Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Skribble

VERIFIED
E-signature · Switzerland
Founded 2018 · skribble.com ↗

Zurich-based Swiss e-signature platform with dual ZertES + eIDAS QES via Swisscom partnership; ISO 27001, 4,000+ DACH customers.

In short

Skribble, in the E-signature category, is an EU-owned service with Switzerland as its hosting location and no identified CLOUD Act exposure.

Assessment notes

Skribble is a Zurich-based Swiss e-signature platform that uniquely covers both ZertES (the Swiss Federal Act on Electronic Signatures) AND eIDAS (the EU regulation) for Qualified Electronic Signatures via its partnership with Swisscom AG, the qualified-certificate issuer that anchors the QES infrastructure. ISO 9001 + ISO 27001 certified, GDPR + DSGVO compliant, serving 4,000+ companies in DACH (Germany / Austria / Switzerland). Swiss legal entity + EU adequacy decision + Swisscom QTSP backbone with no CLOUD Act exposure and a public DPA; the dual-bar ZertES + eIDAS coverage is the directory's strongest cross-jurisdiction QES capability for buyers operating across CH and EU.

CLOUD ACT
OWNERSHIP
SUB-PROCS
0 none disclosed
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Skribble

Skribble is a Zurich-headquartered Swiss e-signature platform that distinguishes itself in the QES market by uniquely covering both Swiss ZertES and EU eIDAS qualified-signature regulations under a single platform. Founded around 2018 with focus on the DACH region (Germany, Austria, Switzerland), the company has scaled to 4,000+ corporate customers and built its QES capabilities on a partnership with Swisscom AG, the Swiss federal-recognised Qualified Trust Service Provider that issues the underlying qualified certificates conforming to both ZertES (the Swiss Federal Act on Electronic Signatures) and eIDAS (the EU regulation). This dual-bar coverage matters because Switzerland and the EU are separate jurisdictions with no automatic mutual recognition of qualified signatures; a Swiss-only or EU-only QTSP can leave one half of a DACH transaction legally exposed, while Skribble's Swisscom-anchored stack delivers QES that is fully binding under both regimes.

Compliance posture is procurement-grade: ISO 9001 + ISO 27001 certified at the company level, GDPR + DSGVO compliant, Swiss federal legal-validity coverage under ZertES via Swisscom-issued certificates. The platform handles identity verification (video-ident, qualified e-ID, GwG / FATF-aligned KYC for higher signature tiers), signing workflows (Simple, Advanced, Qualified electronic signatures), and audit-trail packaging. Switzerland holds an EU adequacy decision under Art. 45 GDPR so cross-border EU↔CH transfers require no SCCs.

Pricing is enterprise / tier-based with monthly per-user and per-document pricing; specific entry-tier EUR figures were not captured at audit. Best fit: DACH companies with material cross-border CH↔EU contracting flows (Swiss banks contracting EU customers, EU insurers signing Swiss policy-holders, Swiss-EU joint ventures, dual-jurisdiction employment contracts), companies in regulated industries needing QES under either ZertES or eIDAS, and any organisation that values having Swisscom-issued qualified certificates as the trust anchor. Procurement-grade EU-only buyers operating purely inside the EU may prefer Yousign (France, ANSSI-supervised) or the Signaturit / Namirial group (though the latter is US-private-equity-owned since 2025 and hosted at rest on AWS, so cloud_act_exposure: material), but for any DACH workflow Skribble's dual-regime QES is structurally differentiated.

SUB-PROCESSORS

Sub-processor map · none disclosed

Source ↗
Vendor discloses zero sub-processors. All data processing happens in-house.
CERTIFICATIONS

Frameworks & certifications

ISO/IEC 27001
ACTIVE
FEATURES

Capability matrix

Qualified signature (QES) Yes
Advanced signature (AES) Yes
Audit trail Yes
Templates No
ID verification Yes
API / webhooks Yes
INTEGRATION & ACCESS
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
Custom pricing

Contact vendor for tier or volume pricing.

View pricing page ↗
PUBLIC DOCUMENTS

Public documents

  • Data Processing Addendum (DPA)
    www.skribble.com/en-eu…
    Open ↗
  • Sub-processors list
    www.skribble.com/en-eu…
    Open ↗
  • Terms of Service
    www.skribble.com/en-eu…
    Open ↗
ALTERNATIVES

Alternatives in this category

Eversign (Xodo Sign)
Austria · Founded 2017
US-LINKED

Vienna-launched e-signature platform (eversign GmbH, 2017), acquired by Apryse (US/PDFTron) in 2022, rebranded as Xodo Sign.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
DIRECT
Signaturit (Namirial)
Spain · Founded 2013
EU-HOSTED

Barcelona-based Spanish digital-trust group (Signaturit, a Namirial company; parent Namirial acquired by Bain Capital, US PE, 2025), 4 QTSPs with highest eIDAS qualifications; platform hosted at rest on AWS.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
MATERIAL
Signicat
Norway · Founded 2006
EU-HOSTED

Trondheim-based pan-European eIDAS QTSP for digital identity, e-ID and qualified e-signatures; Nordic Capital-owned, EEA-hosted on US hyperscalers.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
MATERIAL