Skip to main content

Help us improve the Digital Marketplace - send your feedback

E-Sign UK ltd

E-Sign

E-Sign is a leading provider of eIDAS compliant, secure electronic signatures and digital document management solutions. The electronic signature platform enables users to create, e-signature, send documents, negotiate contracts, accept payments, and create automated workflows. E-Sign offers a range of e-signature services, supporting unified digitalisation and simplified document transaction management.

Features

  • eIDAS Electronic Signatures
  • Workflow Implementation and Onboarding
  • Easy-to-use E-Signature Platform
  • Integration into Existing Applications
  • Advanced Audit Trial
  • Digital Signature Certificate
  • Secure Document Storage
  • Real time ID Verification with the E-Sign ID Checker
  • Electronic Consent
  • Digital Signature Certificate

Benefits

  • Significant reduction in document processing time
  • Improved compliance
  • Increased data and document security
  • Environmentally friendly
  • Electronically sign documents from anywhere, on any device
  • Works with the applications you already use
  • Lower transaction costs
  • Trusted electronic signature service provider
  • Cut down on stationary, storage and postage costs
  • Carbon Counter to track carbon reduction

Pricing

£96 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at thomas.taylor@esign.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

8 2 4 2 6 1 7 1 1 0 4 7 7 0 8

Contact

E-Sign UK ltd Tom Taylor
Telephone: (+44) 0330 057 3001
Email: thomas.taylor@esign.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Salesforce, Sharepoint, Power automate, Zapier
Cloud deployment model
Private cloud
Service constraints
No
System requirements
Users will need to have an E-Sign subscription/licence

User support

Email or online ticketing support
Email or online ticketing
Support response times
https://www.esign.co.uk/service-level-agreement/
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
The web chat can be accessed from the E-Sign platform or website on all browsers and devices.
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
E-Sign has a live chat function to assist with any support queries, as well as via telephone or email. We offer remote sessions if the issue cannot be resolved by phone and have an SLA, which can be adapted to client requirements.

E-Sign will provide 24/7 critical server support and systems monitoring to clients. All normal queries or development support issues will be responded to within 2 hours during the times of 08:00-18:00 Monday to Saturday.

Our servers within our datacentre have maintained 99.99 % availability. Our servers have multiple power and cooling distribution paths, and include redundant components (N+1). The servers are continually monitored 24 hours per day. If there were to be an issue at the primary data centre, the disaster recovery server would replicate the platform and initialise within 40 minutes.

Maintenance and updates take place between 00:00 and 02:00 on Saturday and Sunday mornings. Scheduled downtime may be necessary for E-Sign to carry out essential maintenance or network upgrades. They will be kept to a minimum and scheduled to minimise disruption. E-Sign will aim to provide 7 days notice and in the event that such notice is impossible will provide the maximum period of notice practicable.
Support available to third parties
No

Onboarding and offboarding

Getting started
The Account Manager works with the Client to complete a Business Value Map. This is a breakdown of the strategic goals and desired outputs for the application of E-Sign. The Account Manager then provides an implementation report detailing the different phases and required resources from the client to complete the implementation effectively.

Within this report, E-Sign provides the key milestones and the risk mitigating criteria to achieve the implementation schedule. The Account Manager will have a scheduled meeting/s with the client’s key stakeholders to build up a series of use cases. This helps the project manager to implement E-Sign effectively and provide user specific support documentation where required. Post implementation of E-Sign, there is a period of user acceptance testing and support for the key stakeholders and users of the software.

Information on our Implementation and UAT can be found in our Service Level Agreement on our website. E-Sign's intuitive web based application offers the user to simply set up an account and start using the platform with little work needed. The Account Manager within E-Sign will support the client during the process to ensure all users and departments are set up correctly and have access to all functionality.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Users can download all of their of documents from the E-Sign dashboard.
End-of-contract process
​​The payment terms are identified between E-Sign and the Client as part of the Business Value Map process. i.e. 30 days. The payment terms are then factored into the end of contract process. As the end of contract approaches, the licence renewal has to be agreed, followed by the order form signed and invoice issued prior to the renewal date and in line with the clients payment terms. For example, the licence renewal date is the 15th of April and the client operates to 30-day payment terms. The client is required to have agreed the licence, signed the order form and took receipt of the renewal invoice by no later than the 15th of March.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mainly use of touch gestures for scrolling / interacting with features on mobile vs mouse / keyboard on desktop.
Service interface
Yes
User support accessibility
WCAG 2.1 AAA
Description of service interface
We pride ourselves on our user-friendly platform which has been designed to make document management easy. The user dashboard has an account settings section, personal folders to store documents, themes to personalise your dashboard, an address book and a direct link to the User Guides. The interface is interactive, with documents showing as pending or completed and a live carbon counter to track the amount of carbon that is saved. Signers are colour coded to distinguish between multiple signers on a document and the ‘recent activity’ provides a quick way to see documents currently being created and processed for signing.
Accessibility standards
WCAG 2.1 AAA
Accessibility testing
User acceptance testing.
API
Yes
What users can and can't do using the API
https://www.esign.co.uk/products/api-developer-portal/
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
E-Sign solutions offer a tailored approach to meet your specific needs, providing a variety of additional e-signature features and services, including eConsent, eWitnessing, ID Checker, Web Forms and Payment Processing. Customise your eSignature by drawing, typing, or uploading an image of your signature, adding a secure and recognisable mark to your digital transactions. Choose from a selection of personalisation colours to change the theme of your dashboard. Ensure consistent and strong branding across all communications by sending eSigned documents through with the personalised email feature. Save time with customisable document templates for efficiently sending the same document to multiple recipients. Create personalised embedded Web Forms to gather precise customer information relevant to your business. Additionally, utilise the API connector to seamlessly integrate E-Sign with your existing applications, enabling the creation of automated workflows and streamlining processes. All users of E-Sign can use customise their dashboard and signature, however advanced customisation features are only available on specific plans.

Scaling

Independence of resources
E-Sign servers within our datacentre have maintained multiple power and cooling distribution paths, and include redundant components (N+1). Data 99.99 % Availability. Our servers have centre facilities includes N+1 on all components and multiple LV path options. The servers are continually monitored 24 hours per day. If there was an issue at the primary data centre, the disaster recovery server would replicate the platform and initialise within 40 minutes. If circumstances force E-Sign from its current premises, access to the data centre business continuity centre will allow E-Sign to re-create both our office and IT environment very quickly.

Analytics

Service usage metrics
Yes
Metrics types
Envelope usage, monthly filters
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can download their documents
Data export formats
  • CSV
  • Other
Other data export formats
PDF
Data import formats
  • CSV
  • Other
Other data import formats
PDF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
https://www.esign.co.uk/service-level-agreement/
Approach to resilience
Available on request
Outage reporting
Email alerts and API. Public dasboard (status page) coming soon.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
E-Sign ensures privileged users carry out their administrative duties in a ‘clean’ (more trusted) environment.
E-Sign ensure privileged users handle their email and web browsing in a separate ‘dirty’ (less trusted) environment.
The ‘dirty’ environment is designed in a way that anticipates compromise, consequently, the breach doesn't have a big impact on our important systems.
E-Sign uses strong authentication mechanisms, including 2-factor authentication.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
24/03/2023
What the ISO/IEC 27001 doesn’t cover
None UK offices
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Viking cloud
PCI DSS accreditation date
27/02/2024
What the PCI DSS doesn’t cover
N/A
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus
PSN
Information security policies and processes
E-Sign conforms to ISO 27001 and ETSI standards, which are required to provide trust services. E-Sign uses a traditional vertical reporting structure. E-Sign employees are required to read the latest versions of company policies and procedures, via specialist training software, confirming once they have done so. Internal assessments are also carried out to measure employee training.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
The Senior Management Team of E-Sign identify any potential changes, this is then delegated to a responsible person as a “project manager”.

He or she will conduct a “research background” to determine the feasibility of the changes with regards to:-

• Purpose of the change
• Any potential consequences
• Integration of the quality management system
• The availability of resources
• The allocation or reallocation of responsibilities and authorities
• Technical Skills
• Timescales
• Risks
• Impact

Once completed this then forms part of the Management Review together with including within the internal audit schedule.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
E-Sign uses variety of tools and solutions to prevent and address cyberthreats. These include:
Asset discovery and inventory - tracking and maintaining records of all devices, software and servers.
Vulnerability scanners - testing against systems and networks.
Patch management - Keeping E-Sign computer systems up to date with the latest security patches.
Configuration Management - Ensures that devices are configured in a secure manner.
Security incident and event management(SIEM) - consolidates security information
Penetration testing -find and exploit vulnerabilities in computer systems.
Threat intelligence - track, monitor, analyse potential threats.
Remediation vulnerabilities - Generating remediation tickets.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
E-Sign keeps accurate and comprehensive audit logs in order to detect and react to inappropriate access to, or use of, information systems or data. If a potential compromise is detected, then these steps are followed:
Identification of the issue, Initial investigation, Immediate actions, Analysis and Remediation. E-Sign aims to respond to a cyber threat in under one hour.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Identify an incident and log it using the incident report form. E-Sign will categorise and prioritise the incident, respond with an initial diagnosis, and escalate the issue to the relevant team, ensuring communication is clear and concise. Next, investigation and diagnosis take place before resolution and recovery. Finally, once preventative actions are shown to be effective, the issue can be closed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

E-Sign have a responsibility to contribute solutions to climate change. We’re lucky to have some brilliantly diverse people leading our climate work across the business who are committed to the world’s forests by contributing towards saving paper. E-Sign staff have also been involved in initiatives such as tree planting, to combat climate change. Our solutions enable businesses to reach their net zero goals through abolishing the need for paper-based processes. Our platform also features a carbon counter, so users can see exactly how much carbon they’re saving from being emitted through using digital documents.

Covid-19 recovery

Throughout the Coronavirus pandemic, E-Sign has been helping businesses mobilise, stabilise and return to work. During the post-COVID-19 recovery period, we’re helping these same businesses find opportunities while becoming stronger – including building resilience to navigate future shocks, by implementing robust digital solutions.

Tackling economic inequality

Social purpose is woven into E-Sign’s fabric. E-Sign is committed to tackling economic inequality at the root by creating new businesses and new employment opportunities, to improving education and training. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.

Equal opportunity

E-Sign is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. E-Sign’s has an EEO Policy in place, which is the standard which everybody within the organisation adheres too.

Wellbeing

E-Sign is committed to providing a healthy working environment and improving the quality of working lives for all staff. The wellbeing strategy aims to support the E-Sign’s mission and core values of freedom of thought and expression, freedom from discrimination and the recognition that E-Sign’s staff are its greatest asset.

Pricing

Price
£96 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
E-Sign offers a 14 day free trial for users to test our platform and its features. During the trial, users can send up to 5 envelopes and have access to 5 pre-built templates that can be customised and sent. No card details are required to set up a free trial.
Link to free trial
https://www.esign.co.uk/register/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at thomas.taylor@esign.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.