Nitro is dedicated to security and compliance

Information security is at the heart of all we do. We base success on how well we earn and maintain our customers’ trust. We take that obligation seriously and protect the data of more than half a million customers worldwide.

Security for Your Products and Data

At Nitro, we strive to create the most secure products possible. Nitro products, services, and infrastructure are designed with rigorous security controls and secure infrastructure with multiple layers of defense. We protect your data with cutting-edge data security measures. We leverage Amazon Web Services (AWS) for best-in-class security practices and protection. Nitro’s primary datacenter is located in Frankfurt, Germany.

Nitro’s information security program instills awareness and training to promote vigilance in the changing threat landscape. All employees are subject to stringent background checks.

Our Commitment to Compliance

At Nitro, we believe that it is important to validate and test our compliance to provide assurance of our trustworthiness. Industry standards, regulations and laws change, but you can rely on us to maintain compliance with the latest standards. On an annual basis, independent third-party auditors test our controls. Nitro currently maintains the AICPA SOC2® Type 2 Report on Controls Relevant to Security, Availability, Confidentiality and Privacy, and a HIPPA Security Compliance Assessment of internal controls. Controls were examined by the independent services auditor, 360 Advanced. We are happy to provide reports upon request.

Sign online with peace of mind

Nitro Sign ensures your data, documents, and electronic signatures stay protected and we verify our controls through annual compliance testing and certifications. Nitro maintains AICPA SOC2® Type 2 Report on Controls Relevant to Security, Availability, Confidentiality and Privacy, and a HIPPA Security Compliance Assessment of internal controls. Controls were examined by an independent third-party auditor, 360 Advanced. We are happy to provide reports upon request.

Protect documents with enhanced accessibility and security

Nitro Sign provides feature rich abilities to ensure that all activity on documents is tracked and available to users through downloadable audit trails. If your organization needs enhanced security options, the Enterprise Plan includes additional security features, including single sign-on (SSO) and two-factor authentication (2FA) for added document security.

Privacy is essential

At Nitro, we are committed to protecting our clients’ data and privacy. Our privacy policy outlines how we handle and protect your information. Nitro does not sell any personal information and has no future plans to do so. On an annual basis, our independent third-party auditors test and evaluate our privacy related controls.

GDPR

Nitro’s Terms of Use, and Privacy Policy are reflective of our GDPR commitment. As GDPR legislation and rulings continue to evolve and change, so will Nitro.

Even though the legal value of Privacy Shield participation has been invalidated from a GDPR perspective, the U.S. obligations to adhere to Privacy Shield agreements still apply. Nitro continues to adhere to Privacy Shield obligations during this period of change in the wake of the Schrems II decision.

In June of 2021 EU Commission published new Standard Contractual Clauses (SCC) for the transfer of personal data internationally. The SCCs are model contracts that can constitute a suitable guarantee under Art. 46 of the General Data Protection Regulation (GDPR) for the transfer of personal data to third countries. Nitro is in the process of reviewing the outlined valid transfer mechanisms for data exports to countries outside Europe and will adopt necessary changes to remain in conformance.