Who We Are
Signeting is an AI-powered email signature creation and management platform operated by NexString Tech Pvt Ltd, a company registered in India.
This Privacy Policy applies to the Signeting website at signeting.com, the Signeting web platform, and the Signeting Chrome browser extension.
By using any part of the Signeting service, you agree to the practices described in this policy. If you do not agree, please do not use our services.
FL No 2, Yashwant Sankul, Rajarampuri 7th Lane
Kolhapur, Maharashtra, India 416008
privacy@signeting.com
What We Do NOT Access
Signeting does not access, read, store, scan, or transmit any Gmail data — ever.
Specifically, we do not access:
- ✕ Your email messages, subject lines, body content, or attachments
- ✕ Your Gmail contacts, calendar, or Google Drive
- ✕ Any email metadata (recipients, timestamps, thread IDs)
Our Google OAuth integration requests only basic profile scopes: your name, email address, and profile picture — used solely for authentication. We use no restricted or sensitive Gmail API scopes whatsoever.
Our Chrome extension operates via DOM injection — it inserts your signature HTML into the Gmail compose window client-side only. No email data is read, captured, or sent to our servers.
What Data We Collect
Data You Provide Directly
| Data Type | Where Collected |
|---|---|
| Name, email address, profile picture | Google OAuth sign-in (authentication only) |
| Signature content (text, images, links, design) | Signeting web platform |
| Business information (company, job title, website, phone, social links) | Signature builder |
| Uploaded images and logos | Signature builder (stored on Cloudflare R2) |
| Support messages | Freshchat support widget, email |
Data Collected Automatically
| Data Type | Source |
|---|---|
| IP address and approximate geolocation | Server logs, Cloudflare |
| Browser type, OS, screen resolution, device info | Web server logs, analytics |
| Pages visited, time spent, referral source | Analytics tools |
| Session and authentication tokens | Platform cookies |
| Signature link click counts and banner engagement | Optional tracking features (only if enabled by you) |
Planned: When paid plans launch, payment data will be processed exclusively by Stripe. NexString Tech Pvt Ltd will not store raw payment card data on our servers.
Why We Collect Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Account creation and authentication | Contract |
| Delivering the signature creation service | Contract |
| Storing and serving your uploaded assets | Contract |
| Sending transactional emails | Contract |
| Providing support via chat and email | Legitimate Interest |
| Improving platform performance and features | Legitimate Interest |
| Security, fraud detection, abuse prevention | Legitimate Interest |
| Optional signature analytics (link tracking) | |
| Complying with legal obligations | Legal Obligation |
We do not sell your personal data to any third party. We do not use your data for advertising profiling or retargeting.
How the Service Works
Copy and Paste Method (Primary)
You design your signature on the Signeting platform, then copy the finished HTML and paste it into your email client's signature settings (Gmail, Outlook, Apple Mail, etc.). No data is transmitted during use — your email client handles delivery entirely.
Chrome Extension Method
The Signeting Chrome extension detects when you open a Gmail compose window and injects your pre-built signature HTML into the compose area client-side. The extension does NOT read your email content, subject lines, recipients, or any Gmail data. It does NOT send any data from your Gmail session to our servers. It only communicates with Signeting's servers to fetch your saved signature content.
Optional Signature Analytics
If you enable tracking for your signatures, we embed tracked links that record clicks and engagement. This is opt-in only and clearly disclosed within the platform before activation. Tracked interactions are attributed to your signature, not to the email recipients' identities.
Third Parties We Share Data With
We share personal data only with the service providers necessary to operate the platform. We do not share data with ad networks, data brokers, or any third party for marketing purposes.
| Provider | Purpose | Data Shared |
|---|---|---|
| OAuth authentication; Chrome extension distribution | Name, email, profile picture | |
| Cloudflare | CDN, DNS, security, R2 asset storage | Uploaded images/logos, IP address |
| Brevo | Transactional email delivery | Email address, name |
| Freshchat | In-app support chat | Name, email, support messages |
| Hostinger | VPS infrastructure hosting | Server-side data at rest |
| Stripe (planned) | Payment processing for paid plans | Billing data (not stored by us) |
All providers are contractually required to process your data only as instructed and to implement appropriate security measures.
International Data Transfers
NexString Tech Pvt Ltd is based in India. The third-party providers listed above may process your data in the United States or other countries. When transferring personal data from the European Economic Area (EEA) or United Kingdom, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other transfer mechanisms recognised under applicable law.
For Indian users, international transfers are handled in compliance with the Digital Personal Data Protection Act 2023 (DPDP Act) and applicable rules.
How Long We Keep Your Data
| Data Type | Retention Period |
|---|---|
| Account data (name, email, profile picture) | Until account deletion + 30 days |
| Signature content and uploaded assets | Until deleted by user or account deletion + 30 days |
| Support chat history | 2 years from last interaction |
| Transactional email logs (Brevo) | 1 year |
| Analytics and usage data | Up to 26 months |
| Server and IP logs | Up to 90 days |
| Payment records (when Stripe launches) | 7 years (legal/tax obligation) |
| Backup copies | Up to 90 days after deletion |
When you delete your account, we initiate deletion of your personal data within 30 days, except where retention is required by law.
Data Security
HTTPS/TLS encryption across all platform communications
Cloudflare CDN and DDoS protection on all traffic
VPS-level security on Hostinger infrastructure (firewall, access controls)
Access controls limiting internal access to personal data on a need-to-know basis
Cloudflare R2 for secure, isolated asset storage
No storage of raw payment card data — Stripe handles this end-to-end
No system is 100% secure. If you believe your account has been compromised, contact us immediately at privacy@signeting.com.
Your Rights
EU / UK Residents (GDPR / UK GDPR)
Access
Request a copy of the personal data we hold about you
Rectification
Ask us to correct inaccurate or incomplete data
Erasure
Request deletion of your personal data ("right to be forgotten")
Restriction
Ask us to limit processing while a dispute is resolved
Portability
Receive your data in a structured, machine-readable format
Object
Object to processing based on legitimate interests or direct marketing
Withdraw Consent
Withdraw consent at any time (e.g. for optional signature analytics)
Lodge a Complaint
With your local supervisory authority (e.g. ICO in the UK)
California Residents (CCPA / CPRA)
Know
What personal information we collect, use, disclose, or sell
Delete
Request deletion of your personal information
Correct
Request correction of inaccurate data
Opt Out of Sale
We do not sell or share personal data for advertising
Indian Residents (DPDP Act 2023)
Access
Obtain a summary of your personal data and how it is processed
Correction & Erasure
Request correction or deletion when no longer needed
Grievance Redressal
Lodge a complaint; we respond within a reasonable time
Nominate
Designate a person to exercise your rights in the event of death or incapacity
To exercise any of these rights, contact privacy@signeting.com. We will respond within 30 days (EU/UK/India) or 45 days (California).
Children's Privacy
Signeting is intended for users aged 16 and older. We do not knowingly collect personal data from anyone under 16. If we become aware that a user under 16 has created an account, we will delete it and associated data promptly.
Contact privacy@signeting.com if you have concerns.
Links to Third-Party Sites
Signatures you create may contain links to third-party websites. The Signeting platform may also link to external resources. This Privacy Policy does not apply to third-party sites. We encourage you to review their privacy policies independently.
Changes to This Policy
We may update this Privacy Policy as the platform evolves or as laws change. When we do:
- The version number and "Last Updated" date will be updated at the top
- Registered users will be notified by email at least 14 days before material changes take effect
- A notice will be posted on signeting.com
Continued use of the Service after the notice period constitutes acceptance of the updated Policy.
Contact Us
Have a privacy question?
To exercise your rights, ask a question, or raise a concern about how we handle your data, our team is here to help. We aim to respond to all privacy-related requests within 30 days.
NexString Tech Pvt Ltd · FL No 2, Yashwant Sankul, Rajarampuri 7th Lane, Kolhapur, Maharashtra, India 416008