Compliance

Discover our commitments to the strictest regulations and standards.

Connective’s certifications

Connective complies with the following international recognised standards.

Qualified Trust Service Provider

Qualified Trust Service Provider​

Connective is certified as a Qualified Trust Service Provider by LSTI, who listed on the European Commission official list of Conformity Assessment Bodies (CABs) and accredited to perform eIDAS audits.

ISO 27001

ISO 27001

ISO 27001 is an international standard for the assurance, confidentiality and integrity of data and information, as well as the systems that process it. 

Data Center Compliance

Connective´s services are hosted on Microsoft Azure. By hosting on Microsoft Azure we simplify scalability, release management and certificate management. Microsoft is certified under the following international recognised standards amongst others. 

For more information, visit the Microsoft Trust Center.

ISO 27701
ISO 27001
ISO 27018:2019
SOC 1
SOC 2
SOC 3
EU Cloud COC
CIS
Cloud Security Alliance

Corporate Social Responsibility

Connective is audited on a yearly basis by EcoVadis on Corporate Social Responsibility and has implemented a company specific Code of Conduct. 

Trust Service Practice statement

This document describes what practices are in place for the provisioning of the Connective Trust Service Practice Statement. 

The document is structured as described by Electronic Signatures and Infrastructures (ESI); Policy requirements for TSP providing signature validation services (ETSI TS 119 441 V1.1.1) Annex A.

Signature Validation Service Policy

This document describes which policy requirements are implemented by the Connective Signature Validation Service.

This document is structured as described by ‘Electronic Signatures and Infrastructures (ESI);Signature Policies; Part 1: Building blocks and table of contents for human readable signature policy documents’ (ETSI TS 119 172-1 V1.1.1).

Connective compliance FAQ´s

Connective eSignatures offers signing methods recognized under eIDAS. International law firm DLA Piper has written an extensive compliance report on Connective eSignatures which you can download here.
Yes. Connective eSignatures offers Simple, Advanced and Qualified Electronic Signatures as defined under eIDAS. Depending on the signing method you use, it will be considered one or another. We have a wide range of different signing methods, such as SMS-OTP, mail-OTP, itsme, beID, iDIN, Swisscom etc. For more information please download our Whitepaper on eSignatures here or visit our eSignatures product page.

Yes, Connective received the TSP certificate from LSTI, which is registered on the European Commission official list of Conformity Asssessment Bodies (CABs) accredited to carry out eIDAS audits.

Yes. Connective eSignatures offers signing methods as recognized under ZertES. International law firm DLA Piper has written an extensive compliance report on Connective eSignatures which you can download here.

Connective eSignatures complies with ETSI standards for XAdES, PAdES and CAdES. Moreover, Connective eSignatures is certified for the ETSI EN 319 102-1 standard: “Procedures for Creation and Validation of AdES Digital Signatures”.

 

The proposed formats are :
ETSI TS 103 171 (v.2.1.1) (XAdES Baseline Profile) ;
ETSI TS 103 172 (v.2.2.2) (PAdES Baseline Profile) ;
ETSI TS 103 173 (v.2.2.1) (CAdES Baseline Profile).

Connective eSignatures supports long-term validation in the creation of digital signatures, as defined in the PAdES standard by ETSI (PAdES Part 4). PAdES takes into account that digitally signed documents may be archived for many decades. In order to validate the signature in the future and ascertain that it was valid at the time of signing, LTV is required. Connective eSignatures can store the data required to verify the validity of the signature inside the signed document. This means that digital signatures which were signed using Connective eSignatures can continue to be validated in the distant future even when the public-key infrastructure that the original signature relied on is no longer there. All the information required to validate the signature 10, 20 or over 30 years from now is available in the signature.

Connective eSignatures can provide together with the signed PDF a sealed audit trial in a PDF document or in an XML-file which can be jointly or separately archived.

Your complete guide about United States´ & European law applicable to electronic signatures​

Including an assessment by international law firm DLA Piper focusing on Connective eSignatures in relation to eIDAS, UETA, eSign Act, ZertES, Hong Kong law and Singapore Law.

We are here, ready to answer all of your questions.

For any questions regarding
data protection

For any questions regarding
TSP