Flag of Spain

France

Legal with restrictions

E-Signature Legality in France

E-Signature Legality in France

Everything you need to know about electronic signature laws in France fully recognizes electronic signatures under eIDAS and the Civil Code. SES and AES cover nearly all commercial B2B contracts, with QES reserved for public procurement and notarial acts. and how Firma.dev helps you comply.

Everything you need to know about electronic signature laws in France fully recognizes electronic signatures under eIDAS and the Civil Code. SES and AES cover nearly all commercial B2B contracts, with QES reserved for public procurement and notarial acts. and how Firma.dev helps you comply.

Overview

Intro & Key Facts

Quick Summary

France is one of Europe's most e-signature friendly markets for B2B software. The eIDAS Regulation and French Civil Code make SES and AES valid for virtually all commercial contracts. QES is only required for public procurement, notarial deeds, and court filings. Foreign e-signature providers operate freely, and EU hosting meets all data residency needs. The March 2024 Court of Cassation ruling reinforced that proper electronic signatures (not scanned images) are essential for legal validity.

France is one of Europe's most e-signature friendly markets for B2B software. The eIDAS Regulation and French Civil Code make SES and AES valid for virtually all commercial contracts. QES is only required for public procurement, notarial deeds, and court filings. Foreign e-signature providers operate freely, and EU hosting meets all data residency needs. The March 2024 Court of Cassation ruling reinforced that proper electronic signatures (not scanned images) are essential for legal validity.

Practical Usage

Document Types in France

Document Types in France

Permitted Document Types

Commercial contracts, employment agreements, NDAs, service agreements, software licenses, invoices, purchase orders, lease agreements, insurance contracts, banking documents, procurement documents (with QES)

Commercial contracts, employment agreements, NDAs, service agreements, software licenses, invoices, purchase orders, lease agreements, insurance contracts, banking documents, procurement documents (with QES)

Restricted Document Types

Wills and codicils, notarial deeds (actes notariés) including real estate transfers, family law documents (marriage, divorce, adoption, inheritance), personal suretyships by non-professionals, commercial instruments (promissory notes), public procurement contracts (require QES or AES with qualified certificate)

Wills and codicils, notarial deeds (actes notariés) including real estate transfers, family law documents (marriage, divorce, adoption, inheritance), personal suretyships by non-professionals, commercial instruments (promissory notes), public procurement contracts (require QES or AES with qualified certificate)

Common Exclusions

French law distinguishes between document types by signature level required. Most B2B commercial contracts work with SES or AES. Public sector and notarial acts require QES. The March 2024 Court of Cassation ruling confirmed scanned signatures don't qualify as valid electronic signatures.

French law distinguishes between document types by signature level required. Most B2B commercial contracts work with SES or AES. Public sector and notarial acts require QES. The March 2024 Court of Cassation ruling confirmed scanned signatures don't qualify as valid electronic signatures.

Authentication Required

SES: No specific authentication required beyond email delivery. AES: Signer must be uniquely identifiable through authentication data under their sole control (email + access code, SMS verification, or knowledge-based authentication). QES: Requires qualified certificate issued by ANSSI-certified QTSP with identity verification.

SES: No specific authentication required beyond email delivery. AES: Signer must be uniquely identifiable through authentication data under their sole control (email + access code, SMS verification, or knowledge-based authentication). QES: Requires qualified certificate issued by ANSSI-certified QTSP with identity verification.

Restrictions

Restrictions in France

Generally Permitted

  • Time-limited signature windows.

  • Sequential signing order.

  • Mandatory field completion.

  • Document expiration dates.

  • IP-based access restrictions.

  • Password-protected envelope access.

  • SMS verification codes.

  • Attachment requirements.

May Require Special Handling or Exclusions

  • Restrictions that prevent signers from reviewing the complete document before signing.

  • Restrictions that obscure material terms.

  • Blanket prohibitions on retaining personal copies.

  • Requirements for specific hardware or paid software to complete signing.

Legal Requirements

France E-Signature Law Explained

Legal Frameworks

eIDAS Regulation (No. 910/2014) + French Civil Code (Art. 1366-1367) + Decree No. 2017-1416

eIDAS Regulation (No. 910/2014) + French Civil Code (Art. 1366-1367) + Decree No. 2017-1416

Regulatory Bodies

ANSSI (Agence nationale de la sécurité des systèmes d'information) supervises QTSPs and trust services. CNIL (Commission Nationale de l'Informatique et des Libertés) enforces data protection.

ANSSI (Agence nationale de la sécurité des systèmes d'information) supervises QTSPs and trust services. CNIL (Commission Nationale de l'Informatique et des Libertés) enforces data protection.

E-Sign Retention Min.

Commercial contracts: 10 years (Code de commerce L.123-22). Civil contracts: 5 years (Civil Code Art. 2224). Employment records: 5 years after termination. Tax-related documents: 6 years. Consumer contracts: 2 years from delivery.

Commercial contracts: 10 years (Code de commerce L.123-22). Civil contracts: 5 years (Civil Code Art. 2224). Employment records: 5 years after termination. Tax-related documents: 6 years. Consumer contracts: 2 years from delivery.

Retention Notes

French law requires retaining the signed document, the signature certificate, and the complete audit trail. The audit trail should include signer identification method, timestamps, IP addresses, and any authentication steps. ANSSI recommends cryptographic timestamping for long-term validity.

French law requires retaining the signed document, the signature certificate, and the complete audit trail. The audit trail should include signer identification method, timestamps, IP addresses, and any authentication steps. ANSSI recommends cryptographic timestamping for long-term validity.

Data, Privacy & Cross-Border

Data Privacy and Compliance France

Privacy Frameworks

GDPR (direct application as EU member state) + Loi Informatique et Libertés (French Data Protection Act, updated 2018)

Privacy Compliance Status

Firma.dev processes data as a processor under GDPR. Data Processing Agreement available. EU-only hosting (AWS Paris) ensures no international transfers for standard operations. CNIL registration not required for standard e-signature processing.

Privacy Notes

Collect only data necessary for signature validity (name, email, signature image, IP, timestamps). Inform signers of data processing via privacy notice. Define retention periods in your DPA. Respond to data subject requests within 30 days. Consider DPIA for high-volume or sensitive document processing.

Data Residency Required

EU/EEA

EU/EEA

Adequacy Decision

France is an EU member state, so GDPR adequacy decisions apply for outbound transfers. Current adequacy: Andorra, Argentina, Canada (commercial), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, South Korea, Switzerland, UK, Uruguay, and US (Data Privacy Framework participants only).

Cross-Border Transfer Allowed

Unrestricted within EU/EEA. For non-EU transfers: Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions required per GDPR Chapter V. EU-US Data Privacy Framework provides adequacy for US transfers.

Residency Notes

Standard commercial data: EU hosting sufficient. Health data (données de santé): requires HDS-certified hosting. Banking data: may require specific certifications. Public sector: may have France-only requirements. Firma.dev's AWS Paris (eu-west-3) region satisfies all standard commercial requirements.

Privacy Retention Maximum

GDPR storage limitation principle: retain personal data only as long as necessary for the purpose. For e-signatures, this typically means the contract validity period plus statutory retention requirements plus limitation period for potential disputes. Delete or anonymize after.

Industry Compatibilty

E-Signatures by Industry in France

Fully Supported Industries

General Commercial

SaaS Software

HR Tech Employment

Education/Edtech

Construction

Supported with Agreement

Healthcare

Life Sciences/Pharma

Insurance

Financial Services/Fintech

Legal Tech

Real Estate Tech

Should Consult Counsel

Government

Industry Matrix Notes

Most B2B commercial use cases work with SES/AES. Healthcare and financial services may need additional compliance measures (HDS certification, PVID identity verification). Government contracts require QES, which is outside Firma.dev's current scope. Real estate transactions involving notarization also require QES.

General Commercial

Standard B2B contracts, vendor agreements, NDAs, purchase orders, invoices, and service agreements all work with SES/AES under French commercial law. Article L.110-3 of the Commercial Code allows proof by any means in commercial matters, making electronic signatures fully valid between businesses. No special requirements beyond reliable signer identification.

SaaS Software

SaaS companies can use SES/AES for all B2B contracts in France: software licenses, subscription agreements, API terms of service, MSAs, and DPAs. Freedom of form under French commercial law means electronic signatures are fully valid. Firma.dev's API-first approach fits naturally into software onboarding flows.

Healthcare

Healthcare organizations can use SES/AES for most administrative documents, but HDS (Hébergeur de Données de Santé) certification is required for hosting health data. AES or QES recommended for patient consent forms. Firma.dev's EU hosting (AWS Paris) supports HDS-compliant workflows when paired with certified infrastructure.

Life Sciences/Pharma

Clinical trial agreements, CRO contracts, and research collaborations work with SES/AES. Documents requiring GxP compliance may need enhanced audit trails. ANSM (Agence nationale de sécurité du médicament) regulated submissions may have specific electronic signature requirements. Quality agreements between manufacturers should specify signature standards.

Insurance

Standard policies work with SES/AES, certain regulated products may need enhanced verification.

Financial Services/Fintech

Financial services contracts generally work with SES/AES under French commercial law. High security standards apply for customer-facing documents, and AML/CFT compliance may require PVID-certified identity verification for certain transactions. Most B2B fintech agreements work seamlessly with Firma.dev.

HR Tech Employment

Employment contracts, offer letters, NDAs, and HR policy acknowledgments all work with SES/AES under French labor law. No special signature requirements for standard employment documentation. Retention: keep employment contracts for 5 years after termination.

Legal Tech

Law firms may need QES for specific filings.

Real Estate Tech

Residential and commercial lease agreements can be signed with SES/AES. Property conveyances requiring notarization must use QES. Firma.dev works well for lease agreements, property management contracts, and related B2B documents.

Education Tech

Administrative documents and enrollment agreements work with SES/AES.

Construction Tech

Construction contracts, subcontractor agreements, change orders, and project documentation work with SES/AES. Public works contracts (marchés publics) require QES. Retain signed documents for 10 years per construction liability periods (garantie décennale). Consider timestamping for dispute resolution.

Government

Public procurement contracts require QES or AES with qualified certificate per the March 2019 Decree. This is outside Firma.dev's current scope (SES/AES only). Government contractors should use ANSSI-certified QTSPs for public sector work.

How we works

How We Works on France

Firma.dev Supports

Firma.dev supports SES and AES workflows, covering the vast majority of B2B commercial use cases in France.

Firma.dev supports SES and AES workflows, covering the vast majority of B2B commercial use cases in France. The platform provides:

  • Signer identification: Email-based authentication with optional SMS verification

  • Tamper-evident documents: Cryptographic sealing ensures any modification after signing is detectable

  • Complete audit trails: Every action is timestamped and logged

  • EU data residency: All data hosted in AWS Paris

For B2B software agreements, SaaS subscriptions, employment contracts, NDAs, and vendor agreements, Firma.dev's signature level meets French legal requirements.

// Create an envelope for a French commercial contract
const envelope = await firma.envelopes.create({
  title: 'Contrat de Service',
  documents: [{ file: contractPdf }],
  signers: [{
    email: 'client@example.fr',
    name: 'Jean Dupont',
    locale: 'fr' // French language signing experience
  }],
  metadata: {
    contract_type: 'service_agreement',
    jurisdiction: 'FR'
  }
});
// Create an envelope for a French commercial contract
const envelope = await firma.envelopes.create({
  title: 'Contrat de Service',
  documents: [{ file: contractPdf }],
  signers: [{
    email: 'client@example.fr',
    name: 'Jean Dupont',
    locale: 'fr' // French language signing experience
  }],
  metadata: {
    contract_type: 'service_agreement',
    jurisdiction: 'FR'
  }
});
// Create an envelope for a French commercial contract
const envelope = await firma.envelopes.create({
  title: 'Contrat de Service',
  documents: [{ file: contractPdf }],
  signers: [{
    email: 'client@example.fr',
    name: 'Jean Dupont',
    locale: 'fr' // French language signing experience
  }],
  metadata: {
    contract_type: 'service_agreement',
    jurisdiction: 'FR'
  }
});

Firma.dev's API-first design means you can embed signing directly into your application. French companies using Customer Workspaces get isolated environments for each customer, with templates and envelope usage tracked separately.

Legal Details

Implementing E-Signatures in France

Implementing E-Signatures in France

France's e-signature framework combines EU regulation with national civil code provisions. The eIDAS Regulation (No. 910/2014) provides the overarching structure, establishing three signature levels and ensuring cross-border recognition throughout the EU.

The French Civil Code, specifically Articles 1366-1367, defines electronic signatures domestically. Article 1367 is particularly important: it grants only Qualified Electronic Signatures the presumption of reliability. QES is automatically assumed valid unless the challenging party proves otherwise. SES and AES don't get this presumption, but they remain fully admissible in court if the relying party can demonstrate the signature process was reliable.

Decree No. 2017-1416 specifies technical requirements for a signature to be considered reliable, linking back to eIDAS definitions. For commercial contracts between businesses, Article L.110-3 of the Commercial Code allows proof "by any means," which strengthens the position of SES/AES in B2B disputes.

Signature Types Recognized

Simple Electronic Signature (SES): Any data in electronic form attached to or logically associated with other data, used by a signatory to sign. Valid for most commercial contracts.

Advanced Electronic Signature (AES): Must be uniquely linked to the signatory, capable of identifying them, created using data under their sole control, and linked to the signed data so any change is detectable. Firma.dev's standard signing flow meets AES requirements.

Qualified Electronic Signature (QES): An AES created by a Qualified Signature Creation Device using a qualified certificate from an ANSSI-certified QTSP. Required for public procurement, notarial deeds, and certain regulated filings.

Recent developments

E-Signature Landscape in France: 2026

March 2024 Court of Cassation Ruling: The Court ruled (n° 22-16.487) that scanned signatures do not constitute reliable electronic signatures. This decision clarified that digitizing a handwritten signature doesn't meet Article 1367 requirements. Businesses should use proper e-signature solutions with authentication and audit trails.

eIDAS 2.0 Implementation: Regulation 2024/1183 entered into force in May 2024, introducing the EU Digital Identity Wallet. By 2026, French citizens will be able to create QES directly from government-issued digital wallets. Existing SES/AES methods remain fully valid.

FAQ

Frequently asked questions

For any unanswered questions, reach out to our support team via email. We'll respond as soon as possible to assist you.

Are electronic signatures legal in France?

Yes. Electronic signatures are fully legal and enforceable in France under eIDAS Regulation (No. 910/2014) and Articles 1366-1367 of the French Civil Code. Courts consistently uphold e-signed agreements in commercial disputes, provided the signature reliably identifies the signer and ensures document integrity.

What types of e-signatures does France recognize?

France recognizes three levels under eIDAS: Simple Electronic Signature (SES), Advanced Electronic Signature (AES), and Qualified Electronic Signature (QES). Only QES benefits from the legal presumption of reliability under Art. 1367 Civil Code, but SES and AES remain admissible and enforceable if the party can demonstrate reliability.

Which documents require a qualified electronic signature (QES) in France?

QES is required for public procurement contracts (per the March 2019 Decree), notarial deeds (actes notariés), electronic court decisions, and certain regulated filings. Most B2B commercial contracts, employment agreements, and software licenses do not require QES.

Can foreign e-signature providers operate in France?

Yes. Under eIDAS, e-signatures from any EU-certified provider are valid across all member states. Non-EU providers offering SES/AES for commercial contracts face no restrictions. QES must be issued by QTSPs on an EU Trusted List, but this only matters for specific use cases requiring QES.

What happened with the March 2024 Court of Cassation ruling?

The Court of Cassation ruled (March 13, 2024, n° 22-16.487) that scanned signatures do not constitute reliable electronic signatures and lack the presumption of validity. This reinforced that proper e-signature solutions with audit trails and signer identification are essential, not just digitized images of handwritten signatures.

How does France handle cross-border e-signatures?

E-signatures from any EU member state are automatically recognized in France under eIDAS. For non-EU countries, French courts apply general contract law principles and will accept foreign e-signatures if reliability can be demonstrated. Data transfers follow GDPR rules.

What data protection rules apply to e-signatures in France?

GDPR applies directly as France is an EU member state. The French Data Protection Act (Loi Informatique et Libertés) supplements GDPR. CNIL oversees enforcement. For e-signature purposes: obtain consent, minimize data collection, define retention periods, and ensure appropriate security measures.

What's changing with eIDAS 2.0?

eIDAS 2.0 (Regulation 2024/1183) entered into force in May 2024 with phased implementation through 2026. The main change is the EU Digital Identity Wallet, which will let citizens create QES directly from smartphones. Existing SES/AES methods remain fully valid.

FAQ

Frequently asked questions

For any unanswered questions, reach out to our support team via email. We'll respond as soon as possible to assist you.

Are electronic signatures legal in France?

Yes. Electronic signatures are fully legal and enforceable in France under eIDAS Regulation (No. 910/2014) and Articles 1366-1367 of the French Civil Code. Courts consistently uphold e-signed agreements in commercial disputes, provided the signature reliably identifies the signer and ensures document integrity.

What types of e-signatures does France recognize?

France recognizes three levels under eIDAS: Simple Electronic Signature (SES), Advanced Electronic Signature (AES), and Qualified Electronic Signature (QES). Only QES benefits from the legal presumption of reliability under Art. 1367 Civil Code, but SES and AES remain admissible and enforceable if the party can demonstrate reliability.

Which documents require a qualified electronic signature (QES) in France?

QES is required for public procurement contracts (per the March 2019 Decree), notarial deeds (actes notariés), electronic court decisions, and certain regulated filings. Most B2B commercial contracts, employment agreements, and software licenses do not require QES.

Can foreign e-signature providers operate in France?

Yes. Under eIDAS, e-signatures from any EU-certified provider are valid across all member states. Non-EU providers offering SES/AES for commercial contracts face no restrictions. QES must be issued by QTSPs on an EU Trusted List, but this only matters for specific use cases requiring QES.

What happened with the March 2024 Court of Cassation ruling?

The Court of Cassation ruled (March 13, 2024, n° 22-16.487) that scanned signatures do not constitute reliable electronic signatures and lack the presumption of validity. This reinforced that proper e-signature solutions with audit trails and signer identification are essential, not just digitized images of handwritten signatures.

How does France handle cross-border e-signatures?

E-signatures from any EU member state are automatically recognized in France under eIDAS. For non-EU countries, French courts apply general contract law principles and will accept foreign e-signatures if reliability can be demonstrated. Data transfers follow GDPR rules.

What data protection rules apply to e-signatures in France?

GDPR applies directly as France is an EU member state. The French Data Protection Act (Loi Informatique et Libertés) supplements GDPR. CNIL oversees enforcement. For e-signature purposes: obtain consent, minimize data collection, define retention periods, and ensure appropriate security measures.

What's changing with eIDAS 2.0?

eIDAS 2.0 (Regulation 2024/1183) entered into force in May 2024 with phased implementation through 2026. The main change is the EU Digital Identity Wallet, which will let citizens create QES directly from smartphones. Existing SES/AES methods remain fully valid.

FAQ

Frequently asked questions

For any unanswered questions, reach out to our support team via email. We'll respond as soon as possible to assist you.

Are electronic signatures legal in France?

Yes. Electronic signatures are fully legal and enforceable in France under eIDAS Regulation (No. 910/2014) and Articles 1366-1367 of the French Civil Code. Courts consistently uphold e-signed agreements in commercial disputes, provided the signature reliably identifies the signer and ensures document integrity.

What types of e-signatures does France recognize?

France recognizes three levels under eIDAS: Simple Electronic Signature (SES), Advanced Electronic Signature (AES), and Qualified Electronic Signature (QES). Only QES benefits from the legal presumption of reliability under Art. 1367 Civil Code, but SES and AES remain admissible and enforceable if the party can demonstrate reliability.

Which documents require a qualified electronic signature (QES) in France?

QES is required for public procurement contracts (per the March 2019 Decree), notarial deeds (actes notariés), electronic court decisions, and certain regulated filings. Most B2B commercial contracts, employment agreements, and software licenses do not require QES.

Can foreign e-signature providers operate in France?

Yes. Under eIDAS, e-signatures from any EU-certified provider are valid across all member states. Non-EU providers offering SES/AES for commercial contracts face no restrictions. QES must be issued by QTSPs on an EU Trusted List, but this only matters for specific use cases requiring QES.

What happened with the March 2024 Court of Cassation ruling?

The Court of Cassation ruled (March 13, 2024, n° 22-16.487) that scanned signatures do not constitute reliable electronic signatures and lack the presumption of validity. This reinforced that proper e-signature solutions with audit trails and signer identification are essential, not just digitized images of handwritten signatures.

How does France handle cross-border e-signatures?

E-signatures from any EU member state are automatically recognized in France under eIDAS. For non-EU countries, French courts apply general contract law principles and will accept foreign e-signatures if reliability can be demonstrated. Data transfers follow GDPR rules.

What data protection rules apply to e-signatures in France?

GDPR applies directly as France is an EU member state. The French Data Protection Act (Loi Informatique et Libertés) supplements GDPR. CNIL oversees enforcement. For e-signature purposes: obtain consent, minimize data collection, define retention periods, and ensure appropriate security measures.

What's changing with eIDAS 2.0?

eIDAS 2.0 (Regulation 2024/1183) entered into force in May 2024 with phased implementation through 2026. The main change is the EU Digital Identity Wallet, which will let citizens create QES directly from smartphones. Existing SES/AES methods remain fully valid.

Background Image

Get Started with Firma.dev in France

Firma.dev is designed for developers building SaaS products that need e-signature capabilities in France and across Europe. At €0.029 per envelope with no monthly minimums, you can integrate compliant e-signatures without enterprise pricing.

Background Image

Get Started with Firma.dev in France

Firma.dev is designed for developers building SaaS products that need e-signature capabilities in France and across Europe. At €0.029 per envelope with no monthly minimums, you can integrate compliant e-signatures without enterprise pricing.

Background Image

Get Started with Firma.dev in France

Firma.dev is designed for developers building SaaS products that need e-signature capabilities in France and across Europe. At €0.029 per envelope with no monthly minimums, you can integrate compliant e-signatures without enterprise pricing.