Privacy Policy
Last updated: July 6, 2026
Who we are
NeatWaiver provides digital liability waivers for activity businesses. This policy covers two kinds of people: business owners who create an account and publish waivers, and signers who complete a waiver for a business. For signer information, the business you sign for decides what is collected and why; NeatWaiver stores and processes it on that business's behalf.
Information we collect
From business owners:
- Account details: email address and password (stored hashed).
- Business details: business name, timezone, and an optional logo.
- Billing details: paid plans are processed by Stripe. NeatWaiver never sees or stores your full card number.
From signers, as configured by the business:
- The fields on the waiver form, such as name, email, phone, and date of birth, plus any custom fields the business added.
- Names and dates of birth of minors you sign for, if the waiver allows it.
- Your drawn signature image and any per-clause initials.
- Audit information required for a legally valid electronic signature under the U.S. ESIGN Act: the date and time of signing, your IP address, the exact waiver text you signed, and a cryptographic hash (SHA-256) of the signed document.
How we use it
- To provide the service: collecting signatures, generating signed PDFs, and showing businesses who has signed and checked in.
- To email signers a copy of their signed waiver, when the business's plan includes it.
- To operate accounts: sign-in, password resets, and billing.
- We do not sell personal information, and we do not use signer information for advertising.
Retention
Signed waivers exist to protect both the business and the signer if a dispute arises, so signatures and their PDFs are immutable and retained even if the business archives the waiver. If you want a signature removed, contact the business you signed for; legal retention requirements may prevent deletion.
Service providers
We share data only with the providers needed to run the service: hosting and database infrastructure, Cloudflare R2 (signed PDF storage), Stripe (payments), and our email delivery provider (transactional email). Each receives only what it needs.
Cookies
NeatWaiver uses only essential cookies: a session cookie to keep you signed in and a CSRF cookie to protect forms. There are no advertising or cross-site tracking cookies.
Security
All traffic is encrypted in transit with TLS, passwords are stored hashed, and every signed document carries a SHA-256 hash so tampering can be detected. Access to a business's signatures is restricted to that business's account.
Your choices
- Business owners can update their business details in Settings or contact us to close their account.
- Signers should contact the business they signed for with questions about their information; we will assist the business with any request.
Changes and contact
If we make material changes to this policy, we will update the date at the top and notify business owners by email. Questions? Contact us at privacy@neatwaiver.com.