Data security and controls you can count on

Sign In App helps organizations support regulatory and operational requirements including GDPR, HIPAA, ITAR, OSHA, NISPOM, SIC/SIMS, and internal governance policies.

Sign In App is a cloud based service hosted in Tier 4 data centres. When starting a trial or purchasing a subscription, you can select from one of six data storage regions; UK (London), EU (Germany), US (Ohio or N. California), Canada (Montreal) and Asia-Pacific (Sydney). All visitor data and backups are stored and replicated within the region you select. Our data centres employ physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorised entry.

Yes. All data is encrypted in transit using TLS 1.2/1.3, with encrypted backups and secure infrastructure protections in place.

Retention policies can be customized by organization, site, and visitor type to align with operational and regulatory requirements.

Comprehensive audit logs, automated records, reporting tools, and configurable workflows help organizations maintain accurate documentation and simplify audits.

For additional information about security, privacy, or compliance, contact privacy@signinsolutions.com.

During any disruption to the Sign In App service, your app will continue to operate in offline mode. We will notify all clients within one hour if an extended period of disruption is expected. All data is backed up and our disaster recovery procedures are outlined as part of our ISO27001 certification.

Your data is continually backed up and replicated between two data centres. All backups are encrypted and retained for 14 days.

ISO 27001 is a specification for an information security management system (ISMS) as defined by the International Organization for Standardization (ISO). It’s a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. Simply put, it ensures that an organisation strictly controls all aspects of information security. Sign In App Ltd is ISO27001 certified with certificate number 122520.

We can sign a Business Associate Agreement (BAA) when your use of our products Sign In App and/or Sign In Scheduling involves U.S. Personal Health Information (PHI). Just let us know and we’ll send our standard BAA for quick review and e-signature. Please note that HIPAA compliance remains your organization’s responsibility and the BAA simply sets the terms for handling PHI when you use our services. Learn more here.

Sign In App acts as your data processor for visitor data. Our responsibilities include ensuring your data is secure, providing transparency around where the data is stored and providing features to allow you to control your data in line with your GDPR policies. Ethical data protection has always been a key part of Sign In App and the GDPR has only strengthened this since coming into force. With Sign In App you can set your own data retention rules, customise the data collected for each visitor type and present policies and opt-in options to visitors. You can also rest assured that your visitor data stays in the region you choose.

We also have an IASME certificate of assurance issued to us for GDPR compliance. This is attained following a self-assessment against the IASME governance standards which are verified by IASME.

Cyber Essentials is an official UK government-backed scheme that protects our organisation against a whole range of the most common cyber attacks.