Hey Labs

Privacy Policy

Effective date: May 3, 2026

In short: SignPaper processes your documents and signatures on your device. No accounts. No personal data leaves your device. We use three privacy-hardened third-party services for crash reporting, anonymous analytics, and paywall rendering — none of them collect IDFA, IDFV, IP address, or any identifier that could link data back to you.

What SignPaper Does

SignPaper is a document signing application for iOS. It lets you import PDFs and images, add signatures, text, dates, and stamps, and export or share signed documents — all on your device.

Data We Collect

SignPaper does not collect, transmit, or store any personal data or document content on our servers.

  • No advertising frameworks
  • No user accounts or registration
  • No tracking across other apps or websites
  • No advertising identifiers (IDFA) collected

Network requests are limited to:

  • Apple StoreKit — for in-app purchases and subscriptions.
  • Apple CloudKit — only if you enable iCloud Sync, to store your documents in your private iCloud container.
  • Sentry — anonymous crash and performance monitoring (see below).
  • Amplitude — anonymous, aggregate usage analytics (see below).
  • Superwall — paywall rendering and subscription state sync (see below).

Crash and Performance Monitoring (Sentry)

SignPaper uses Sentry to identify and fix crashes and improve app stability.

What is sent: stack traces from crashes and app hangs, app version, iOS version, device model class, and an anonymous install identifier.

What is NOT sent: IP address (Sentry is configured with sendDefaultPii=false), network request URLs (enableNetworkBreadcrumbs=false), user identifiers, document content, file names, or signatures.

Purpose: App functionality — to identify and fix crashes and improve stability. Data is processed by Sentry under their published privacy policy.

Anonymous Usage Analytics (Amplitude Unified)

SignPaper uses Amplitude to understand aggregate feature usage and improve the product.

What is sent: session start/end events, app launch and lifecycle events, and an anonymous install identifier (a random UUID stored in the app).

What is NOT sent: IDFA, IDFV, IP address, carrier, city, region, DMA, screen names, element labels, user identifiers, or document content. Tracking options for IDFV, IP address, carrier, city, DMA, and region are all explicitly disabled.

Purpose: Analytics — to understand aggregate feature usage and improve the product.

Note: Amplitude Session Replay is disabled (sample rate set to 0); no screen recordings are captured.

Paywall Rendering (Superwall)

SignPaper uses Superwall to render subscription paywalls and sync subscription state.

What is sent: paywall view, dismiss, and purchase events; an anonymous install identifier; and subscription status (active / inactive / entitlements).

What is NOT sent: user identifiers, document content, or payment details. Payments are handled entirely by Apple StoreKit and never pass through Superwall.

Purpose: App functionality — to render the right subscription paywall and keep subscription state in sync — and analytics on paywall performance.

Note: Superwall paywalls are server-rendered HTML/CSS displayed in WebKit; payment processing happens entirely through Apple StoreKit, never through Superwall.

Document Processing

All document signing and processing happens entirely on your device. Documents never leave your device unless you explicitly share them using the system share sheet.

iCloud Sync

If you enable iCloud Sync, your documents and signatures are stored in your private iCloud container managed by Apple. This data is only accessible to you through your Apple ID. We do not have access to your iCloud data.

Signatures

Your signature data — drawn, typed, or extracted from photos — is stored locally on your device and, if iCloud Sync is enabled, in your private iCloud container. We never transmit your signature data to any third party.

Camera and Photos

When you use the camera to scan documents or access photos to import documents or extract signatures, the captured data stays on your device. We do not upload or share this data.

Purchases and Subscriptions

SignPaper offers in-app purchases and auto-renewable subscriptions processed entirely by Apple through the App Store. We do not collect, see, or store any payment information.

Children's Privacy

SignPaper does not knowingly collect information from children under 13. The app does not collect any personal information from anyone.

Changes to This Policy

We may update this policy from time to time. Any changes will be reflected on this page with an updated effective date.

Contact

If you have questions about this privacy policy, contact us at contact@heylabs.co.