Compare · DocuSign
The DocuSign alternative that never uploads your PDF
If your document is too confidential to upload — an NDA, term sheet, board resolution, IP assignment, medical record — DocuSign is the wrong tool, not because it's bad, but because it requires you to hand them a copy. FreeSign is a privacy-first alternative built around the opposite default: the PDF never leaves your browser.
The structural difference
DocuSign is a document-workflow product. You upload a PDF, drop signature placeholders, list recipients, and DocuSign handles the rest — routing, reminders, retention, audit trail. Their core asset is the document repository: DocuSign reports handling billions of agreements in their cloud since inception, per their published 10-K and earnings filings. That's the product. Documents go in; signed documents come out; everything in the middle happens on DocuSign-operated infrastructure.
FreeSign is a cryptographic signing primitive with a workflow shell around it. The PDF is hashed locally in your browser. A per-user X.509 leaf certificate is issued for that one ceremony from an HSM-backed CA (the HSM signs only the certificate's TBS digest — it never sees the PDF). The CMS PKCS#7 seal is appended to the PDF as an incremental update, and the signed-region hash receives an independent OpenTimestamps proof. FreeSign's Worker sees: the OTP-verified email, the OTP challenge, the document's SHA-256, the public half of your browser ceremony key, an audit hash chain, and a standard request fingerprint (connecting IP, any X-Forwarded-For chain, user-agent, Cloudflare colo/ASN/TLS metadata) for the signing event. We don't see the PDF.
Both products produce a legally valid electronic signature. They produce different artifacts with different verification stories, different threat models, and different failure modes.
Side-by-side
| Capability | FreeSign | DocuSign |
|---|---|---|
| Document is uploaded to the vendor | No — only a SHA-256 hash | Yes, required |
| Vendor stores the signed PDF | No — we have nothing to storeYou keep the file. | Yes — in DocuSign cloudRetention is configurable but storage is the default. |
| Vendor account required | No — email + 6-digit OTP onlyThe OTP-verified email IS an identity binding — you still need a real inbox. | Yes for senders; optional account for signers (they can still sign with email link + click-to-accept) |
| Free plan with unlimited signing | Yes — free today, no cardNo paid tier exists yet. A future Pro tier will not retroactively change the free product. | No — free trial only; paid plans listed belowPer DocuSign pricing; verify current numbers before procurement. |
| Standards conformance | PAdES-B-T (CMS PKCS#7, RFC 3161 timestamp) | PAdES-B-T / PAdES-B-LT (configurable) |
| RFC 3161 trusted timestamp | DigiCert AATL TSA | DocuSign-operated TSA / partner TSAs |
| Independent timestamp proof | OpenTimestamps embedded in CMS + downloadable .ots proof | Not offered |
| Per-user X.509 leaf cert | Issued for every signer, embedded in PDFSubject CN = signer's typed legal name; SAN = OTP-verified email. Default lifetime 10 years; key one-shot. | Available via DocuSign Standards-Based Signatures and partner CAs / QTSPsPlan and add-on dependent. |
| Browser ceremony key generated on your device | Non-extractable WebCrypto ECDSA P-256 for intent/session evidence | Signed server-side (DocuSign-operated keys) in the default cloud-signing flow |
| CA private key in FIPS 140-2 Level 3 HSM | Google Cloud KMS HSM-protected key (HSM protection level)Level 3 is for the HSM hardware; software-protected KMS keys are Level 1, so the deployment must use the HSM tier specifically. | DocuSign operates AATL-listed HSMs |
| AATL-listed CA (Adobe green check) | No — FreeSign CAAdobe shows yellow ⚠️ — see FAQ on why this is a UX wart, not a verdict. | Yes |
| eIDAS Article 26 evidence | Designed around Article 26 evidence; not QES | Yes, with product- and region-specific options |
| eIDAS QES (Article 25(2)) | No — on roadmap (QTSP/QSCD) | Yes — via DocuSign EU Advanced / partner QTSPs (paid add-on) |
| ESIGN / UETA | Yes — intent, consent, association, retention | Yes |
| Verifies in Adobe Reader | Yes — with yellow trust warning by defaultReader will show “Signer's certificate is invalid” if the recipient opens the PDF after the leaf cert expires (default 10 years); the underlying signature still verifies cryptographically and the RFC 3161 timestamp + OpenTimestamps proof still attest the original moment. | Yes — with green check (AATL) |
Verifies in openssl cms -verify | Yes | Yes |
Verifies in pyHanko | Yes — coverage: ENTIRE_FILE, modification_level: NONE | Yes |
| Verification works if vendor disappears | Yes — all trust anchors are external (signer's cert in file, DigiCert TSA, OpenTimestamps proof) | Depends — AATL chain validates without DocuSign, but their hosted audit URLs and retention go away |
| Multi-party routing, reminders, templates | No — pass the PDF yourself | Yes — core product |
| Salesforce / HubSpot / SAP / Workday connectors | No — REST + MCP API only | Yes — certified marketplace apps |
| Bulk send, dashboards, custom branding | No | Yes — Business Pro and above |
| Enterprise SSO, SCIM, audit roles | No accounts to gate | Yes — Enterprise plans |
| Verifiable with third-party open-source tools | Yes — openssl, pyHanko, ots CLI | Output is standards-based but verification flow is theirs |
| Self-hostable | No — closed source, hosted only | No |
Privacy: who can see the PDF?
DocuSign. Every PDF you sign through DocuSign is uploaded to and stored on DocuSign-operated infrastructure. Their Trust Center describes AES-256 encryption at rest and TLS in transit, SOC 2 Type II, ISO 27001, and HIPAA-eligible plans. DocuSign personnel cannot read your document under normal operations, and access is logged; that's the bound on the privacy claim. If DocuSign is subpoenaed, has a security incident, or rolls out a new AI feature that needs document content, your PDF is in scope — because they have it. DocuSign also recently added Intelligent Agreement Management (IAM) features that involve AI processing of document content; participation is configurable but the architectural fact is that they hold the document.
FreeSign. FreeSign cannot read your PDF because we don't have it. The only thing our Worker receives is a 32-byte SHA-256 of the document (and later, a 32-byte digest of the ByteRange placeholder — a region of the PDF the signature covers). If a court subpoenas FreeSign for “the document Ada Lovelace signed on 2026-05-17,” we cannot produce it. This is not a policy promise; it's a structural property of the codebase, enforced by the MCP discovery contract (documentUpload: false) and a public-contract test.
This means FreeSign is structurally unsuitable for compliance regimes that require the vendor to hold the document (some regulated industries explicitly require an independent escrow). For those cases, DocuSign or a QTSP is the right tool.
Verification: what tools accept the signature?
Both DocuSign and FreeSign produce PAdES-B-T signatures — the same ETSI standard, the same CMS PKCS#7 wrapper, the same RFC 3161 timestamp embedded as an unsigned attribute. The cryptographic substrate is identical. The differences are:
- Adobe Reader trust list. DocuSign's CA is on Adobe's AATL list, so Reader shows a green check. FreeSign's CA is not, so Reader shows yellow ⚠️. This is a commercial-marketplace property, not a legal one — the FAQ unpacks the difference.
- OpenTimestamps proof. FreeSign adds an independent OpenTimestamps proof; DocuSign does not. After ~1-2 hours that proof can upgrade to a public block-header attestation, an external timestamp that does not depend on FreeSign.
- Self-contained verification. A DocuSign-signed PDF verifies in
openssland Adobe Reader today, but DocuSign-hosted audit URLs and certificate-of-completion pages stop working if the company goes away. A FreeSign-signed PDF has every trust anchor in the file itself — the CMS signature, the certificate chain, the timestamp, the OpenTimestamps proof, and the evidence JSON (embedded in the signature's CMS, carrying the signer'spublic_key_jwk) — so verification doesn't depend on FreeSign existing.
Pricing: how does free actually work?
FreeSign is free today, with no account and no card — not a trial. We can run it free because we don't store your PDF (no document-storage cost), we don't have user accounts (no auth/billing/support cost), and the cryptographic primitives (Cloudflare Workers, WebCrypto, OpenTimestamps calendars, DigiCert TSA's free tier) cost essentially nothing per signature. The per-signature cost we do incur is a fraction of a cent for the HSM CA signature on the leaf certificate. A paid Pro tier for hosted evidence vault, branded receipts, and SSO is on the roadmap but doesn't exist yet; if it ships, the existing free product won't be retroactively gated behind it.
DocuSign's published plans are user-seat-based: a Personal plan (single user, limited monthly envelopes), Standard and Business Pro at higher seat prices, and a negotiated Enterprise tier. DocuSign updates list prices frequently; verify the live pricing page before you compare line-items. QES-grade signatures (Article 25(2)) typically require an add-on QTSP via DocuSign EU Advanced or a partner. Free trial is available; storage and routing features kick in at the paid tiers.
When DocuSign is the right choice
We're not interested in pretending DocuSign is bad. Use DocuSign when:
- You have a multi-party signing flow with named recipients, routing rules, and reminders, and you'd rather not orchestrate it manually.
- The counterparty already has a DocuSign account and won't accept anything else.
- You need an AATL green check in Adobe Reader as a hard requirement (e.g. internal compliance team is firm on that bar).
- You need Salesforce / HubSpot / SAP / Workday certified integration, not just an API.
- You need enterprise procurement to find your vendor on a pre-vetted list.
- You need QES (eIDAS Article 25(2)) for one of the narrow EU public-authority use cases.
When FreeSign is the right choice
- The document is confidential and you'd rather not upload it. Full stop.
- You're a law firm, advisory shop, security team, M&A boutique, healthcare provider, or AI lab where uploaded contracts are a regulatory or competitive risk.
- You're a developer signing internal compliance docs and want a one-shot HTTP API with no auth dance.
- You value verification that doesn't depend on the vendor existing in 10 years.
- You want an independent OpenTimestamps proof as belt-and-suspenders evidence on top of the regular RFC 3161 TSA.
- You're cost-sensitive and the workflow features above don't apply.
How to migrate a one-off NDA flow to FreeSign
- Open the NDA PDF on your machine. Drop it into free-sign.com — the SHA-256 is computed in your browser. Enter your email and full legal name, tick consent.
- Receive a 6-digit OTP. Type it in. The browser signs locally, the server witnesses, the seal is assembled.
- Download the signed PDF. It carries the per-user X.509 cert, the DigiCert timestamp, the OpenTimestamps proof, and the evidence JSON embedded in the signature's CMS — one self-contained file.
- Email the signed PDF to the counterparty. If they need to sign too, they drop the PDF into free-sign.com and add a second signature as an incremental revision — both signatures stay verifiable in the same file.
- Optional: hand a verifier the signed PDF. They verify with
openssl cms -verify+pyhanko sign validate+ots verify, and extract the embedded evidence JSON from the CMS — without ever calling FreeSign.
FAQ for switchers
Will the counterparty's lawyer accept a FreeSign signature?
Often yes, depending on document type, jurisdiction, and counterparty policy. FreeSign is designed to provide ESIGN/UETA-style evidence in the US and eIDAS Article 26-style evidence in the EU. Your counterparty's lawyer may pattern-match on “Adobe green check = trusted” out of habit, in which case the FAQ explainer walks them through why the yellow icon is a trust-list warning, not a document-integrity failure.
What if I need a multi-party signing flow?
FreeSign supports multi-signer ceremonies: each subsequent signer appends another incremental revision on top of the previous one. The catch is that we don't route the PDF for you — you pass it to the next signer yourself, through whatever channel you'd trust the document on. That's a feature, not an omission: if we routed it, we'd have to see it.
Can I bulk-sign 200 NDAs?
Not today. Bulk signing is on the Pro roadmap. For now, the API supports one PDF at a time.
What about DocuSign's audit trail?
DocuSign produces a Certificate of Completion PDF that summarises the workflow. FreeSign embeds an evidence JSON inside the signed PDF that includes the canonical signed payload, the per-user cert, the request fingerprint (IP, UA, Cloudflare geo/ASN), and the OTP record; the audit hash chain and the OpenTimestamps proof are available via the receipt API — everything DocuSign's audit trail contains, plus cryptographic binding to the document hash and an independent timestamp proof.
Sign your first PDF without uploading it
The fastest answer to “is this real” is to sign a test PDF. No account, no card, full ceremony in under a minute.
Sign a PDF now →