Permissions, Privacy and Security - Windows Apps

Permissions

The following table shows the required permissions and why our apps need it:

Commercial Namexyzmo Signature Capture AppSIGNificant Client Signature Capture AppSIGNificant SignAnywhere AppSIGNificant SignOnPhone App
Permission



Enterprise Authenticationnot requiredfor Basic Authenticationnot requirednot required
InternetLine-of-business: for communication with SIGNificant license serverfor communication with SIGNificant server platformfor communication with SIGNificant server platformfor communication with SIGNificant server platform
Locationfor GPS and WLAN locationfor GPS and WLAN locationfor GPS and WLAN locationnot required
Private networksLine-of-business: for communication with SIGNificant license server (within Intranet)for communication with SIGNificant server platform (within Intranet)for communication with SIGNificant server platform (within Intranet)for communication with SIGNificant server platform (within Intranet)
Proximitynot requirednot requirednot requiredused to initiate Bluetooth communication with 'xyzmo Client'
Webcamfor appending attachments, pages or picture annotationsfor appending attachments, pages or picture annotationsnot requiredfor scanning a QR code

Privacy and Security

The Apps are working with the SIGNificant server to enable the signature features. The server is typically hosted by the creator of the document or in some cases directly by Namirial.

The provided data is transferred encrypted (via HTTPS) and stored safely on the SIGNificant server. If Namirial is hosting the service, we will not share the data with others. Biometric signature data is highly encrypted via RSA and AES-256 directly on the user’s device to prevent any misuse.

The following table shows which personal data is processed by our SIGNificant servers:

Namirial AppInformation processed by SIGNificant server
(hosted by creator of document or in some cases by Namirial)
xyzmo Signature Capture App
  • Standalone App (no data processed by Namirial)
SIGNificant Client Signature Capture App (SIGNificant E-Signing Client)
  • RSA & AES encrypted biometric signature will be transferred and stored temporary on a SIGNificant server. The signature will just be decrypted when the biometric verification is required for the document. Encryption of the signature is done on the user's device.
  • Attachments & Form-Data selected or entered by the user
  • Geo-Location and necessary user actions for the document audit-trail
SignAnywhere App
  • GUID and e-mail for licensing
  • RSA & AES encrypted biometric signature will be transferred and stored temporary on a SIGNificant server. The signature will just be decrypted when the biometric verification is required for the document. Encryption of the signature is done on the user's device.
  • Attachments & Form-Data selected or entered by the user
  • Geo-Location and necessary user actions for the document audit-trail
SIGNificant SignOnPhone
  • GUID and e-mail for licensing
  • RSA & AES encrypted biometric signature will be transferred and stored temporary on a SIGNificant server. The signature will just be decrypted when the biometric verification is required for the document. Encryption of the signature is done on the users’ device.

Access to the data of the document have just the creator of the document and the signer (user of apps). Responsible for transporting the document-access-link is the creator of the document (e.g. via Email). Documents typically are temporary on a SIGNificant server and will be removed after the document is finish into a protected archive. Documents at servers, hosted by Namirial, are stored temporary (time is set up by creator of the document).

All connections to the server are logged for support and metrics reasons. Therefore, the IP address and actions are stored in the log files.

Namirial doesn’t share any data with others. If you have any questions about apps, privacy or security feel free to contact us.