Every design decision in Ratifio starts with the question: 'Can we prove this to a regulator?'
SHA-256 hash computed at upload, before any signer sees the document. Hash recorded immutably in the audit trail. Any byte-level modification after upload is cryptographically detectable and provable.
Every event individually logged: upload, email delivery, link access, document view, consent (verbatim text), signature, download. Each entry includes IP address (v4/v6), full user agent string, and ISO 8601 timestamp with timezone. Immutable and exportable.
TLS 1.3 in transit. AES-256 at rest via AWS KMS with automatic key rotation. Database connections encrypted. No unencrypted data paths exist in the architecture.
All infrastructure runs in AWS eu-west-2 (London). Documents, audit logs, metadata, and backups remain in UK jurisdiction. Enterprise plans support EU or multi-region data residency with isolation guarantees.
The signing experience contains no analytics, no tracking pixels, no third-party JavaScript, no advertising cookies. Your counterparty's browsing context is never shared with anyone. This is a design principle, not a configuration option.
Documents and audit trails stored for 7 years by default. Immutable storage prevents deletion or modification during the retention period. Configurable up to indefinite retention on Enterprise plans. Compliant with FCA, SRA, CQC, and HMRC record-keeping requirements.
Our team is happy to walk through our security architecture with you.
Contact us