Q: Questions and observations
Hi, we need a solution for collecting e-signatures, but are not too familiar with e-signing and have a few questions we hope you can answer:
1. Do you have any examples of how the confirmation email looks after signing and what an actual document looks like when downloaded after?
2. Do you have templates in place and are we also free to set up any document as needed, any limitations we should be aware of?
3. What options do we have for branding and how invasive is the Certyfirma / icommunity branding throughout the process?
4. As there is no About us segment on the Certifirma website, why do you not have a link to icommunity.io for full transparency?
5. Can you tell us more about the ICOM token and which blockchain you are using as well as the security and safety of confidential signatures?
6. How does your affiliate program work?
iCommunity_Support
Feb 6, 2025A: Hi InvestHealth,
Thank you for your questions! We’re happy to clarify how Certyfirma works and how it may fit your needs.
1. Confirmation email & signed document:
- Once a document is signed, all parties receive a confirmation email with a download link to the signed document and the electronic signature certificate. The signed document includes an audit trail that shows timestamps, signer details, and verification logs.
- If you’d like a sample, let us know at info@certyfirma.com and we can provide one!
2. Document templates & limitations:
- Certyfirma does not provide built-in templates (you can use yours or you have a lot of them at internet). Certyfirma is focused in the e-signing process, not at the document composition, so for this you should upload the final PDF document.
- The only limitation is that documents must be in PDF format, as this ensures integrity and security throughout the signing process because Certyfirma neither stores nor accesses the content of the original document.
3. Branding options:
- With the AppSumo deal, Certyfirma branding will be present throughout the signing process. However, we do offer custom branding and white-label solutions (via API or standalone white-label instances) for businesses that need a fully branded experience. Let us know if you're interested in this!
4. Company transparency & website info:
- Certyfirma is a product of iCommunity Labs, a well-established blockchain technology company. We appreciate your feedback on the website and will consider adding more details to improve transparency. Meanwhile, you can learn more about iCommunity at https://icommunity.io.
5. Blockchain security & ICOM token:
- Certyfirma uses the iCommunity Blockchain-as-a-Service platform (iBS) for document integrity and audit trails. iBS uses several strong & robust public blockchain networks, designed for enterprise use.
- The ICOM token is used within the iBS platform to generate the blockchain evidences, but it is not required for using Certyfirma (is totally transparent for the users).
- Security is our top priority—all documents are encrypted, and identity verification ensures legally binding signatures.
6. Affiliate program:
- We offer an affiliate/referral program where partners can earn 20% commission on every sale generated through their referral. If you’re interested in becoming an affiliate partner, please reach out at hello@icommunity.io, and we’ll be happy to share more details!
Let us know if you have any other questions. We’re happy to assist! 😊
InvestHealthPLUS7. Are the signatures legally binding in Brazil as well?
Yes, Certyfirma's electronic signatures are legally binding in Brazil.
Brazil recognizes electronic and digital signatures under "MP No. 2,200-2/2001", which established "ICP-Brasil (Infraestrutura de Chaves Públicas Brasileira)" as the national framework for digital signatures.
Nevertheles, for agreements that require ICP-Brasil-compliant digital signatures, such as some government-related or highly regulated contracts, a certified digital certificate (e-CPF or e-CNPJ) may be necessary. However, for most business, commercial, and private agreements, Certyfirma’s signatures are fully enforceable and provide a secure, blockchain-backed audit trail.
InvestHealthPLUS8. For those providing signatures a KYC is required. After that, for how long are their personal information kept and is that specified anywhere during the onboarding process for full transparency, as well as how they can have it deleted? Also, how are these personal records kept safe, and after their deletion, can the obtained digital signature still be used, or would they have to KYC again?
Great question! Here’s how Certyfirma handles KYC (Know Your Customer) verification, data retention, and privacy:
1) Personal data collected during KYC verification is stored only for the necessary period to comply with legal and regulatory requirements. The exact retention period depends on jurisdictional regulations, but users can request data deletion at any time.
2) The data retention policy and user rights are detailed in our Privacy Policy and Terms of Service. Users can request the deletion of their personal information by contacting info@certyfirma.com. Once a deletion request is processed, all personal records are securely removed from our systems in accordance with applicable data protection law (EU eiDAS).
3) How is personal data kept safe? Certyfirma follows industry-standard encryption and secure storage practices to protect user data. All data is encrypted at user front-end so the original document is neither accessed not stored at our servers. We also comply with GDPR and other international data protection regulations.
4) Does deleting personal data affect their ability to sign? No, once KYC is completed the personal data is deleted but the obtained (and encrypted) user's digital signature will be available for future signatures, as long as the user does not cancel or delete his/her Certyfirma user account.
InvestHealthPLUSThank you very much for your detailed replies, we will make sure to become customers before you leave AppSumo. But one little detail would be good to know more about, and that is; what blockchain are you using to store the contract data?
As quantum computing arrives, how can we be sure encrypted information will not get exposed. I saw Solana mentioned on your website, if so, that should be safe.
Certyfirma uses iCommunity's iBS, a multichain platform that primarily leverages Ethereum L2 networks such as Polygon, Base, and Gnosis, among others. It features an algorithm that optimizes resource allocation, selecting the most suitable network at any given time based on cost and processing speed. This ensures the necessary security, scalability, and resilience for our platform.
While current encryption methods are still considered secure, Certyfirma is constantly monitoring post-quantum cryptography developments. The cryptographic hash functions (SHA-256) we use are quantum-resistant, so quantum computers would not easily break them. If future quantum advancements pose a real risk, iBS is adaptable and can integrate post-quantum cryptographic algorithms when necessary.
InvestHealthPLUSGreat to hear, and thank you for your thorough and transparent answers. We look forward to becoming a client soon.