Safeguard your business with compliant eSigning
Lumin’s products are enforced with a rigorous and up-to-date security system. We work hard to deliver specialized security solutions alongside industry-standard compliance.
Compliance certificationsand standards
Our certifications reflect our commitment to a global standard of security. We have industry-accepted certifications and meet current industry compliance standards and regulations.
SOC 2 Type 1 Attestation
Lumin works with independent auditors to maintain a SOC 2 report. This report certifies our controls to ensure the ongoing security of customers’ data.
Learn moreCalifornia Consumer Privacy Act
Our certifications, business practices and compliance standards mean Lumin is fully compatible with CCPA regulations.
Learn moreGPDR compliance
Lumin is compliant with European data protection and privacy law. We have a comprehensive privacy policy available here.
PCI-DSS compliance
Lumin complies with the Payment Card Industry Data Security Standard, meaning your credit, debit, and cash card transactions and associated information are protected.
AWS security standards
Data in Lumin is stored with Amazon Web Services, which utilizes state-of-the-art security at a large scale. We are confident in AWS’s high standards.
eDIAS Certification
eIDAS certification standards ensure that electronic signatures meet the highest levels of security and legal compliance across the EU.
BYO signing certificates
BYO signing certificates offers businesses flexibility and enhanced security by allowing you to manage and utilize your own digital certificates for eSignatures.
Data security features
All Lumin’s products are built with modern and robust security features.
Secure cloud hosting
Lumin uses Amazon Web Services for hosting. We routinely undergo penetration tests and AWS meets major international security compliances.
SSO with Google Workspace
Require Google Workspace SSO for your Lumin workspace, so employees must sign in with Google. Control and verify Lumin users from your Workspace.
Encryption for data in transit
We use Transport Layer Security 1.2 or higher to encrypt data in transit. This helps to ensure your data is secure no matter where in the world you are.
Encryption for data at rest
Lumin encrypts your data at rest using AES 256, currently considered one of the most robust encryption standards.
Secure SDLC
We take pride in our Software Development Life Cycle. Every line of code is peer-reviewed and tested before it’s released into Lumin’s products.
Vulnerability management
We actively monitor and remediate vulnerabilities reported. We conduct regular penetration tests and run a bug bounty program to encourage reporting.
Internal security
We have strong access controls on our production systems. Access is restricted to a small number of senior employees and requires MFA.
Audit trails
Signature requests generate an audit trail for the document, ensuring you know who signed what and when. We also verify document actions with comprehensive tracking and time stamping, ensuring secure, defensible proof of document activities.
Our commitment to security
Customer payment details
Lumin Sign uses a secure third-party for payment processing.
System monitoring
We provide frequent monitoring of our customer environment and underlying infrastructure to ensure our tools work as expected.
Reliability & data backups
We use auto-scaling, load balancing, rolling deployments and more to keep Lumin reliable. We perform daily encrypted backups of all databases.
Bug bounty program
Find security issues in Lumin and get a reward.