Privacy Policy
Last updated: 05/01/2026
This Privacy Policy explains how we collect, use, store, and protect personal data when you use the SignatureForEmail.com service and website (the “Service”), in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
1. Data Controller
The data controller responsible for processing your personal data is:
IT Solutions Krzysztof Carewicz
78-520 Złocieniec, Poland
Email: Show email
If you have any questions about this Privacy Policy or how we handle personal data, you can contact us at the email address above.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
- Account data: name, email address, login credentials
- Billing data: payment status, subscription type (payments are handled by third-party payment providers; we do not store full payment card details)
- User-generated content: email signatures with all personal data, uploaded images (e.g. profile photos, logos, banners, icons)
- Technical and usage data: IP address, timestamps
- Communication data: messages sent via contact forms or email support
3. Purposes and Legal Bases for Processing
We process personal data only when we have a lawful basis under GDPR:
Purpose | Legal basis |
Creating and managing user accounts | Performance of a contract |
Providing the Service and its features | Performance of a contract |
Processing payments and subscriptions | Performance of a contract |
Customer support and communication | Legitimate interest |
Improving the Service and website analytics | Legitimate interest or consent |
Marketing emails (if enabled) | Consent |
Legal compliance and fraud prevention | Legal obligation |
Where processing is based on consent, you may withdraw that consent at any time.
4. Cookies and Similar Technologies
We use cookies and similar technologies to operate the website and analyse usage.
- Essential cookies are required for the Service to function.
- Non-essential cookies (e.g. analytics) are used only with your consent, where required by law.
Details about cookies, purposes, and how to manage preferences are available in our Cookie Policy.
5. Data Retention
We retain personal data only for as long as necessary:
- Account data: for the duration of the account and up to six months after deletion, unless the account involved any payments. In this case, we keep records until the user requests data deletion.
- Billing records: as required by tax and accounting laws
- Uploaded content: while the account is active or until deleted by the user
- Support communications: up to 12 months
Retention periods may be extended where required by law or to establish, exercise, or defend legal claims.
6. Data Sharing and Processors
We may share personal data with trusted third parties who process data on our behalf, such as:
- Hosting and infrastructure providers
- Payment processors
- Analytics and email service providers
All processors act under data processing agreements and only process data according to our instructions and applicable law.
We do not sell any personal data.
7. International Data Transfers
Some of our service providers may process data outside the European Economic Area (EEA).
Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.
8. Your Rights Under GDPR
If you are located in the EU or your data is subject to GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Request erasure (“right to be forgotten”)
- Restrict processing
- Data portability
- Object to processing based on legitimate interests
- Withdraw consent at any time
To exercise your rights, contact us at Show email
9. Is Providing Data Mandatory?
Some personal data (such as an email address) is required to create an account and use the Service.
If you choose not to provide required data, the Service may not be available to you.
Other data (such as marketing consent) is optional.
10. Security Measures
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.
No system is 100% secure, but we continuously improve our safeguards.
11. Children’s Privacy
The Service is not intended for children under the age of 16.
We do not knowingly collect personal data from children.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
The latest version will always be available on this page, with the updated date shown at the top.
13. Contact
If you have questions about this Privacy Policy or our data practices, contact:
Email: Show email