Privacy Policy

Last updated: August 2025

1. Information We Collect

At Miarvo, we collect information you provide directly to us, such as when you create an account, upload documents, or contact us for support.

Personal Information

  • Full name, email address, phone number
  • Company name and job title
  • Billing and payment information
  • Profile picture and signature data
  • Authentication credentials (encrypted)

Document Data

  • Document content, metadata, and version history
  • Signature data and timestamps
  • Audit trails and completion certificates
  • Recipient information and signing status

Technical Information

  • IP addresses, browser type, and device information
  • Usage patterns, feature utilization, and performance metrics
  • Log files, cookies, and session data
  • Geolocation data (with consent)

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services in accordance with applicable laws.

Service Provision

  • Process and store your documents securely with AES-256 encryption
  • Facilitate electronic signatures and document workflows
  • Generate audit trails and compliance reports
  • Provide real-time notifications and status updates

Communication

  • Send transactional emails (signing requests, completions, reminders)
  • Provide customer support and technical assistance
  • Send security alerts and account notifications
  • Deliver service updates and maintenance notices

Business Operations

  • Process payments and manage billing
  • Prevent fraud and ensure platform security
  • Comply with legal obligations and regulatory requirements
  • Analyze usage patterns to improve our services

3. Anti-Spam Policy

Miarvo maintains a strict anti-spam policy to ensure compliance with CAN-SPAM Act, GDPR, and other applicable regulations.

Email Communications

  • All emails include clear sender identification and valid reply-to addresses
  • Subject lines accurately reflect email content without deceptive practices
  • Transactional emails are sent only for legitimate business purposes
  • Marketing emails require explicit opt-in consent
  • Unsubscribe links are provided in all marketing communications
  • Unsubscribe requests are processed within 10 business days

List Management

  • We maintain suppression lists for opted-out users
  • Email addresses are validated before sending
  • Bounce and complaint rates are monitored and managed
  • We do not purchase, rent, or share email lists with third parties

Reporting Spam

If you believe you have received spam from Miarvo, please report it to abuse@miarvo.net with the full email headers for investigation.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Service Providers

  • Cloud hosting providers (AWS, Google Cloud) with data processing agreements
  • Payment processors (Stripe) for billing and subscription management
  • Email service providers (Amazon SES) for transactional communications
  • Analytics providers (with anonymized data only)

Legal Requirements

  • Compliance with valid legal process (subpoenas, court orders)
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activities
  • Regulatory compliance and audit requirements

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to the same privacy protections.

5. Data Security

We implement comprehensive security measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

Technical Safeguards

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Multi-factor authentication and role-based access controls
  • Regular security audits and penetration testing
  • Automated backup systems with encryption
  • Intrusion detection and monitoring systems

Compliance Certifications

  • SOC 2 Type II compliance
  • GDPR and CCPA compliance frameworks
  • ISO 27001 security management standards
  • eIDAS regulation compliance for electronic signatures

Incident Response

In the event of a security incident, we will notify affected users within 72 hours and provide detailed information about the incident and remediation steps.

6. Data Retention and Deletion

Retention Periods

  • Account information: Retained while account is active plus 30 days after closure
  • Document data: Retained for 7 years for legal compliance purposes
  • Audit logs: Retained for 3 years for security and compliance
  • Marketing data: Retained until consent is withdrawn
  • Support communications: Retained for 2 years

Secure Deletion

When data is deleted, we use secure deletion methods that make recovery impossible. Backups are also purged according to our retention schedule.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for transfers to approved countries
  • Binding Corporate Rules for intra-group transfers
  • Certification schemes and codes of conduct

8. Your Rights and Choices

Access and Control

  • Access and download your personal data
  • Correct inaccurate or incomplete information
  • Delete your account and associated data
  • Restrict or object to certain processing activities
  • Data portability to another service provider

Communication Preferences

  • Opt out of marketing communications
  • Manage notification preferences
  • Control cookie settings
  • Withdraw consent for optional data processing

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@miarvo.net with your request and proof of identity. We will respond within 30 days.

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

10. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@miarvo.net

Address: 303 A St STE 301, San Diego, CA 92101

Phone: (619) 252-8126

We will respond to your inquiry within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.