Does pdf2sign store a copy of my PDF?

No. The file is loaded into a JavaScript ArrayBuffer in your browser tab and discarded when you close the tab. Nothing about the file is sent to our servers.

Can I verify that no upload happens?

Yes. Open your browser DevTools, switch to the Network tab, and sign a document. You will not see any POST or PUT request carrying your PDF — only the initial static assets for the page itself.

What about my signature image — is that stored?

Only if you opt in. Guest users sign a PDF once and the signature is discarded. If you sign in and explicitly save a signature, it is stored in Supabase Storage under your user ID and protected by Row Level Security. You can delete it at any time from your account page.

Is an electronic signature legally binding?

In most jurisdictions, yes. The US ESIGN Act and UETA, EU eIDAS, and equivalent laws in the UK, Canada, and Australia all recognise e-signatures for the vast majority of contracts. If a document requires notarisation, you still need a notary separately.

Is the signed PDF the same quality as Adobe Acrobat produces?

Yes. pdf2sign uses pdf-lib, a widely-used pure-JavaScript PDF library. The output is a standard PDF that opens in Acrobat, Preview, Chrome, any PDF viewer, and prints normally.

Security & privacy

Your PDF stays on your device.

pdf2sign is built so that sensitive documents never touch a server — not ours, not any vendor's. This page explains how the architecture works, how you can verify it yourself, and what the tool does and does not store.

The signing tool is 100% client-side

When you visit pdf2sign.app/sign, your browser downloads a few hundred kilobytes of HTML, CSS, and JavaScript. Those assets include:

react-pdf — renders PDF pages to an HTML canvas
pdf-lib — embeds signatures into PDFs and writes the output
react-signature-canvas — captures your pen strokes

Every one of these libraries runs in your browser tab. When you drop a PDF onto the editor, the browser's File API hands us the raw bytes. We never make a network request carrying your document — there is no POST /api/sign endpoint, no PUT to cloud storage, nothing.

How to verify it yourself

Open pdf2sign.app/sign in Chrome, Firefox, or Safari.
Open DevTools → Network tab. Clear the log.
Drop a PDF, sign it, download the result.
Look at the Network tab. You will see the initial static assets (HTML, JS, CSS, fonts) and nothing else. No POST, no PUT, no upload.

You can also pull your Wi-Fi after the page has loaded and still complete the signing flow. It works offline because all the code is already on your machine.

What about my signature image?

Signatures behave differently depending on whether you sign in:

Guest (no account)

Your signature lives in the browser tab's memory until you close it. Nothing is persisted anywhere — not on our servers, not in your browser's local storage.

Signed in

If you explicitly click Save signature, the PNG is uploaded to Supabase Storage under your user ID. Access is guarded by Row Level Security — no other user can read or list your signatures. You can delete any saved signature from your account page; deletion is immediate and complete.

Saving signatures is the only feature that requires an account. It is entirely optional — the full signing flow is free for guests.

What pdf2sign does collect

Being straightforward about this: a few things are sent to servers, but none of them contain your PDF:

Page analytics — pdf2sign uses PostHog to count visits and measure basic events ("you uploaded a file", "you downloaded a signed PDF"). The event payload is "a PDF was downloaded", not "here is the PDF". Your documents are never serialised into analytics.
Your account email — if you sign up, we store your email address in Supabase Auth so you can log back in.
Saved signatures — only the ones you click Save on.

Read the full privacy policy for exact data retention and your rights.

Threat model

We designed pdf2sign to resist the most common privacy failures:

Compromised server — not a worry. Our servers never see your PDF, so an attacker who breaches them can't exfiltrate your documents.
Malicious insider — same argument. Nobody at pdf2sign, no contractor, no support rep can read files that don't exist on our systems.
Network interception — the tool is served over HTTPS, and since your PDF never goes over the wire, there is nothing on the wire to intercept.
Browser sandbox — modern browsers isolate tabs from one another. Your PDF bytes never leave the origin they belong to (pdf2sign.app), and they never leave your process once the tab closes.

We do not protect against a compromised device. If your laptop has malware that reads browser memory, no tool running in that browser can help. That's true of every e-signature product.

Are electronic signatures legally binding?

In most jurisdictions, yes. The US ESIGN Act (2000) and state-level UETA adoption recognise electronic signatures for nearly all contracts. The EU's eIDAS regulation covers the EU and EEA. The UK, Canada, Australia, and most major economies have equivalents.

Exceptions exist — wills, some real-estate transactions, and anything requiring notarisation still need wet ink or a notary. Check local rules for anything high-stakes.

Ready to sign something?

It takes about a minute. No account required.

Sign a PDF