Security & Trust

Your documents contain sensitive information. We take security seriously and implement enterprise-grade protection for all your data.

🔒

Encrypted

TLS 1.3 in transit, AES-256 at rest

⛓️

Blockchain

Immutable proof on Polygon

📜

Chain of Custody

Complete audit trail

⏱️

Expiring Stamps

Time-limited validity

SHA-512

Cryptographic verification

🛡️ Data Protection

Encryption

  • In Transit: TLS 1.3 encryption for all connections
  • At Rest: AES-256 encryption for stored data
  • Passwords: Bcrypt hashing with salt
  • API Keys: Encrypted storage, never logged

Data Handling

  • Temporary Files: Auto-deleted within 24 hours
  • No Content Access: We don't read your documents
  • Secure Deletion: Cryptographic erasure
  • Backup Encryption: All backups encrypted

☁️ Infrastructure Security

Cloud Hosting

  • • SOC 2 certified providers
  • • Multi-region redundancy
  • • DDoS protection
  • • 24/7 monitoring

Access Control

  • • Role-based access (RBAC)
  • • Multi-factor authentication
  • • Session management
  • • Audit logging

Network Security

  • • Web Application Firewall
  • • Rate limiting
  • • IP monitoring
  • • Intrusion detection

Document Verification

SHA-512 Cryptographic Verification

Every document processed through DocuStamper receives a unique SHA-512 hash. This allows anyone to verify that a document hasn't been tampered with since it was stamped.

  • Tamper-evident verification
  • QR code for easy verification
  • Public verification page

How Verification Works

1
Document is processed and hashed
2
Hash is embedded in document + stored
3
Anyone can verify via QR or hash lookup
Match confirms document integrity

⛓️ Blockchain Timestamping

Immutable Proof on Polygon

Document hashes are permanently recorded on the Polygon blockchain, creating tamper-proof proof that your document existed at a specific moment in time.

  • Permanent Record: Cannot be altered or deleted by anyone
  • Independent Verification: Verify on PolygonScan.com
  • ~2 Second Confirmation: Near-instant blockchain proof
  • EU eIDAS Compliant: Legally recognized timestamp

Technical Details

BlockchainPolygon (POL)
Chain ID137 (Mainnet)
Hash AlgorithmSHA-512
Data StoredHash only (not document)
Privacy: Only the document hash is recorded. Your document content remains completely private.

📜 Chain of Custody Tracking

Complete Audit Trail

Every action on your documents is automatically tracked with cryptographic integrity, creating an unbroken chain of custody for legal and compliance requirements.

  • Every Event Logged: Upload, stamp, view, download, share
  • IP Geolocation: Location tracking for each action
  • Cryptographic Chain: Each event hash links to previous
  • Tamper Detection: Any modification breaks the chain

What's Tracked

Document Upload
User, timestamp, file hash, IP, location
Stamp Applied
Stamp type, position, user, timestamp
Document Viewed
Viewer identity, timestamp, IP, location
Document Downloaded
User, timestamp, download hash
Link Shared
Sharer, recipient, permissions, expiry

⏱️ Smart Expiring Stamps

Time-Limited Document Validity

Create stamps with built-in expiration dates. When someone scans the QR code, they instantly see whether the document is still valid.

  • Fixed Date: Expire on a specific date
  • Duration: Valid for X days from stamping
  • Date Range: Valid between start and end dates
  • Real-Time Status: Live validity check on scan

Verification Status

VALIDDocument within validity period
EXPIRINGLess than 7 days remaining
EXPIREDPast expiration date

Perfect for quotes, permits, certifications, and any time-sensitive documents.

📋 Compliance

Current Status

EU eIDAS (Electronic Signatures)Compliant
PDPA (Singapore)Compliant
GDPR (EU)Compliant
ISO 27001Planned
SOC 2 Type IIPlanned

Privacy Practices

  • Data Protection Officer appointed
  • Privacy-by-design principles
  • Data Processing Agreements available
  • Right to access, correct, delete data
  • Breach notification procedures

🔐 Security Practices

Development

  • • Secure coding practices
  • • Code review requirements
  • • Dependency scanning
  • • OWASP Top 10 awareness

Operations

  • • Regular security updates
  • • Automated monitoring
  • • Incident response plan
  • • Regular backups

Testing

  • • Vulnerability scanning
  • • Penetration testing (planned)
  • • Security assessments
  • • Bug bounty (coming soon)

🐛 Report a Security Issue

If you discover a security vulnerability, please report it responsibly:

Email: [email protected]

Please include details about the vulnerability, steps to reproduce, and your contact information. We will acknowledge receipt within 48 hours and work to address the issue promptly.

Blockchain Timestamping|Chain of Custody|Expiring Stamps
Terms of Service|Privacy Policy|Contact Us