In the Visma Sign service, social security number can be asked when signing a document. If the social security number is asked, this will always be decided by the organization that has made the invitation or the form. The reason for asking a social security number is a statutory or industry-specific obligation to be able to secure the person in support of electronic identification. For example, often social security number is asked in situations where the financial industry has a regulation of identifying customers remotely.
Storing the social security number
If a social security number is requested by the organization, the information is stored in the organization's own archive system inside the service and in the signer’s own personal archive in Visma Sign account.
When a person is signing a document or registering, Visma Sign service also receives a social security number from the authentication channel when the person authenticates themselves. Social security number is stored in the database as encrypted encoded. It is not possible to convert the stored social security number back into a human readable format, because the hash calculation is parallel.
The social security number is stored in the system since the person does not have to login before signing a document. Authentication is strongly done through a bank identification or a mobile certificate, which can be used to calculate a hash of a personal identification number and to search the person who signs the document.
Visma Sign: Data controller or processor?
Visma Sign always operates as a processor of personal data. More detailed description of processing personal data and the role of Visma Sign as a processor can be found in Visma Sign Privacy Statement.