Scanned signature is a dubious practice

The NIS2 directive soon to be transposed in France, the CRA regulation on cybersecurity, and the DORA regulation on the cyber resilience of the financial sector are either already in force or in the process of being in force. They organize a cybersecurity ecosystem that almost all SaaS publishers must comply with, at the cost of a fairly considerable compliance effort: complex texts to decode, notification obligations in all directions, documentation, operational implementation, etc. To begin with, we give you what you need to know about their applicability to your service

The Douai Court of Appeal (28/04/2022 RG n°22/471) issued a judgment validating the electronic signature of a rental contract with option to purchase concluded between a professional and an individual on the basis of the convention on proof included in the contract.

The Data Act has been applicable since September 12, 2025, and it does not only apply to connected data from the IoT. It also targets all European added service providers in SaaS mode, for example in the field of EDM, accounting, invoicing, archiving, etc. which will now have to allow their customers to terminate for convenience at any time and a reversibility whose scope is difficult to apprehend. It is not just a tool for digital sovereignty. It is also a text with dangerous side effects for national European suppliers, sometimes fragile, whose customers are offered on a platter the possibility of switching to competition, why not American...
The Data Act does not apply to ongoing contracts, which some companies, and even their lawyers, seem to be unaware of, as they see this text as a free and perfect opportunity to terminate a contract or to require the provision of information not provided for in the contract. They must moderate themselves, because the Data Act only applies to contracts concluded after September 12, 2025, which must now include clauses that make it possible to best adjust the provisions of the text.