Skip to main content
SignatureAPI complies with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), where applicable. This page provides a brief overview of what CCPA is and how our compliance commitments are addressed contractually.

What is CCPA?

The California Consumer Privacy Act (CCPA) is a California state privacy law that governs how businesses collect, use, and disclose personal information of California residents. The CPRA expands and amends the CCPA, adding additional consumer rights and obligations around data processing and protection. Together, these laws establish requirements related to transparency, consumer rights, data use limitations, and security safeguards.

CCPA at SignatureAPI

When customers use SignatureAPI, they act as the business (or controller), and SignatureAPI acts as a service provider, processing personal information only to provide the services described in our Terms and on the customer’s instructions. SignatureAPI does not sell or share customer personal information as those terms are defined under CCPA, and processes personal information solely for permitted business purposes.

Data Processing Addendum (DPA)

SignatureAPI’s CCPA and CPRA obligations are governed by our Data Processing Addendum (DPA), which forms part of our Terms and Conditions. The DPA defines our role as a service provider, limits data use, and sets out security and confidentiality commitments. You can review the full DPA here: Data Processing Addendum.