One of the most frequently asked questions by our users is whether electronic signatures are legally binding in the countries that they operate in. It’s a fair question. After all, you don’t want to find yourself on the wrong side of GDPR or eIDAS.
Unfortunately, it’s not a question with a set answer. GDPR and eIDAS regulations can vary from country to country. There’s also the fact that GDPR and eIDAS both apply to businesses outside of signatory countries, but who do business in signatory countries.
If all of this sounds confusing, don’t worry. We’ll take a deeper look at it in this article. But before that, let’s take a look at the legislation governing electronic signatures.
A Quick Legal Note
Oneflow develops, sells and implements digital contract management and automation systems. We, being the provider of a SaaS contract automation platform, as well as many electronic signature providers in the industry, are not in any credible position to advise anyone or any business in legal matters.
Is an electronic signature legally binding in my country?
Firstly it’s important to understand that even though eIDAS regulation sets up a framework to help businesses perform safer transactions in member states and cross-border within the EU, the local legislations in each country may vary. Local legislations take precedence over the eIDAS regulation.
This is not in any way unique to electronic signatures. Anyone used to signing agreements in wet ink can verify that formal requirements such as notaries, company stamps, blue ink, red ink, witnesses, Power of Attorneys, company registration certificates, or registration with certain authorities are standard practice in some jurisdictions and these formal requirements are mandatory in order to have a valid signature. These requirements do not disappear just because you move over to electronic signatures, as they rely on local legislation.
This means that unless you’re consulting a lawyer specializing in this field of law in the country you’re operating in, anything you read on the Internet will have a “this is not a legal advice” disclaimer to avoid disputes.
Where does it apply?
GDPR and eIDAS apply to all companies based in the EU, Norway, Iceland, Liechtenstein, the UK and Turkey. But they also apply to companies doing business in these countries. For example; a company based in Texas, but doing business in Norway, would still have to protect their customers’ data in-line with GDPR and eIDAS. This is also the case when it comes to electronic signatures.
Keeping with the Texas/Norway example, an electronic signature has to be made and verified in line with European standards. So that company in Texas will have to apply eIDAS standards to that electronic signature made in Norway. Doing this means that an electronic signature is legally binding.
In countries that aren’t bound by GDPR and eIDAS, but use these laws as bases for their own legislation, the picture isn’t quite so black and white. Like the EU, some countries apply their laws to their citizens’ data, even when it’s being handled overseas. Some don’t. Make sure to check local laws before making any big decisions about how to handle your election signatures. After all, you want them to be legally binding.
Is an electronic signature legally binding if it uses another signing method?
Some countries allow you to make an electronic signature legally binding without having to type your name anywhere, or scribble on any screens.
Take Sweden as an example. Sweden has an app called BankID that you can use to verify yourself, and sign legally-binding contracts. BankID is completely valid, and electronic signatures made using it are fully legal.
Equally, the UK allows electronic signatures to be made using verification codes sent to your phone via SMS. You just type the code in where needed once you’ve received it.
So if you’re wondering, “is an electronic signature legally binding even if I don’t type my name?”, the answer is yes. But it comes with our usual caveat: always check what the laws are where you are before choosing any contract software or making your electronic signature.
The Key Takeaways
First and foremost, it’s important to note again that we’re not lawyers at Oneflow. We provide great contract software, but we can’t help you get out of that parking ticket.
Electronic signatures are valid right across the EU, Norway, Iceland, Liechtenstein, the UK and Turkey, and they’re governed by GDPR and eIDAS. These laws mean that companies outside of these countries, but who do business within them, must also abide by these pieces of legislation.
GDPR and eIDAS have become the standards for lots of other countries when drafting their own data protection laws. But finer details, like who has to abide by them and who doesn’t, vary from country to country.
This is why it’s so important to seek legal advice before making any decisions to do with contract software. Doing this means that you can rest assured that your electronic signature will be legally binding in your country.