GDPR, eIDAS and Visma Sign – ensure legally valid e-signing

E-signing is now part of everyday business. At the same time, it raises two essential questions: How can I be sure my agreements are legally valid, and how do I handle personal data collected during the signing process in a lawful way?
The answer lies in two key EU regulations: GDPR (data protection) and eIDAS (electronic identification and trust services). Visma Sign provides eIDAS-compliant AdES-level e-signatures based on strong authentication, while ensuring personal data is processed securely in line with GDPR.
As eIDAS 2.0 comes into force, Visma Sign will also ensure compatibility with the EUDI Wallet, safeguarding the legal validity of your agreements well into the future.
In this article, we focus in particular on the requirements of the eIDAS Regulation, its upcoming update eIDAS 2.0, and how Visma Sign meets these requirements at a high level.
eIDAS – the foundation of trust in electronic transactions
The eIDAS Regulation (EU 910/2014) establishes common rules for electronic identification and trust services, including electronic signatures. Its core purpose is to build trust in cross-border digital transactions and ensure that electronic signatures are legally recognised across the EU.
eIDAS defines three levels of electronic signatures, each with a different level of legal evidential value:
| Level | Abbreviation | Description and requirements | Legal evidential value |
|---|---|---|---|
| 1. Electronic signature | SES (Simple Electronic Signature) | A name in an email or an image of a signature. No identification required. | Moderate |
| 2. Advanced electronic signature | AdES (Advanced Electronic Signature) | Uniquely linked to the signer and ensures document integrity (any changes can be detected). | Strong (demonstrable evidence) |
| 3. Qualified electronic signature | QES (Qualified Electronic Signature) | The highest level. An AdES created using an eIDAS-approved device (QSCD) and certificate. | Fully equivalent to a handwritten signature (Article 25) |