How documents are secured and signed
From upload to signed copy, every step is audited, encrypted, and verified. Here’s the process in detail.
Process at a glance
Who does what
Audit trail at every stage: Each action—creation, invites, link use, intent, fill, and sign—is recorded in an immutable audit log. When a recipient completes their signature, a certificate of signing is generated for that signer.
-
Document creation
Owner uploads the PDF
The document owner creates the agreement by uploading the PDF. As soon as the file is created in Agreee.at, an audit record is written so there is a permanent record that the document was created on the platform.
Audit trail: Document created in Agreee.at; creation event and metadata recorded.PDF → Audit log entry -
Invitations
Recipients are invited by email
The creator adds one or more recipients using their email addresses as the primary identifier. Notifications are sent to each recipient so they know an agreement is waiting for them.
Audit trail: Recipients added; invitation sent events and email identifiers recorded.Emails → Notifications sent -
Short-lived links
Customizable signing links
Each recipient gets a short-lived link. The owner controls how it works: the link can be one-time use only, valid for a set number of hours, or both. Expiry and usage rules are fully customizable.
Audit trail: Link generated per recipient; access and expiry rules recorded; each link use is logged.One-time use Valid X hours Custom expiry Per-recipient link -
Intent to sign
Recipient confirms readiness to sign
When a recipient opens the link, they must first declare their intent to start the digital signing process. This creates a clear record that they chose to proceed before any fields are filled or signatures applied.
Audit trail: Link opened; intent-to-sign declaration and timestamp recorded.Opens link → Declares intent -
Fill & sign
Only allowed fields; signature then confirm
The recipient can fill in only the areas the owner has allowed. They add their signature by uploading an image or drawing it. Once they confirm, that action is recorded. A certificate of signing is generated for that recipient as soon as they complete their signature.
Audit trail: Fields filled, signature added, and confirmation recorded; signer identity and timestamp captured.Certificate of signing generated when recipient signsAllowed fields only Sign (draw or upload) Confirm -
Encryption & verification
Document is hashed, saved, and verified
After each recipient completes their part, the document is hashed and encrypted and the new version is saved. The system checks that the old and new versions differ only in the intended, allowed changes—no unexpected or tampered content. This verification runs at every recipient step so the full chain remains trustworthy.
Audit trail: Document version saved; hash and integrity check result recorded; full chain of versions and certificates remains in the audit log.Version A Version B Diff check ✓Only allowed changes; no tampering. Repeated for each recipient.
Security at each step
Encryption
Documents and audit data are encrypted at rest and in transit so only authorized parties can access them.
Audit trail
Creation, invitations, link usage, intent, and each signature are recorded in an immutable audit log.
Integrity checks
Before and after each signer, the document is verified so only allowed changes are present—nothing added or altered outside the flow.
Certificate of signing
Whenever a recipient completes their signature, a certificate of signing is generated for that signer, attesting to what was signed and when.
Audit at every stage
Creation, invites, link use, intent, fill, sign, and each version save are recorded in the audit trail—no step is left unlogged.
Ready to try it?
Get early access →