Does this replace our existing CLM (Ironclad, ContractWorks, DocuSign CLM, Concord)? What does it cost?

No — ProofSnap is a complementary qualified-timestamp layer that sits alongside your CLM, not a replacement. Your CLM handles workflow, repository, approvals; ProofSnap adds a 30-second cryptographic timestamp step after each amendment is countersigned, producing a court-admissible forensic ZIP per revision. Pricing: ProofSnap Company $18.99/seat/month (minimum 2 seats). 5-seat in-house team: $1,139/year (~$2 per certified amendment at ~560 amendments/yr). Compare 2026 mid-market pricing: Ironclad $15K minimum to $30K–$200K/yr; DocuSign CLM $20K–$100K/yr; ContractWorks Essential ~$4,788/yr; Concord $49–$79/seat/month. ProofSnap is 4–13× cheaper because it does one thing (audit-trail integrity) — most teams keep their CLM and add ProofSnap as the audit-trail layer.

Is this SOX § 404 + SOC 2 compatible? What about the 7-year retention?

Yes to both. The 10-file forensic ZIP is the kind of supporting evidence PCAOB AS 1105 (Audit Evidence), AS 2201 (Integrated ICFR audit) and AS 2315 (Audit Sampling) expect for SOX vendor sampling. The Disig eIDAS qualified timestamp (legal presumption under Reg 910/2014 Art. 41(2)) + SHA-256 + RSA-4096 cannot be silently altered post-hoc. For SOC 2 / SOC 1 (pre-IPO SaaS): tamper-evident amendments support CC6.7 (secure transmission, movement and removal of information), CC7.2 (system monitoring for irregular activity), and CC8.1 (authorized change management — design, configuration, testing, documentation, approval). Compatible with SOC 1 Type II vendor-control reporting. Retention: you store ZIPs in your own archive (cloud or on-prem) for the SOX-mandated 7 years (15 U.S.C. § 1520); ProofSnap does not need to retain anything because the qualified timestamp + Bitcoin anchor are independently verifiable by any auditor at any time using the free Trust Verifier or open OpenTimestamps tools.

Does the amendment file leave our device?

No. ProofSnap computes the SHA-256 hash locally in the browser. Only the 32-byte hash is sent to the timestamp providers (Disig QTSP for eIDAS, OpenTimestamps calendars for Bitcoin). The signed amendment PDF, DOCX or scan itself never uploads. Essential for confidential vendor agreements with trade secrets, NDA-protected pricing, or material non-public information.

How does it integrate with our existing signing flow?

Drop-in, not replace. After the amendment is countersigned in DocuSign, Adobe Sign, Ironclad, ContractWorks, Concord or any e-signature tool, download the final PDF and drag it into the File Certifier sidebar. The 30-second timestamp step happens entirely client-side in the contract owner's browser — no API integration, no SSO setup, no IT department involvement, no procurement security review. Up to 50 files per session, max 100 MB per file. Chrome + Microsoft Edge.

What is the orphan amendment problem and how does ProofSnap solve it?

An orphan amendment is an executed contract change that fails to be properly attached to its parent agreement in the repository — the original record then appears outdated to auditors. Top audit-trail risk for in-house legal teams in 2026; 55% of teams operate without a single contract platform, multiplying the risk. ProofSnap mitigates at the source: at the moment of execution, the contract owner certifies the amendment PDF, producing a self-contained ZIP including the cryptographic link between amendment and parent (via filename convention, ZIP metadata, embedded original PDF). Even if the ZIP is later misfiled, the timestamp and integrity of the amendment text remain independently provable from any copy.

Which version of the MSA was in effect on a specific date — can auditors verify the answer?

Yes. When the auditor or opposing counsel asks which version was in force on, say, 14 January, hand them the ZIP corresponding to the most recent amendment dated on or before that date. They drop the ZIP plus the original signed PDF into the free ProofSnap Trust Verifier (no ProofSnap account required) — the tool returns 'File matches certificate' along with the qualified timestamp date issued by Disig a.s. Under Reg 910/2014 Art. 41(2), the qualified timestamp carries a legal presumption of accuracy the opposing party must rebut. Under US FRE 902(13)/(14), the record is self-authenticating without expert testimony.

Does the Company plan include unlimited file certifications?

Yes. The Company plan includes unlimited Bitcoin OpenTimestamps file certifications across the team — useful for SMBs with 50–200 vendor contracts × 3–5 amendments/yr (typically 150–1,000 amendments annually). Each seat also receives 5 eIDAS qualified stamps per month as an optional premium layer for high-value EU cross-border contracts. Additional eIDAS stamps via eIDAS SnapPack ($6.99/1, $24.99/5, $49.99/10). Admin dashboard, member management, per-seat usage reporting included.

Which Qualified Trust Service Provider issues the timestamp?

Disig a.s. — a Qualified Trust Service Provider listed on the EU Trusted List, providing qualified electronic time-stamp services under Regulation (EU) No 910/2014 (eIDAS), compliant with ETSI EN 319 421 + EN 319 422. Disig timestamps are recognised in all 27 EU member states under Art. 41(3) and carry the legal presumption of accuracy under Art. 41(2).

Why not build this ourselves? We could just run SHA-256 internally.

You can run SHA-256 yourself — but a hash alone is not court-admissible or audit-grade evidence. You need three additional layers: (1) a Qualified Trust Service Provider on the EU Trusted List for the eIDAS Art. 41(2) legal presumption (direct contract with Disig or another QTSP typically requires multi-thousand-euro minimum annual commitment + integration engineering against ETSI EN 319 421/422 protocols); (2) a Bitcoin OpenTimestamps anchor with maintained calendar-server infrastructure for US FRE 901(b)(9) tamper-evidence; (3) an ISO/IEC 27037-aligned chain-of-custody manifest, RSA-4096 signature scheme, and provenance certificate accepted by Big4 audit teams per PCAOB AS 1105. ProofSnap delivers all three plus a Trust Verifier any auditor can use without an account, for $18.99/seat/month. Build-vs-buy math is unfavourable below ~5,000 amendments/yr.

Can the Company plan handle multi-subsidiary or multi-jurisdiction rollouts?

Yes. 2–10,000 seats with admin dashboard, member management, per-seat usage reporting. Typical pattern: one parent organization with US, UK, EU subsidiaries; allocate seats per subsidiary's legal/procurement team; admin dashboard reports per-seat certification volume for cost allocation. Each ZIP is self-contained, so jurisdiction tagging uses your existing file-naming or folder structure (/US/, /UK/, /EU-DE/). The Disig eIDAS qualified timestamp is recognised across all 27 EU member states (Art. 41(3)) + UK retained eIDAS — single timestamp standard for the entire EU+UK footprint. For >100-seat deployments with custom data-residency or DPA requirements, contact support@getproofsnap.com.

What if we leave ProofSnap — can we still verify our archive?

Yes. No vendor lock-in. Every evidence ZIP is independently verifiable using two open standards: the Bitcoin OpenTimestamps proof (verifiable with the free OpenTimestamps CLI or any open-source implementation in Python, JavaScript, Java) and the Disig eIDAS qualified timestamp response (RFC 3161, verifiable using any standard X.509 PKI library against Disig's public certificate chain on the EU Trusted List). The free ProofSnap Trust Verifier is the convenience path; the integrity of your archive does not depend on ProofSnap remaining in business.

For in-house counsel, contract managers, procurement, compliance & finance ops

Every contract revision. Sealed at signing. Prove which version was in force in 30 seconds — not 3 hours.

Your auditor asks which MSA version was in effect on January 14. Today the answer is 3 hours of email archaeology, an evidence pack, and a walkthrough meeting. With ProofSnap: you hand them the ZIP plus a URL, they self-verify in 30 seconds, you fill out nothing.

Add a 30-second qualified-timestamp step to your existing DocuSign / Adobe Sign / Ironclad / ContractWorks signing flow. Drop the countersigned amendment into ProofSnap File Certifier — SHA-256 is computed locally, the file never uploads. Receive a 10-file court-admissible evidence ZIP per revision. Bitcoin OpenTimestamps always included (US FRE 901 + self-authenticating under FRE 902(13)/(14)); add an EU qualified timestamp via Disig a.s. (QTSP on the EU Trusted List) for cross-border vendor MSAs — eIDAS Art. 41(2) legal presumption across all 27 EU member states. SOX 7-year retention compatible. SOC 2 + ISO 27001 A.8.15 compatible. Sits alongside your existing CLM, not in place of it.

Start 7-day Company trial See a sample evidence ZIP

Also available for Microsoft Edge · 7-day trial requires a credit card · minimum 2 seats on Company plan · cancel anytime.

30-second step · File never leaves your device · Sits alongside Ironclad / DocuSign CLM / ContractWorks

ProofSnap File Certifier — drop your countersigned amendment, get a court-admissible evidence ZIP in 10 seconds

11%

contract value lost after signature

46%

US civil cases — largest category

7 yrs

SOX retention · ISO 27001 A.8.15

$1,139

5-seat team / yr · ~$2/amendment

Per-amendment ratio: $1,139/yr ÷ ~560 amendments (median: 140 vendor MSAs × 4 amendments/yr) = $2.04/amendment; Ironclad equivalent at $15K min = $26.78/amendment. Sources: WorldCC + Ironclad 2025 (11% post-signature value leakage), NCSC Court Statistics Project 2023 (46% civil caseloads = contract cases), Bloomberg Law ALM Survey (55% in-house teams without single CLM platform), SOX § 404 + PCAOB AS 1105 / AS 2201 / AS 2315 (7-year retention), ISO/IEC 27001:2022 A.8.15. Qualified timestamps issued by Disig a.s. — QTSP on the EU Trusted List · ETSI EN 319 421/422 compliant.

Quick answer

How do you prove which version of the MSA was in effect on a specific date?

Certify each amendment at signing. After countersignature in your CLM (DocuSign, Adobe Sign, Ironclad, ContractWorks, Concord), the contract owner drops the final PDF into the ProofSnap File Certifier sidebar — SHA-256 is computed locally, the file never uploads. Within 10 seconds you receive a court-admissible 10-file forensic ZIP, anchored to Bitcoin via OpenTimestamps (always on) and optionally sealed with a Disig eIDAS qualified timestamp — Regulation (EU) No 910/2014 Art. 41(2) legal presumption of accuracy across 27 EU member states. Self-authenticating under US FRE 902(13)/(14), so no expert witness needed at audit or trial. Store ZIPs in your contract repository for the SOX-mandated 7-year retention. Company plan $18.99/seat/month (min 2 seats) — ~$2 per certified amendment, 4–13× cheaper than Ironclad/ContractWorks/DocuSign CLM. Any auditor re-verifies with the free Trust Verifier — no account needed.

Set once at signing · auditor self-serves forever

Set once. Auditor self-serves forever.

Certify each amendment in 30 seconds at signing. At audit time, hand your auditor the URL. They self-verify in 30 seconds.

You fill out nothing. You attend no walkthrough. You produce no evidence pack. The ZIPs do that.

The 5 steps below are one-time setup, not ongoing audit prep. After step 3 wires the 30-second timestamp into your signing playbook, there is no recurring audit work.

Start Company trial — 7 days, minimum 2 seats

CC required. Add contract owner (in-house counsel or contract manager) + SOX control owner (finance ops or compliance). Admin dashboard included.

Backfill historical amendments — optional, skip if starting fresh

Forward-only deployment? Skip this step entirely — Step 3 below applies immediately to all new amendments. No historical backfill is required for go-forward audit coverage.

Want a clean 12-month history before the next SOX cycle? Bulk-certify prior-year amendments to establish baseline coverage. Company plan = unlimited Bitcoin OpenTimestamps certifications. Each ZIP carries certification date + the contract’s actual signing date inside the embedded PDF.

Optional: 60-day backfill playbook (only if you choose to backfill)

Weeks 1–2: Inventory & classify

Export FY24 amendments from CLM + reconcile against email + share-drive. Classify by vendor / signing date / dollar value / jurisdiction; tag SOX-material vs non-material. Identify orphan amendments (expect 10–30%). Owner: paralegal + contract manager. Output: master spreadsheet ~560 rows.

Weeks 3–4: Batch certification

Bulk-certify in sessions up to 50 files (per-file 100 MB) — ~12 sessions for 560 amendments, parallelize across 2–3 people. Rename ZIPs to [VendorName]_[AmendmentDate]_v[N].zip. Toggle eIDAS ON for SOX-material + EU cross-border. Owner: paralegal (drag-drop) + in-house counsel (eIDAS decisions). Throughput: ~50 amendments per 2-hour session.

Weeks 5–6: Reconciliation into repository

Drop each ZIP next to executed PDF in CLM/SharePoint. Update master spreadsheet with ZIP location + evidence ID. Sample-test 10% through Trust Verifier. Re-certify retroactive eIDAS gaps. Owner: contract manager + paralegal. Output: 100% repository coverage.

Weeks 7–8: Executive sign-off + audit-prep memo

Draft 1-page memo for GC + CFO + external auditor (scope + methodology + coverage + retention). Pre-meet with auditor walking through Trust Verifier with 3 sample ZIPs. Wire 30-second step into go-forward signing playbook (Step 3 below). Owner: in-house counsel (memo) + GC (sign-off).

Scales linearly: 280 amendments = ~30 days; 1,000 = ~90 days. Company plan unlimited Bitcoin certifications cover full backfill regardless of volume; only eIDAS stamps consume per-seat monthly quota or SnapPack credits.

Wire the 30-second step into your signing playbook

Add one line to your execution checklist: “After countersignature, certify the final PDF in ProofSnap and save the ZIP to the contract folder.” No API integration, no SSO, no IT security review — timestamp happens client-side in the contract owner’s browser.

Store ZIPs alongside executed PDFs for SOX 7-year retention

Drop into your existing repository (Ironclad, ContractWorks, SharePoint, Google Drive, S3). Each ZIP is self-contained — even if ProofSnap disappeared tomorrow, the Bitcoin + Disig anchors are independently verifiable using open standards.

Hand the auditor the relevant ZIP — verification takes 30 seconds

When the auditor asks “which version on date D?”, hand the ZIP from the most recent amendment dated on or before D. They drop it into the free Trust Verifier with the executed PDF — “File matches certificate” with the qualified timestamp date. No ProofSnap account. PCAOB AS 1105 reliability: high.

Start 7-day Company trial — from $18.99/seat/month

7-day trial requires a credit card · minimum 2 seats · cancel anytime.

8 questions the auditor will ask — you no longer answer

The auditor opens the artefact themselves. You skip the meeting.

Standard Big4 vendor-amendment sampling questions, each answered by an artefact the auditor opens directly — no evidence-pack assembly from you, no walkthrough meeting, no “let me get back to you on that”. Forward the table to your GC and CFO; print for the audit pre-meet.

#	Auditor question	ProofSnap answer	Standard
1	“Show me the complete population of vendor MSA amendments executed in FY24.”	Master spreadsheet from Backfill Week 1–2 + one ZIP per amendment in the repository. Auditor counts ZIPs = counts population.	AS 1105.06
2	“From this population, pick 5 random samples for testing.”	Hand auditor the spreadsheet; pull 5 corresponding ZIPs from the repository in under a minute.	AS 2315
3	“Show executed PDF + signing date + which version was in force on a transaction date.”	`provenance_certificate.pdf` + embedded original PDF + `manifest.json` (date + SHA-256).	AS 1105.08
4	“Demonstrate the integrity — prove it has not been altered post-signing.”	Drop ZIP + PDF into Trust Verifier → “File matches certificate” in 30 seconds + qualified timestamp date by Disig a.s. No ProofSnap account.	eIDAS 41(2) + FRE 902
5	“Walk me through your control preventing unauthorized amendments outside the approval workflow.”	CLM’s approval-routing audit log (workflow) + ProofSnap ZIP (integrity). Two independent layers; ZIP timestamp must post-date CLM’s final-approval event.	AS 2201.34
6	“Retention policy and how do you ensure ZIPs cannot be deleted by the contract owner?”	Repository-level retention lock (WORM mode or CLM native) + Bitcoin OpenTimestamps anchor independently verifiable in perpetuity. SOX 7-year met by repository policy.	SOX § 802 (15 U.S.C. § 1520) + SOC 2 CC6.7
7	“If the contract owner left the company, can you still produce and verify this evidence?”	Yes — ZIP is self-contained, not tied to any user account. Any team member with repository access can re-verify; Trust Verifier is anonymous and account-free.	SOC 2 CC1.3 (authority + responsibility persist across personnel changes)
8	“Walk me through how I would verify independently right now — without your help.”	Send auditor to getproofsnap.com/verify/index.html in their browser. Drop ZIP + PDF, result in 30 seconds. Second path: any open-source OpenTimestamps client (Python, JS, Java) against Bitcoin — ProofSnap not in the loop.	AS 1105.09

Send these two links to your auditor — they self-verify, you do nothing

Two self-contained assets the auditor opens directly. Forward in your audit pre-meet email; no walkthrough needed. No email gate on the download.

Sample evidence ZIP

10-file forensic package, pre-loaded MSA amendment

Open the Trust Verifier

Demo: drop ZIP + PDF → “File matches certificate”

Replaces the standard 60-minute walkthrough meeting. Send the auditor the sample ZIP + Trust Verifier URL by email; they self-verify on their schedule, you skip the meeting entirely.

Who should lock every amendment — and what they stop doing

Five SMB Legal Ops segments, five recurring tasks you stop doing once amendments self-prove at signing.

In-house counsel (1–5 person team, 100–500 employees)

Stop hunting amendments in Slack threads. 50–200 vendor MSAs × 3–5 amendments/yr = 150–1,000 amendments annually. 55% of in-house teams operate without a single contract platform. When the auditor samples Vendor X and asks for the amendment in force on date D, the answer today is a Slack-thread + renamed-Word-file scavenger hunt — with ProofSnap, it’s one ZIP click.

With ProofSnap: certify each amendment the day it’s countersigned. Bulk-backfill prior 12 months. Auditor verification drops from hours of email archaeology to 30 seconds.

Orphan amendments SOX sample

Contract managers & legal operations

Stop chasing renewal-clause breaches retroactively. WorldCC + Ironclad 2025: organizations lose 11% of contract value after signature — unauthorized scope changes, missed price escalations, auto-renewals on unfavorable terms, performance obligations no one tracks. Today you reconstruct the amendment timeline three quarters later from email; with ProofSnap, every revision is timestamped at signing so the timeline is automatic.

With ProofSnap: every amendment has a unique cryptographic fingerprint cross-referenced to its parent MSA filename. Even if misfiled, timestamp + integrity remain provable from any copy.

11% value leakage Renewal proof

Procurement & vendor management

Stop reconstructing version history from email. Contract cases were 46% of US state-court civil caseloads in 2023, the largest civil category (NCSC Court Statistics Project); volume up 21% in 2022 and 15% in 2023. When a supplier claims the SLA penalty cap was raised in the September amendment and procurement remembers it was lowered, today the answer is days of email archaeology; with ProofSnap, the September amendment ZIP plus Trust Verifier resolves it in 30 seconds.

With ProofSnap: amendment ZIP = self-authenticating exhibit ready for mediation, arbitration or court — FRE 902(13)/(14) without expert testimony, eIDAS Art. 41(2) burden-of-proof reversal in EU.

SLA dispute Court-admissible

Compliance & ISO 27001 audit owners

Stop writing ISO 27001 evidence narratives. ISO/IEC 27001:2022 control 8.15 (Logging) requires user activity and security event logs — widely interpreted to include the lifecycle of any control-relevant document including vendor contracts with access controls and data-protection clauses. Today you draft narrative documentation per surveillance audit; with ProofSnap, the ISO 27037-aligned chain-of-custody manifest is generated automatically per ZIP.

With ProofSnap: each amendment timestamp + ISO/IEC 27037-aligned chain-of-custody manifest gives the surveillance auditor a machine-readable record of when each version took effect.

ISO 27001 A.8.15 ISO 27037 custody

CFO & finance ops (SOX-driven)

Stop assembling SOX sample evidence packs. Under SOX 404(a)/(b), management asserts and the external auditor attests ICFR. PCAOB AS 1105 (Audit Evidence) and AS 2201 (Integrated Audit of ICFR) require sufficient appropriate evidence including third-party contracts. Today every audit cycle = days spent building vendor-amendment evidence packs the auditor can use; with ProofSnap, the auditor opens the ZIPs themselves and never asks you for a pack.

With ProofSnap: every amendment carries a tamper-evident qualified timestamp + Bitcoin anchor, satisfying AS 1105 reliability tests. 7-year SOX retention: ZIPs in your own archive, independently verifiable without ProofSnap. 5-seat in-house team = $1,139/year, rounding error against a single SOX remediation engagement.

SOX § 404 PCAOB AS 1105 Material weakness avoidance

Add a 30-second qualified-timestamp step to your existing signing flow

No replacement project, no procurement security review, no CLM migration. ProofSnap adds one client-side timestamp action between “both parties countersigned” and “save to repository.” Compatible with DocuSign / Adobe Sign / Ironclad / ContractWorks / Concord / PandaDoc. Roll out across legal + procurement in an afternoon; full ROI from one avoided SOX remediation or one upheld dispute. Adjacent Contract Vertical pages cover NDA workflows (NDA Version Proof →), freelance SOW disputes (Freelance Scope Creep Proof →), mediated settlement enforcement (Settlement Agreement Proof →) and court-admissible web capture (Page Vault Alternative →).

From countersigned PDF to audit-ready ZIP in 10 seconds

Drop. Certify. File next to the executed PDF. No API integration, no SSO, no procurement security review.

Drop and Certify

After CLM countersignature

ProofSnap File Certifier panel: drop zone, eIDAS toggle, Certify File button

Download the executed amendment from your CLM. Drag into the File Certifier sidebar (any file up to 100 MB). Toggle EU Qualified Timestamp (eIDAS) for cross-border MSAs. Click Certify File.

Certificate ready — 10 seconds

SHA-256 + Bitcoin + Disig eIDAS

File certified: SHA-256 hash, Bitcoin pending, eIDAS Qualified (Disig), Download Certificate Package

SHA-256 in your browser; only the 32-byte hash leaves. Bitcoin OpenTimestamps anchored, Disig eIDAS sealed. Click Download Certificate Package and save next to the executed PDF in your repository.

Auditor re-verifies in 30s

External auditor · opposing counsel · ISO surveyor

ProofSnap Trust Verifier: green 'File matches certificate' Match badge

Hand the ZIP to your auditor. They drop it into the free Trust Verifier with the executed amendment → “File matches certificate”. No ProofSnap account required.

What’s inside the evidence ZIP — 10 forensic files

manifest.json — evidence ID + SHA-256 hash

manifest.sig — RSA-4096 signature

publickey.pem — verifier public key

chain_of_custody.json — ISO 27037 custody record

forensic_log.json — hash-chain event log

provenance_certificate.pdf — human-readable certificate

manifest.json.ots — Bitcoin OpenTimestamps proof

manifest.json.tsr — eIDAS qualified TSR (RFC 3161)

eidas_validation.json — LTV validation data

[amendment].pdf — original file (embedded)

No vendor lock-in. If ProofSnap disappeared tomorrow, your archive verifies against Bitcoin + Disig using open tools — OpenTimestamps CLI plus any X.509 PKI library against Disig’s certificate chain on the EU Trusted List.

Try the File Certifier — 7-day Company trial

Two layers of proof. Four compliance frameworks.

Every ZIP anchored to Bitcoin on every plan. Add EU qualified timestamp for cross-border MSAs where you want the burden of proof on the supplier’s side.

Layer 1 — Bitcoin OpenTimestamps

Unlimited on Company plan · on every tier

SHA-256 hash anchored to Bitcoin via OpenTimestamps. Decentralised, tamper-evident. Once anchored, cannot be forged without breaking Bitcoin itself. Satisfies: US FRE 901 + FRE 902(13)/(14) self-authenticating (no expert witness), PCAOB AS 1105 audit-evidence reliability: high. Verifiable with open OpenTimestamps tools — no ProofSnap dependency for 7-year retention.

Sufficient for: SOX vendor sampling, ISO 27001 A.8.15 logging, most US contract disputes (small claims and federal), internal control audits.

Layer 2 — eIDAS qualified timestamp

5/seat/month Company · or SnapPack from $6.99

Disig a.s. (QTSP on the EU Trusted List) issues a qualified timestamp under RFC 3161 + ETSI EN 319 421. Adds eIDAS Art. 41(2) legal presumption of accuracy + integrity — burden of proof reverses, supplier must rebut. Recognised in all 27 EU member states (Art. 41(3)) + UK retained eIDAS.

Required for: EU cross-border vendor MSAs, multi-jurisdictional subsidiaries, contracts above SOX materiality threshold.

SOX · PCAOB (post-IPO)

§ 404 internal-control + AS 1105 audit-evidence + AS 2201 integrated ICFR + § 802 7-year retention. Tamper-evident amendments satisfy reliability tests for vendor sampling.

SOC 2 / SOC 1 (pre-IPO SaaS)

Supports CC6.7 (secure transmission, movement and removal of information), CC7.2 (system monitoring for irregular activity), CC8.1 (authorized change management). Compatible with SOC 1 Type II vendor-control reporting. AICPA 2017 Trust Services Criteria.

EU · eIDAS + 27 states

Reg 910/2014 Art. 41(2) legal presumption; supplier must prove your timestamp is inaccurate. Cross-border under Art. 41(3); UK retained eIDAS. Disig a.s. on the EU Trusted List.

ISO 27001:2022 · FRE 902

Annex A 8.15 Logging: produce, protect, review activity logs. ISO/IEC 27037:2012 chain-of-custody. US FRE 902(13)/(14): self-authenticating without expert testimony.

Why this matters: 11% of contract value leaks after signature (WorldCC + Ironclad 2025)

WorldCC + Ironclad 2025 global survey: organizations lose on average 11% of contract value after signature — ~$55M/yr per $500M annual contracted spend. WorldCC also estimates poor contract management costs 8–9% of annual revenue overall; top performers limit leakage to 3% while low performers leak 15–20%. Most of the leak happens after signing: unauthorized scope changes, missed price escalations, auto-renewals on unfavorable terms, unenforced obligations. Fix starts with an immutable record of what was actually agreed and when. A 5-seat ProofSnap Company rollout at $1,139/year closes a measurable share of that gap.

ProofSnap is not a law firm, audit firm or CLM. Qualified timestamps are issued by Disig a.s. (QTSP on the EU Trusted List). Consult qualified counsel and your external auditor for advice on your specific SOX, ISO and litigation posture.

Company plan — per seat, monthly

Unlimited Bitcoin OpenTimestamps file certifications for the entire team. Add eIDAS qualified timestamps for cross-border vendor MSAs.

Team-size cost math vs CLM mid-market pricing

2 seats (minimum)

$455

/year · counsel + finance ops

vs ContractWorks $4,788

Most chosen

5 seats

$1,139

/year · in-house + procurement

vs Ironclad $15K (13×)

10 seats

$2,278

/year · firm-wide

vs mid-market CLM $25–40K

25 seats

$5,697

/year · multi-subsidiary

vs DocuSign CLM $20K–$100K+

All totals = $18.99/seat/month × 12. Annual prepay $190/seat/year (20% savings). Comparisons reflect publicly available 2026 vendor pricing; ProofSnap is a complementary timestamp integrity layer, not a full CLM replacement.

Primary plan for SMB Legal Ops

Company

$18.99/seat/month

or $190/seat/year (20% savings) · minimum 2 seats

Unlimited file certifications (Bitcoin OpenTimestamps)
5 eIDAS qualified stamps per seat per month (optional Layer 2)
Unlimited page captures (vendor portals, dashboards)
Admin dashboard + member management + per-seat usage reporting

2 to 10,000 seats · multi-subsidiary rollout
10-file forensic ZIP per certification (ISO 27037 chain of custody + provenance PDF)
SOX 7-year retention — ZIPs in your archive, not ours
Self-serve onboarding — no API, SSO or IT review

Start 7-day Company trial

7-day trial requires a credit card · cancel anytime within the trial — no charge.

For single-user evaluation or pay-per-amendment use: Enterprise $28.99/mo (50 file certs + 10 eIDAS, solo) · Professional $16.99/mo (15 file certs Bitcoin only) · eIDAS SnapPack $24.99/5 ($5/stamp, no subscription, 12-month credits).

See all plans on the Chrome Web Store →

vs Ironclad, ContractWorks, DocuSign CLM, Concord

ProofSnap is not a CLM replacement. It is a complementary qualified-timestamp integrity layer that sits alongside your platform. Most teams keep their CLM and add ProofSnap as the audit-trail layer.

Feature	ProofSnap Company	Ironclad	ContractWorks	DocuSign CLM	Concord
Tamper-evident timestamp per amendment		Audit log only	Audit log only	Audit log only	Audit log only
eIDAS qualified timestamp included		No	No	Enterprise add-on	No
Self-authenticating in court (FRE 902)		Requires witness	Requires witness	Requires witness	Requires witness
File never uploaded		No (cloud-hosted)	No (cloud-hosted)	No (cloud-hosted)	No (cloud-hosted)
Self-serve onboarding (no IT review)		4–6 mo implementation	Self-serve at Essential	Sales-led	Self-serve
5-seat team annual cost	$1,139	$15,000+ minimum	~$4,788+ (Essential)	$20,000+ typical	~$2,940 (Essentials)

Comparison reflects publicly available 2026 pricing (vendor sites, Vendr marketplace data, Concord pricing-exposure analysis). Mid-market CLM total annual cost typically $25K–$40K (5–10 attorneys, <$200M revenue) up to $80K–$200K (10–30 attorneys, $200M–$1B). ProofSnap is a complementary qualified-timestamp layer, not a full CLM replacement.

Frequently asked questions

Yes. 2 to 10,000 seats with admin dashboard, member management, per-seat usage reporting. Typical pattern: parent organization + US/UK/EU subsidiaries; allocate seats per subsidiary’s team; dashboard reports per-seat certification volume for cost allocation. Each ZIP is self-contained — jurisdiction tagging uses existing file-naming or folder structure (/US/, /UK/, /EU-DE/). Disig eIDAS recognised across 27 EU states (Art. 41(3)) + UK retained eIDAS — single timestamp standard for the EU+UK footprint. For >100-seat deployments with custom data-residency or DPA, contact support@getproofsnap.com.

Trust & Security

Why ProofSnap clears procurement faster than any CLM

The architectural choice that drives the price also eliminates the standard infosec review: no customer files ever touch ProofSnap servers. Only the 32-byte SHA-256 hash leaves the contract owner’s browser.

Architecture — what ProofSnap stores

No customer files. Contracts/MSAs/amendments/scans never leave the browser. SHA-256 computed client-side.
Only 32-byte hashes transmitted to Disig (eIDAS QTSP) and OpenTimestamps calendars. The hash reveals nothing about the underlying content.
Account data only: email, organization, billing, usage counters (Firebase Auth + Stripe).
Sub-processors: AWS (us-east-2 Lambda + S3 + CloudFront), Firebase Auth, Stripe, Disig a.s. (eIDAS QTSP), OpenTimestamps calendars. Full list in DPA.

Procurement-questionnaire shortcuts

Data classification: N/A — no customer data processed.
PII / SPI / PCI handling: none — no customer data collected from contracts.
Encryption at rest: N/A on customer files (none stored). Account data encrypted via Firebase / AWS defaults.
Data residency: AWS us-east-2 (Ohio) Lambda; Disig eIDAS QTSP in Slovakia (EU). Hash transmission is content-free.
Breach notification: a breach of ProofSnap could not expose customer contracts — we do not hold them.
Right to delete: archive ZIPs verify independently of ProofSnap forever; account deletion does not affect archive integrity.

SOC 2 + ISO 27001 vendor status

ProofSnap is a Chrome extension + AWS Lambda service operating Firebase + Stripe + Disig (QTSP on EU Trusted List) sub-processors. The qualified timestamp service runs under Disig’s eIDAS qualification (audited annually by accredited third parties per Reg 910/2014). ProofSnap is not currently SOC 2 Type II audited as a standalone vendor — the architectural choice to store zero customer contract files removes the principal reason most SaaS vendors pursue SOC 2 (customer-data assurance). For procurement teams requiring a formal trust report, the upstream Disig SOC 2 / eIDAS conformity assessment + OpenTimestamps’ reliance on Bitcoin blockchain auditability typically satisfy the security review path. For DPA, sub-processor list or vendor security questionnaire support, contact support@getproofsnap.com.

Close the contract-amendment audit gap.

11% of contract value leaks after signature (WorldCC + Ironclad 2025). Contract cases are the largest US state-court civil category at 46% of caseloads (NCSC 2023). A 5-seat in-house team rolls out ProofSnap Company for $1,139/year — rounding error against a single SOX remediation, dispute or auditor finding.

Start 7-day Company trial — from $18.99/seat/month

7-day trial requires a credit card · minimum 2 seats · cancel anytime within the trial — no charge.