Collect legally enforceable clickwrap agreements for terms of service, NDAs, privacy policies, and more. Every acceptance version-locked, timestamped, and tamper-evident — ready for any dispute.
Acme SaaS
Before you continue
Please read and accept our Terms before accessing Acme.
Terms of Service — v2.4
Effective May 1, 2026. By using Acme's services, you agree to be bound by these Terms of Service ("Terms").
1. Use of Services. You may use our services only in compliance with these Terms and all applicable laws. You may not use the services for any illegal purpose.
2. Account Responsibilities. You are responsible for maintaining the confidentiality of your account credentials…
SHA-256
Document version hash
ms-precise
Timestamp precision
Server-side
Acceptance logging
Instant
Re-consent on update
Courts have repeatedly struck down browsewrap agreements. Clickwrap is the enforceable standard.
| Zignature Clickwrap ✓ | Browsewrap ✗ | |
|---|---|---|
| User sees the terms | Always required | Often never read |
| Affirmative action required | Yes — click/checkbox | No — implied by use |
| Version-specific consent | SHA-256 doc hash | No record |
| Court enforceability | Consistently upheld | Often rejected |
| Audit trail | Tamper-evident record | None |
| Re-consent on update | Automatic | Not possible |
Zignature's clickwrap capture is designed with legal enforceability as the primary goal — not just a checkbox on a page.
Authenticated user identity
Name, email address, and session ID — all tied to the acceptance event in our immutable log.
SHA-256 document version hash
Cryptographic hash of the exact document the user saw and agreed to. Any change creates a new hash — there's no ambiguity about which version was accepted.
Millisecond-precise UTC timestamp
Logged server-side at the moment of acceptance — not provided by the client browser, so it cannot be spoofed.
IP address + user agent
Verified server-side. Combined with identity, establishes the user's location and device at the time of acceptance.
Downloadable certificate of completion
A printable, signed PDF summarizing the acceptance event — suitable for discovery and court submission.
Acceptance Record #8,291,047
Tamper-evidentFrom SaaS ToS to HIPAA authorizations — with a full audit trail every time.
Version-lock users to your ToS. When you update, they must re-consent before continuing — automatically enforced.
One-click NDAs that are legally binding the moment a user accepts — full audit trail, no wet signature required.
HIPAA-compliant consent for healthcare apps. Patient identity + timestamp logged with every acceptance event.
Capture subscription authorization at checkout. Documented consent reduces chargebacks and payment disputes.
Handbook acknowledgments, code of conduct, remote work policies — each with verified, auditable acceptance records.
GDPR-compliant granular consent by category — analytics, marketing, functional. Full audit trail per user per category.
Three integration paths — pick the one that fits your stack.
JavaScript Snippet
<script src="https://cdn.zignature.io
/clickwrap.js"></script>
<script>
Zignature.clickwrap({
documentId: 'tos-v2.4',
userId: currentUser.id,
onAccept: () => next()
});
</script>REST API
POST /api/consent
Authorization: Bearer {key}
{
"document_id": "tos-v2.4",
"user_id": "usr_abc123",
"user_email": "jane@co.com",
"ip_address": "203.0.113.1"
}Iframe Embed
<iframe
src="https://sign.zignature.io
/consent/tos-v2.4
?uid={userId}
&theme=light"
onload="listen()"
frameborder="0">
</iframe>Yes. Courts consistently uphold clickwrap agreements that (1) clearly present the terms before the user proceeds, (2) require an affirmative action such as clicking "I Agree" or checking a box, and (3) maintain a record proving the user completed that action for a specific document version. Zignature's implementation satisfies all three requirements with a tamper-evident audit trail.
When you publish a new document version, Zignature generates a new SHA-256 hash for the updated content. Users who haven't accepted the new version are automatically prompted to re-consent the next time they log in or trigger the consent flow. Old acceptance records are preserved with their original version hash — you'll always know who agreed to what.
Yes. Every acceptance record can be exported as a signed PDF certificate of completion, or in bulk as a CSV/JSON data export. These exports include all fields (user identity, document hash, timestamp, IP address, session ID) and are formatted for legal discovery. Access is available from your Zignature dashboard or via API.
Yes. Pass your authenticated user's ID and email via the API or JS SDK. Zignature links the acceptance event to that user identity, which strengthens enforceability because the acceptance is tied to an authenticated session — not just an anonymous browser. SAML, OIDC, and OAuth-based SSO are all supported.
Version-locked, timestamped, tamper-evident clickwrap — embedded anywhere your users are. Start collecting enforceable consent today.