Data Deletion Instructions

Effective Date: 10th February 2026 · Last Updated: 10th February 2026

Crystal Sign (“Crystal Sign”, “we”, “us”, “our”) respects your privacy and provides a process for individuals to request deletion of their personal data, subject to applicable legal and compliance requirements.

This page explains how you may request deletion of your data from the Crystal Sign platform.

A. Who Can Request Deletion

You may request deletion if you are:

  • a registered Crystal Sign user, or
  • an external signer who received a signing request through Crystal Sign.

B. How to Request Data Deletion

To request deletion of your personal data, please send an email to:

Email: privacy@crystalsign.com

Subject Line: Data Deletion Request

Include the following information:

  • Full name
  • Phone number used for signing or OTP
  • Email address used in Crystal Sign
  • Tenant/organisation name (if known)
  • Reference ID or envelope ID (if available)
  • The request type: Delete my account, Delete my signer record, or Delete my data

C. Identity Verification

For your protection, Crystal Sign may require verification before processing deletion requests. Verification may include:

  • OTP confirmation sent to your registered phone number/email
  • confirmation of recent envelope reference or signing activity

D. What Data May Be Deleted

Where permitted, Crystal Sign may delete or anonymise:

  • your user profile information (name, email, phone)
  • signature assets stored in your profile (signature images/initials)
  • communication preferences
  • access sessions and authentication history (subject to retention limits)

E. What Data May Not Be Deleted

Crystal Sign may be required to retain certain records for compliance, audit integrity, or legal enforceability. These may include:

  • signed documents and sealed PDF records
  • audit trails and evidence packs
  • system logs required for fraud prevention and dispute resolution
  • legally required retention records configured by tenant organisations

Where deletion is not possible, Crystal Sign will apply anonymisation where feasible.

F. Processing Time

Crystal Sign aims to process deletion requests within 30 days, subject to verification and legal obligations.

G. Tenant-Managed Data

If your data is associated with a tenant organisation (e.g., a bank, company, or government agency), Crystal Sign may refer your request to the relevant tenant administrator where the tenant is the primary controller of the data.

H. Contact

For deletion-related inquiries:

Privacy: privacy@crystalsign.com

Support: support@crystalsign.com