We keep our services up to date with legal requirements, security standards, and compliance needs. Get an overview of privacy, security, and compliance at Penneo – and how you can use our compliance to ensure yours.
Our AML solution is compliant with EU legal requirements, and you can use Penneo to meet your obligations related to KYC, risk assessment, CDD, data collection and monitoring, and record-keeping.
We process and store personal data within the EU and maintain encrypted backups in EU data centers. Aside from ensuring full GDPR compliance internally, we also provide features specifically designed to assist you in meeting GDPR requirements, such as automatic data deletion after a set timespan, access control based on NIN, end-to-end encryption, and more.
Penneo’s digital signatures are legally valid and binding as they meet the requirements laid down in the EU eIDAS Regulation and the US e-Sign and UETA Act.
The three core security services provided by our digital signatures are:
From our IT environment to our products, everything we do follows the highest safety standards and industry best practices.
Penneo receives a yearly ISAE 3000 Report attesting to our compliance, and we are ISO 27001 and 27701 certified.
That’s how we ensure continuity and good performance of our services, meeting our customers’ expectations day by day.
We are transparent about our internal policies and practices
We give you full control over your data
We protect your information and documents
We are committed to continuously improving our services with compliance in mind
At Penneo, we strive to offer our customers and users the safest digital experience. To this end, we frame our policies, procedures, and controls in line with global security standards and international best practices.
As proof of our pledge to maintain the highest level of operational excellence, Penneo has undergone thorough independent audit assessments and has been certified under ISO 27001:2022 and ISO 27701:2019 standards for its information security and privacy management system.
Additionally, Penneo completes an ISAE 3000 audit on an annual basis.
No passcode can compete with the level of security provided by government-issued eIDs for digital identification.
As we support several national eID means, we can help you scale up your business across borders while maintaining the same security you have at home.
Users can confirm their identity and sign digitally with Penneo with the following national eIDs and we are constantly working on supporting new ones.
Penneo has been granted the status of Qualified Trust Service Provider (QTSP). Thus, in addition to advanced e-signatures, we have been authorized to provide qualified electronic signatures – the safest type of signature under EU eIDAS Regulation, considered equivalent to handwritten ones.
The type of signature you can create (qualified or advanced) will differ based on the Level of Assurance of your electronic ID. Nonetheless, our strict compliance requirements as a QTSP consistently ensure an extra layer of security to your document transactions.
As our customers belong to highly regulated sectors and operate in different countries, we provide customization capabilities to help you meet your specific industry requirements and national laws.
With Penneo, you can create tailored signing flows that follow the rules your business is subject to and ensure full compliance.