DashSign Privacy Policy

Effective date: June 3, 2026 Last updated: June 3, 2026

DashSign ("we", "our", or "the Extension") is a Chrome browser extension that lets you sign PDF documents directly in your browser. We built DashSign on a local-first principle: your sensitive document data stays on your device. This Privacy Policy describes exactly what we collect, what we don't, and why.

1. The short version

• We don't have a database of your documents, signatures, or profile.
• Your PDFs are processed in your browser. They are never uploaded to our servers, except for the optional Cloud Relay email feature (see §4), where they are forwarded and immediately discarded.
• We don't sell, share, or rent any of your information to third parties.
• We use a single third-party service (Stripe via ExtensionPay) to process Pro subscription payments, and an email-sending service (Resend) for the optional Cloud Relay feature. Their privacy policies apply to data they handle on our behalf.

2. What stays on your device (we never see it)

The following data is stored exclusively in your browser's local storage (chrome.storage.local) and never transmitted to any server under our control:

• Your profile information (name, title, company, email, mailing address) that you optionally enter to use as one-click placeable fields.
• Your saved signature and initials images, whether drawn, typed, or uploaded as photos.
• Your signing history (Pro users only): a local log of PDFs you have signed, their timestamps, and their cryptographic hashes.
• The Pro Activation Agreement record — the version and timestamp at which you consented to use electronic signatures (legal recordkeeping; stored locally).
• Your preferences, including which send method is your default, whether you've dismissed onboarding banners, and your welcome-flow progress.
• Your recently seen PDFs list (file names and URLs of PDFs DashSign detected in your tabs or downloads). This is cached in chrome.storage.local for up to 24 hours and capped at 10 entries.

You can delete all of this at any time using the "Clear all data" button in DashSign's Settings tab. Uninstalling the extension also removes all of it.

3. What we receive (and why)

We receive the following limited information from third parties acting on our behalf:

Pro subscription status

When you upgrade to Pro, payment processing is handled by Stripe via a service called ExtensionPay. We receive a unique subscription token from ExtensionPay that lets your DashSign installation verify your Pro entitlement. We do not receive your credit card number, billing address, or full name; those are handled entirely by Stripe under their privacy policy (https://stripe.com/privacy).

We may receive your email address from ExtensionPay solely to restore Pro on another device or after a reinstall.

Crash and error reports

The Chrome Web Store may automatically send us anonymized crash reports if the extension throws unhandled errors. These reports do not include the contents of any PDF and are used only to fix bugs. You can disable this in Chrome's settings.

4. Cloud Relay (optional Pro email feature)

If you are a Pro user and you choose "DashSign Cloud Relay" as your send method:

1. The signed PDF is transmitted over HTTPS to our serverless function, along with the recipient's email address, your reply-to address, and the subject and body of the email you composed.
2. Our function holds the PDF in memory only — never written to disk, never logged — long enough to dispatch the email to your recipient through our email infrastructure.
3. As soon as the send completes, the memory holding the PDF is released. We do not retain copies of the signed PDF, the message body, or the message contents anywhere on our systems.
4. We do keep a minimal access log (timestamp, your Pro token, no document content) for the purpose of rate-limiting (100 sends per user per day) and abuse detection. These logs are retained for 30 days and then deleted.

If you select "Send from my Gmail" or "Open in default mail app" instead, none of this applies — your PDF and message do not pass through our servers.

5. Server-side audit records (Pro feature, opt-in)

If you opt into server-side audit records (Pro feature, off by default), the following minimal data is recorded on our server for each signed document:

• The SHA-256 hashes of the original and signed PDF (not the PDFs themselves; hashes cannot be reversed into document content)
• Your email address as the signer
• An ISO timestamp of the signing event
• A reference to the version of the Pro Activation Agreement you consented to

Why: this lets recipients independently verify, via a public URL on our site, that a document hash was signed by you at a specific time, without trusting your local device clock alone. This makes the audit trail more legally defensible.

You can disable this at any time in Settings → Audit trail.

6. What we do NOT collect

We do not collect, store, or transmit:

• The contents of PDFs you sign (except briefly during Cloud Relay transmission, see §4)
• Your typed signature drawings, photos, or saved signature images
• Browsing history, page contents, cookies, or login credentials
• Your IP address, beyond standard server-access logs for the Cloud Relay function (kept 30 days, used only for abuse detection)
• Usage analytics, behavioral tracking, or telemetry of any kind
• Any data from PDF tabs you have open while DashSign is installed but inactive

DashSign does not include third-party analytics scripts, advertising trackers, or external telemetry SDKs of any kind.

7. Permissions we request

We request the following Chrome permissions for the reasons stated:

• storage — to save your local signatures, profile, and preferences on your device.
• activeTab — to detect when you're viewing a PDF and offer to sign it.
• tabs — to read tab URLs (only to surface "recently seen" PDFs) and to redirect the current tab to DashSign's viewer when you click "Sign this PDF".
• contextMenus — to add a "Sign with DashSign" right-click option on PDF links.
• scripting — to inject DashSign's content script for PDF detection on web pages.
• downloads — to surface PDFs from your downloads list in the "Recently seen" panel, and to save signed PDFs to your downloads folder.
• <all_urls> host permission — required to detect and sign PDFs hosted on any website. We do not read or interact with page content unless the page is a PDF you've asked DashSign to handle.

We never use these permissions to read non-PDF page content, track your browsing, or collect any data beyond what is described in this policy.

8. Your rights

You have the right to:

• Access any data we hold about you (subscription status, audit records you opted into).
• Delete your local data anytime via "Clear all data" in Settings, or by uninstalling the extension.
• Cancel your Pro subscription anytime via Stripe's customer portal (link in Settings).
• Withdraw consent to use electronic signatures (ESIGN/UETA), which cancels the Pro tier and removes server-side audit records.
• Request a copy of any server-side audit records associated with your email address by contacting us at the address below.
• Lodge a complaint with your local data protection authority if you are in the EU/UK or California.

For users in California, you have additional rights under the CCPA (right to know, delete, opt out of sale). DashSign does not sell personal information.

For users in the EU/UK, our legal basis for processing the limited data described above is your consent (Pro subscription, Cloud Relay opt-in) and our legitimate interest in maintaining the service (rate-limiting, abuse detection).

9. Children

DashSign is not directed at children under 13. We do not knowingly collect data from children under 13.

10. Changes to this policy

If we materially change this policy, we will notify Pro users by email and post a notice in the extension. The "Last updated" date at the top reflects the most recent version.

11. Contact us

For privacy questions, data requests, or to report a concern:

hello@dashsign.app B2C Innovate LLC