Penneo aims to deserve your trust

At Penneo we strongly believe that digitalization and transparency must necessarily travel along two parallel paths. Today, digital signing is not just about the signature itself but more about everything it implies: technical security, legal requirements to meet, protection of personal data, proper storage and sharing of business documents and, last but not least, overarching compliance.

It's time to take advantage of cross-border business opportunities while increasing efficiency and safety of your business.

Penneo's strategic goals can be summarized as follows:

• ensure confidentiality and safety of customer data

• deliver signed documents with verifiable properties such as

  • the identity of the signer(s) can be uniquely established (Authenticity)
  • the signer(s) cannot deny having signed the document (Non-repudiation)
  • the document cannot be modified undetected (Integrity)
• keep product reliability and availability as close to 100% as possible
• maintain Penneo services up to date with relevant legislation

What we do to achieve these goals:

Being compliant with legal requirements is our top priority

Our ongoing commitment translates into a constant adaptation of our activities in order to always meet the requirements of e-signature laws worldwide. Penneo is built on trust and is shaped to answer the current and future European market demands. Our product complies with all the most demanding technical standards laid down in the electronic Identification, Authentication and trust Services EU Regulation n. 910/2014 (eIDAS). Accordingly, Penneo's digital signatures are as legally binding and valid as traditional signatures placed with ink on paper. Both the signatory and the recipient can thus have more convenience, trust and security.

Protecting our customers and their businesses privacy is a crucial factor in our mission

One of Penneo's most important tasks is to ensure that all the requirements set forth in the GDPR supporting our services are met and help you conforming with your compliance obligations. Data protection is one of the subjects Penneo always tries to be on top of; to this end, our starting point for everything we do is to acknowledge our responsibility as your trustworthy data processor and to be transparent about how data is used and safeguarded. Our IT-system periodically undergoes third-party audits and assessments and it's hosted on locations within the EU by the market-leading cloud infrastructure services Amazon Web Services, a highly secure global Data Center that maintains the highest levels of compliance.

Digital identification and authentication: our solution to validate the identity of your customers

All companies need to verify the identity of their clients, either before or during the time that they start doing business with them, along with the potential risk factors or illegal intentions towards the business relationship. The security of electronic identification schemes is not only prescribed under AML regulations to minimize the risk of fraud, it’s also essential in the client-business relationship lifecycle and becomes even more crucial when cross-border electronic interactions need to take place. To make Know-Your-Customer processes smoother and address all your concerns, Penneo created a solid solution based on the identity validation through eID. Penneo's KYC form lets your customers handle everything using their national digital IDs directly from their computer or smartphone: signers are exclusively identified by means of Digital IDs issued by Certificate Authorities (CAs) or Qualified Trusted Service Providers (TSPs), whose qualified status granted that they meet the security requirements laid down in the eIDAS Regulation.

Compliance as an opportunity for your business

Meeting legal and security requirement leads companies to notable results in terms of customer loyalty, trust and confidence. Turning from a legal burden to a competitive differentiator, being compliant undoubtedly represents a crucial aspect when it comes to choose a company to do business with. On one hand, establishing compliance as a daily goal spreads a profound culture of security within the company; moreover, it shows transparency and helps building a thorough and lasting trust.

Penneo's two-fold approach to ensure high-level security

Aiming to protect its customers and their data, Penneo supports the robust security requirements through the implementation of a dual strategy that includes the operational security and the technical safety of the signature. The first approach concerns security in hosting, data processing and internal procedures and it is assured by third-party audit reports, while the technical safety of the signature concerns the principles and technologies used to produce and protect our digital signature solution, from authentication to encryption.

Third-party audit reports and compliance with the highest international security standards

Penneo lives up to the trust customers put into our services by demonstrating a formal commitment to security and compliance. Our dedication is not limited to achieving certifications and renewing them. It's the core of our security strategy. Penneo's ongoing investment includes audit oversights and monitoring mechanisms to ensure the most advanced protection to our customers and their data. In addition to receiving a yearly security report ISAE 3000, Penneo's IT-governance is based on ISO/IEC 27001 (2013) and our digital signatures are built on PAdES and follow the cryptographic standards defined by NIST to protect PII. Penneo securely manages your data in compliance with the Trust Service Criteria described by SOC 2 and hosts its IT-systems and websites in AWS (Amazon Web Services) on locations within the EU (Frankfurt region, Germany and Dublin region, Ireland).

Trustworthiness, probative value, end-to-end encryption: the benefits of implementing our digital solution

Legalized and recognized as being of equal value compared to their manuscript counterpart, digital signatures provide even further reliability in terms of security and data protection and enable your company to enjoy countless advantages, such as reducing waste of resources and time, automating and streamlining workflows, ensuring authenticity of both signatures and documents. Penneo can help you to better understand how the process works, up to what extent they are enforceable, what your business can obtain from their daily use. All data transfers can be end-to-end encrypted and Penneo protects not only the integrity and confidentiality of your agreements but also the critical business and personal information involved.

How we empower organizations: our role as your entrusted data processor and the advantages of Penneo digital solutions

If your company collects and holds personal data of people that are in the EU, this means that you must meet the GDPR requirements and also be able to demonstrate this compliance. Digital signatures are an essential tool to conveniently capture consent while conforming with the rules established for it. The adoption of our solution will enable your company to legally manage your privacy procedures. From our part, handling and storing personal data is an ineradicable part of supplying our software services. However, as your trusty data processor, Penneo ensures its customers greater power, awareness and control over the collection, processing and storage of personal data.

Penneo can help you to manage and automate the digital signing processes in a fast, easy and compliant way. With a single and effective solution, you can consistently reinforce your data security and privacy management, while equipping your business with an auditable and user-friendly means to comply with industry standards and legislative obligations.