are encrypted at rest with AES-256.
  • At rest (device): local signing-order data uses encrypted SQLite. The app supports device-level PIN and biometric (Face ID / Touch ID) lock.

Access Controls

  • Authentication via Supabase Auth or Apple Sign In.
  • Every database table enforces row-level security (RLS). A user can only read or write rows they own.
  • Every server function (Supabase Edge Function) verifies the caller's JWT before doing any work, then re-checks ownership before reading or modifying data.
  • Storage objects are scoped per user. A user's files cannot be retrieved by another user under any condition.
  • Apple Sign In accounts inherit the Apple ID's account protections, including two-factor authentication when enabled at the Apple ID level. The Supabase Auth platform supports TOTP and WebAuthn for accounts that opt into them.

Data Handling

  • PDF loan documents are stored only temporarily for AI-assisted scanning and are deleted from server storage after processing completes.
  • Borrower information (name, address, appointment details) is entered by the LSA themselves and stored locally on the device, with optional encrypted cloud sync to the LSA's account.
  • No third-party analytics or advertising SDKs are embedded in the app. We do not sell or share data for marketing purposes.
  • Data residency: all cloud data is stored on US-based Supabase infrastructure.

Vendor Management

Per FTC Safeguards Rule §314.4(f), we maintain a current list of every subprocessor that handles SigningOS data, what data they touch, where they operate, and a link to each vendor's own privacy program. The full list is published at signingos.app/subprocessors.

Incident Response

In the event of a security incident affecting customer data, we commit to notifying affected users without unreasonable delay and, in any event, within the timeframes required by applicable state breach notification laws (typically 30 to 60 days) and the GLBA Safeguards Rule. Notifications include the nature of the incident, the data affected, the steps we are taking, and what users can do to protect themselves.

Risk Assessment

Per FTC Safeguards Rule §314.4(b), we conduct a written risk assessment of foreseeable internal and external threats to customer information. The assessment covers authentication, authorization, data transmission, data storage, third-party service providers, mobile device risk, and AI-assisted document processing. Findings drive ongoing remediation work, with high-priority items tracked in version control alongside the codebase.

Audit & Logging

Authentication events, server function invocations, and storage access are logged at the platform level via Supabase. Database changes are timestamped on every row. Logs are retained per platform default retention windows and reviewed during incident triage. A user-scoped audit-event ledger (data exports, account deletions, and similar user-impacting events) is rolling out in our next App Store update (build 96) and the matching database migration.

User Rights

  • Account deletion — triggered from inside the app. Deletes all account data and purges associated stored files server-side.
  • Data export — your signing-order data is stored locally on your device and accessible at any time. An in-app one-tap JSON export of all account data (orders, mileage, credentials, payments, journal entries, portal jobs, receipts) is rolling out in our next App Store update (build 96).
  • Opt-out — push notifications can be disabled at any time via iOS Settings.

For Title Companies & Lenders

If a title company or lender is conducting due diligence on SigningOS as a tool used by one of your contracted notary signing agents, the following resources are available on request:

  • Written Information Security Program (WISP)
  • Subprocessor list with data flow detail
  • Incident response plan summary
  • Data Processing Agreement (DPA) on request for enterprise engagements

Send requests to support@signingos.app.

Contact

Security questions or to report a vulnerability:
support@signingos.app

General privacy questions: Privacy Policy