Compliance infrastructure
Compliance infrastructure for
legally provable documents.
SealDoc seals every document with a cryptographic timestamp, tamper-evident audit trail, and a Legal Evidence Pack. Format-compliant, archive-ready, and independently verifiable.
No credit card required · EU-hosted · GDPR compliant
Built on verifiable standards
The compliance gap
A document is not evidence. Yet.
Most businesses assume their invoices and records are legally protected. They are often wrong about the proof layer.
A plain PDF proves nothing
A standard PDF may be accepted as a document, but it rarely proves integrity, timestamp, custody, or retention on its own. Most PDFs can be modified without detection.
Your ERP generates invoices, not evidence
ERP and accounting software are built to process transactions, not to produce independently verifiable proof of existence and integrity. That is a different problem.
Auditors and courts need more
When an auditor, court, or tax authority asks for proof, having the PDF is often not enough. They want a chain of custody, a timestamp, and a manifest — not just the file.
What SealDoc adds
Six layers that turn a document into evidence.
Every document processed by SealDoc gets the same proof stack, automatically.
PDF/A-3B archive format
ISO 19005-3 validated by VeraPDF. The only PDF format designed for long-term archival — preserves all content without external dependencies.
RFC 3161 timestamp
Cryptographic proof the document existed at a specific time, issued by a trusted RFC3161 Time Stamping Authority. Embedded in the Evidence Pack.
Tamper-evident hash chain
SHA-384 hash of every document, linked in an append-only evidence chain. Any modification — one byte — invalidates the chain.
Chain of custody
Every action on the document is logged: who did what, when, from which IP. Written to a tamper-resistant audit log.
Retention enforcement
BUSINESS_7Y for invoices, ARCHIEFWET_20Y for public-sector records. Designed to prevent deletion before the retention period expires at the storage layer.
Legal Evidence Pack
One ZIP containing the sealed document, audit trail, timestamp certificates, and manifest hash-chain. Ready for court, tax audit, or regulatory inspection.
For developers
JSON in. Sealed PDF/A-3 out. One API call.
One endpoint replaces your entire document compliance pipeline. n8n nodes live today, Make and Zapier coming soon. OpenAPI 3.0 spec ready for code generation.
curl -X POST https://api.sealdoc.eu/api/invoices/generate \
-H "X-Api-Key: sd_live_abc123..." \
-H "Content-Type: application/json" \
-d '{
"profile": "FacturX1Basic",
"seller": { "name": "Acme B.V.", "vatId": "NL123456789B01" },
"buyer": { "name": "Globex GmbH", "vatId": "DE987654321" },
"lines": [ { "description": "License Q2", "quantity": 1, "netAmount": 1000.00 } ],
"totals": { "netTotal": 1000.00, "vatTotal": 210.00, "grossTotal": 1210.00 }
}'
# Returns: Factur-X 1.0 BASIC PDF/A-3 with CII XML embedded.
# SHA-384 hash chain sealed. RFC 3161 timestamp attached.
# Full Legal Evidence Pack available at /api/jobs/{id}/evidence-pack What SealDoc actually produces
Every document proves its own compliance.
One API call returns a sealed PDF/A-3 plus a complete chain of custody. Here is exactly what is inside.
Invoice.pdf
PDF/A-3B: ISO 19005-3 compliant archive format, validated by VeraPDF after every conversion.
Embedded CII XML
Structured e-invoice data embedded inside the PDF. Validates against EN 16931. Survives any PDF reader.
RFC 3161 Timestamp
Cryptographic proof the document existed at a specific time, issued by an EU-qualified TSA. Legally admissible.
SHA-256 Hash Chain
Each file in the evidence pack is individually hashed, then the full set is hashed together. Tamper-evident.
Evidence Manifest
Manifest hash-chain v2.0 seals each file and the file set as a whole. One missing byte invalidates the manifest.
Retention Policy
BUSINESS_7Y for invoices. ARCHIEFWET_20Y for public-sector records. SealDoc enforces the policy: documents cannot be deleted before expiry.
Audit Metadata
Every action logged: who, when, IP address, what changed. Written to a tamper-resistant audit_entries table.
EU sovereignty
Your compliance data stays in Europe.
We built SealDoc without US hyperscaler dependencies to reduce foreign jurisdiction exposure for European compliance-sensitive data.
European datacenters only
All infrastructure runs in EU datacenters with ISO 27001 certification at the datacenter level. Data never leaves the European Economic Area.
No US hyperscaler dependency
No AWS, Azure, or GCP. Avoiding US hyperscaler dependency reduces Cloud Act exposure for your compliance-sensitive documents.
On-prem deployment available
Run SealDoc in your own infrastructure. Docker or Kubernetes. Air-gapped environments supported. Your data, your servers.
Why SealDoc
Your ERP generates the invoice. SealDoc makes it legally provable.
Most accounting software exports invoice XML. What it does not provide is the legal proof layer.
Named alternatives you may be evaluating: Billit, UnifiedPost, Avalara. None provide an independent legal proof layer with RFC 3161 and chain of custody.
Pricing
Start free. Scale when you need to.
50 documents per month, forever free. No credit card required.
- Chain of Custody
- RFC 3161 Timestamps
- Legal Evidence Packs
- Webhooks
- On-Prem Deployment
- Dedicated Database
- DUTO / Archiefwet
- ZUGFeRD / Factur-X
Ready to prove compliance?
Start processing documents today. No credit card required.
Start free — 50 docs/monthNo credit card. No sales call. First document processed within 2 minutes.