What is the Digital Signature Act?
The Signature Act (SigG) was long the central legal basis for electronic signatures in Germany. It established the framework for the use of digital signatures and, in particular, defined the requirements for certificates, signature procedures, and certification service providers. The goal was to build trust in electronic transactions and make digital documents more legally reliable.
Today, however, the Signature Act is no longer the applicable legal basis. Its successor at the European level is the eIDAS Regulation, which has provided the legal framework for electronic signatures, seals, and other trust services in the EU since July 1, 2016. In Germany, the Trust Services Act (VDG) governs the national implementation of the eIDAS Regulation and has replaced the former Signature Act (SigG). The latter ceased to be in force on July 29, 2017.
For businesses, this means that anyone dealing with electronic signatures today should no longer refer to the former Signature Act, but rather to eIDAS and the Trust Services Act.
Relationship to the Trust Services Act (VDG)
The Trust Services Act (VDG) is the national supplement to the European eIDAS Regulation and is therefore closely linked to the topic of digital signatures under the Trust Services Act. While eIDAS establishes the directly applicable EU legal framework for electronic signatures, seals, time stamps, and other trust services, the VDG governs their practical implementation in Germany. It thus creates the national foundation for ensuring that European requirements are effectively implemented and monitored within the German legal system.
This relationship is important for businesses: Today, the legal requirements for electronic signatures are primarily set forth in the eIDAS Regulation, while the Trust Services Act supplements the relevant German responsibilities and supervisory structures. The former Signature Act, by contrast, now plays only a historical role.
Digital Signatures in Transition: From the German Signature Act to the eIDAS Regulation
The legal framework for digital signatures has changed significantly in recent years. Whereas in Germany the Signature Act used to be the primary source of regulation for electronic signatures, the eIDAS Regulation is now the central standard. It applies throughout the EU and establishes a uniform set of rules for electronic signatures, seals, and other trust services.
This development is particularly important with regard to electronic signatures in labor law. While eIDAS facilitates the legally compliant use of digital signatures, it does not automatically override national formal requirements. For example, the German Evidence Act excludes the electronic form for certain types of evidence, and in labor law as well, it must always be determined on a case-by-case basis whether written form, text form, or a qualified electronic signature is required. Although certain formal requirements under labor law have been relaxed since January 1, 2025, not every HR document can be digitized across the board.
Legal Validity of Digital Signatures
Whether a digital signature is legally valid does not depend solely on the fact that a document was signed electronically. The decisive factors are which form is legally required for the specific transaction and what type of signature is used. The eIDAS Regulation distinguishes between simple, advanced, and qualified electronic signatures. Only the qualified electronic signature is explicitly considered equivalent to a handwritten signature.
For businesses, this means that while an electronic signature can be legally valid, not every signature is automatically sufficient for every contract. In many cases, a simple or advanced signature is sufficient—for example, when the law does not require the written form. However, whenever the law expressly requires the written form, an electronic signature is required under Section 126a of the German Civil Code (BGB), provided that the electronic form is not excluded.
The legal validity of digital signatures therefore always depends on the type of signature, its intended use, and the legal requirements regarding form. This is precisely why companies should ensure that their signature processes are not only digitally sound but also legally sound.
Simple, advanced, and qualified electronic signatures in detail
A simple electronic signature includes, for example, scanned signatures or click confirmations. It can be legally valid if no specific legal form is required. Whether a simple electronic signature is legally valid therefore always depends on the specific circumstances.
The advanced electronic signature offers a higher level of security. It is uniquely linked to the signatory and is attached to the document in such a way that any subsequent changes are detectable. The qualified electronic signature is subject to even stricter regulations. According to the Qualified Electronic Signature Act, in conjunction with eIDAS and Section 126a of the German Civil Code (BGB), it is the only type of signature that is generally equivalent to a handwritten signature, provided that the electronic form has not been excluded.
For businesses, this distinction is crucial: the more stringent the legal requirements, the more carefully they must determine which signature level is actually required.
The Use of Digital Signatures in Everyday Life
Digital signature applications have long been an integral part of many business processes. In day-to-day operations, they are used, for example, for quotes, supplier contracts, data protection agreements, approvals, and internal authorizations. This is particularly useful in situations where documents need to be signed quickly, from any location, and in a traceable manner.
In practice, not every digital signature application requires the same level of security. For many everyday documents, a simple or advanced electronic signature is sufficient. However, whenever the law requires a written form, a qualified electronic signature is usually necessary, unless the electronic form is expressly excluded.
For businesses, the advantage is clear: processes are streamlined, media discontinuities are reduced, and signatures can be properly documented.
Electronic Signatures in Labor Law
The electronic signature is gaining importance in labor law because HR processes are increasingly being handled digitally. Employment contracts, supplementary agreements, certificates, and references must be processed quickly, efficiently, and in compliance with legal requirements. At the same time, labor law is an area where companies must pay particularly close attention to legal formalities. This is because not every HR document can simply be signed digitally.
As a general rule, if no specific legal form is required, an electronic signature may be sufficient. However, as soon as a legal written form is required, only a qualified electronic signature under Section 126a of the German Civil Code (BGB) is generally acceptable, unless the electronic form is expressly excluded. This is precisely where the peculiarity lies in labor law: For certain types of evidence under the Evidence Act, the electronic form is only possible to a limited extent, and individual documents must still be reviewed separately. Although some procedural simplifications have been introduced since January 1, 2025, not every labor law procedure can be digitized across the board.
Security and Data Protection
Digital signatures and IT security are not just about signing documents quickly; above all, they are about integrity, authenticity, and traceability. Electronic signatures are based on cryptographic methods. They help ensure that a document has not been altered without detection after signing and can always be attributed to a specific person. Especially in the case of qualified electronic signatures, certificates, secure signature creation, and trusted services play a central role.
This is also relevant from a data protection perspective. Companies that use digital signature processes regularly process personal data, such as identity data, certificate information, or timestamps. Therefore, companies should not only ensure the legal validity of the signature but also prioritize secure technical processes, clear responsibilities, and trustworthy providers. In this context, the BSI refers to the eIDAS Regulation as the authoritative regulatory framework for electronic trust services. The national Trusted Lists, as well as the List of Trusted Lists and the Trusted List Browser provided by the European Commission, are also relevant for the assessment of qualified trust service providers.
In practice, this means that a digital signature is only truly reliable if legal certainty, data protection, and IT security are considered together.
Conclusion
Digital signatures have long been more than just a handy additional tool. When used correctly, they help companies finalize contracts more quickly, avoid media discontinuities, and document processes much more thoroughly. What matters is not just that a document is signed digitally, but how: the right type of signature, a clear understanding of legal formal requirements, and secure, traceable processes make the difference between a simple process and one that is truly legally compliant.
This is exactly where ContractHero comes in. Companies can sign contracts digitally right away, using either advanced or qualified electronic signatures depending on their needs. This makes the signing process not only significantly more efficient but also legally compliant. The electronic signature thus evolves from a mere digital substitute for the handwritten signature into a reliable component of modern contract processes. ContractHero provides the ideal foundation for companies seeking to combine speed, traceability, and legal certainty.
In this way, the digital signature becomes not just a standalone step, but a meaningfully integrated part of modern contract processes.
.svg){kind=logo}
.avif)
.jpg)