Penneo aims to deserve your trust
What we provide for our customers is not just a software that manages digital signing processes and documents. It’s a solution to securely handle some of the most critical aspects of a business.
At Penneo, we strive to take care of the full compliance, security and legality of our services in order to meet our customers' expectations day by day.
That's how we earn and preserve our most significant asset: their trust.
Trust & Transparency
How Penneo improve your digital experience
Abiding by international legislations and security standards is the basis of our pyramid of priorities and we are committed to keeping our policies and practices up-to-date with the latest news in the global legal landscape.
- Is Penneo compliant with e-signature laws?
- Does Penneo meet the data protection requirements?
- How does Penneo demonstrate its compliance with international security standards?
Being as legally binding and valid as traditional signatures placed with ink on paper, Penneo's digital signatures can be used as proof of Authenticity, Data Integrity and Non-repudiation of e-signed documents.
- How do digital signatures work exactly?
- Is it true that digitally signed documents have legal value and can be used as evidence in legal proceedings?
- Do Penneo solutions take into account the requirements set by the AML regulations regarding KYC processes?
Whenever processing of personal data is involved, what ultimately makes the difference is the level of protection guaranteed to people's privacy. At Penneo we embraced the principle of transparency as a key value of our business.
- What's GDPR? Does it apply to you?
- What is Penneo's role under GDPR?
- How can Penneo help customers with GDPR-compliance process?
Product reliability and IT security build our customers loyalty. With our risk-based approach Penneo ensures business continuity and high-level services on a daily basis.
- How does Penneo's security management systemwork?
- How are personal data stored and encrypted?
- How can I reduce risks and protect my business from online security threats?
At Penneo we strongly believe that digitalization and transparency must necessarily travel along two parallel paths. Today, digital signing is not just about the signature itself but more about everything it implies: technical security, legal requirements to meet, protection of personal data, proper storage and sharing of business documents and, last but not least, overarching compliance.
It's time to take advantage of cross-border business opportunities while increasing efficiency and safety of your business.
Penneo's strategic goals can be summarized as follows:
- ensure confidentiality and safety of customer data
deliver signed documents with verifiable properties such as
- the identity of the signer(s) can be uniquely established (Authenticity)
- the signer(s) cannot deny having signed the document (Non-repudiation)
- the document cannot be modified undetected (Integrity)
- keep product reliability and availability as close to 100% as possible
- maintain Penneo services up to date with relevant legislation
What we do to achieve these goals:
Being compliant with legal requirements is our top priority
Our ongoing commitment translates into a constant adaptation of our activities in order to always meet the requirements of e-signature laws worldwide. Penneo is built on trust and is shaped to answer the current and future European market demands. Our product complies with all the most demanding technical standards laid down in the electronic Identification, Authentication and trust Services EU Regulation n. 910/2014 (eIDAS). Accordingly, Penneo's digital signatures are as legally binding and valid as traditional signatures placed with ink on paper. Both the signatory and the recipient can thus have more convenience, trust and security.
Protecting our customers and their businesses privacy is a crucial factor in our mission
One of Penneo's most important tasks is to ensure that all the requirements set forth in the GDPR supporting our services are met and help you conforming with your compliance obligations. Data protection is one of the subjects Penneo always tries to be on top of; to this end, our starting point for everything we do is to acknowledge our responsibility as your trustworthy data processor and to be transparent about how data is used and safeguarded. Our IT-system periodically undergoes third-party audits and assessments and it's hosted on locations within the EU by the market-leading cloud infrastructure services Amazon Web Services, a highly secure global Data Center that maintains the highest levels of compliance.
Digital identification and authentication: our solution to validate the identity of your customers
All companies need to verify the identity of their clients, either before or during the time that they start doing business with them, along with the potential risk factors or illegal intentions towards the business relationship. The security of electronic identification schemes is not only prescribed under AML regulations to minimize the risk of fraud, it’s also essential in the client-business relationship lifecycle and becomes even more crucial when cross-border electronic interactions need to take place. To make Know-Your-Customer processes smoother and address all your concerns, Penneo created a solid solution based on the identity validation through eID. Penneo's KYC form lets your customers handle everything using their national digital IDs directly from their computer or smartphone: signers are exclusively identified by means of Digital IDs issued by Certificate Authorities (CAs) or Qualified Trusted Service Providers (TSPs), whose qualified status granted that they meet the security requirements laid down in the eIDAS Regulation.
Compliance as an opportunity for your business
Meeting legal and security requirement leads companies to notable results in terms of customer loyalty, trust and confidence. Turning from a legal burden to a competitive differentiator, being compliant undoubtedly represents a crucial aspect when it comes to choose a company to do business with. On one hand, establishing compliance as a daily goal spreads a profound culture of security within the company; moreover, it shows transparency and helps building a thorough and lasting trust.
Penneo's two-fold approach to ensure high-level security
Aiming to protect its customers and their data, Penneo supports the robust security requirements through the implementation of a dual strategy that includes the operational security and the technical safety of the signature. The first approach concerns security in hosting, data processing and internal procedures and it is assured by third-party audit reports, while the technical safety of the signature concerns the principles and technologies used to produce and protect our digital signature solution, from authentication to encryption.
Third-party audit reports and compliance with the highest international security standards
Penneo lives up to the trust customers put into our services by demonstrating a formal commitment to security and compliance. Our dedication is not limited to achieving certifications and renewing them. It's the core of our security strategy. Penneo's ongoing investment includes audit oversights and monitoring mechanisms to ensure the most advanced protection to our customers and their data. In addition to receiving a yearly security report ISAE 3000, Penneo's IT-governance is based on ISO/IEC 27001 (2013) and our digital signatures are built on PAdES and follow the cryptographic standards defined by NIST to protect PII. Penneo securely manages your data in compliance with the Trust Service Criteria described by SOC 2 and hosts its IT-systems and websites in AWS (Amazon Web Services) on locations within the EU (Frankfurt region, Germany and Dublin region, Ireland).
Trustworthiness, probative value, end-to-end encryption: the benefits of implementing our digital solution
Legalized and recognized as being of equal value compared to their manuscript counterpart, digital signatures provide even further reliability in terms of security and data protection and enable your company to enjoy countless advantages, such as reducing waste of resources and time, automating and streamlining workflows, ensuring authenticity of both signatures and documents. Penneo can help you to better understand how the process works, up to what extent they are enforceable, what your business can obtain from their daily use. All data transfers can be end-to-end encrypted and Penneo protects not only the integrity and confidentiality of your agreements but also the critical business and personal information involved.
How we empower organizations: our role as your entrusted data processor and the advantages of Penneo digital solutions
If your company collects and holds personal data of people that are in the EU, this means that you must meet the GDPR requirements and also be able to demonstrate this compliance. Digital signatures are an essential tool to conveniently capture consent while conforming with the rules established for it. The adoption of our solution will enable your company to legally manage your privacy procedures. From our part, handling and storing personal data is an ineradicable part of supplying our software services. However, as your trusty data processor, Penneo ensures its customers greater power, awareness and control over the collection, processing and storage of personal data.
Penneo can help you to manage and automate the digital signing processes in a fast, easy and compliant way. With a single and effective solution, you can consistently reinforce your data security and privacy management, while equipping your business with an auditable and user-friendly means to comply with industry standards and legislative obligations.