Yes, of course, but I will just be asking the same question - why not respond here?

We were curious about this too. I would guess most people are curious after seeing the question and reply. Hope you will elaborate here so we can all see it, transparency is always welcome.

We are indeed ISO/IEC 27001:2022 certified, the world's best-known standard for information security management systems (ISMS) and we appreciate your due diligence. Our certification was issued by a certification body accredited in accordance with international standards, but not necessarily under UKAS.

This is because our certification was obtained via our EU (Bucharest) headquarters, where we have legally registered and operate primarily with our software development team. For your reference, we are happy to share our certificate and the Statement of Applicability (SoA), which outlines the scope and controls implemented.

As for the UK GDPR registration: our UK office is part of our commercial presence and not a separate data controller or processor. However, we fully adhere to EU GDPR, which aligns closely with UK GDPR in principles and protections. Please let us know if you’d like to review the ISO/IEC 27001 certification documents or require further clarification on our data protection practices.

Just to clarify—all our SaaS products, including QuickSigner, are developed and operated under our ISO/IEC 27001 - certified management system. We use the same Statement of Applicability (SOA) across the board. Following your helpful suggestion, and given the importance of transparency, we've now added the SOA to the Terms section under Data Security on our website. Inspection Body data is in.