kittokit
EN
Runs local · no upload

Sign a PDF

Draw your signature, drag it onto the right page, download the signed PDF. Your file never leaves your browser.

Processed locally Your PDF never leaves this browser.

Drop a PDF here or click to choose

Files stay in your browser — never uploaded to any server.

PDF

How It Works
  1. 01

    Paste text or code

    Paste your content into the input field or type directly.

  2. 02

    Instant processing

    The tool processes your content immediately and shows the result.

  3. 03

    Copy result

    Copy the result to your clipboard with one click.

Privacy

All calculations run directly in your browser. No data is sent to any server.

Rental agreements, authorizations, confirmations — documents need to be signed, often on the go. Instead of print-sign-scan or using a tool that uploads your file to a stranger's server, sign your PDF here directly in your browser.

01 — How to Use

How do you use this tool?

  1. Drop a PDF file or click to browse — the file stays completely in your browser.
  2. Click „Create signature" — draw, type or upload an image.
  3. Drag the signature to the right spot, resize as needed — works across multiple pages.
  4. Optionally enable „Remember on this device" — the signature stays local on your device.
  5. „Download signed PDF" — the signed file lands in your Downloads folder.

What this tool does

You drop a PDF, draw or type your signature, drag it to the right spot and save the signed file. Everything happens entirely in your browser — no upload, no server, no tracking. No account required. What it does not do: no qualified electronic signature (QES) with certificate, no multi-party workflows, no cloud sync of your file. For the daily „I confirm this order” or „I sign this authorization” — perfect. For form-bound contracts like rental agreements or employment termination, you need a qualified electronic signature.

How it works

Five steps. On a normal laptop the whole flow takes less than a minute:

1. Choose a PDF

Drop your PDF into the drop area or click to browse. Standard PDFs of any version are accepted. The file is read locally and shown as preview immediately — the left sidebar lists every page as a thumbnail, the center shows the current page.

2. Create a signature

Click „Create signature”. A dialog opens with three tabs:

  • Draw — Sign with your mouse, finger, or stylus directly on the drawing canvas. Three ink colors are available: black (default), ink-blue, or a warm accent tone. On touch devices below 768 px the drawing canvas opens fullscreen so you can sign precisely even with your thumb.
  • Type — Type your name, pick one of three handwriting styles (Caveat, Sacramento, Great Vibes) and watch the live preview. Handy when you don’t have a mouse nearby.
  • Image — Upload an existing signature as PNG, JPG, or SVG (up to 5 MB). Transparent background recommended.

3. Place the signature

After „Apply” your signature appears centered on the current page — visible as a dashed accent rectangle. Drag it to the right spot, resize it from the corner handle. Need multiple signatures on multiple pages? Click the next page in the sidebar and place the signature again. Maximum: 20 signatures per PDF, 5 per page.

4. Optional: Remember on device

If you reuse the same signature often, enable the „Remember on this device” checkbox at the bottom of the dialog. Your signature is stored only in your browser’s local storage — no cloud account, no server. Next visit you’ll see a small card „Use your saved signature” above the drop area. You can delete it any time via the delete button.

5. Download the signed PDF

As soon as at least one signature is placed, the download button becomes active. Click — and the signed file lands in your Downloads folder. Filename: <your-original>-signed.pdf. The original PDF stays untouched.

Why local processing matters

Most free PDF tools upload your file to a server, process it there, and delete it „after one hour” or „at session end”. That sounds like a detail — but it’s a real privacy difference. If your PDF contains a rental agreement, a pay stub, a patient form or an NDA, you don’t want that file to travel through a stranger’s data center along the way.

The FBI publicly warned in March 2025 that many free PDF converters operate as malware fronts: they steal personal data, inject spyware, or impersonate well-known brands. Even without malicious intent, every server upload puts confidential content into a third party’s hands — and forces you to trust them with their retention policy, their employee access controls, and their breach response.

This tool makes that server upload technically impossible. The entire processing runs in your browser tab. If you open your browser’s network tab while signing, you will not see a single request with your file’s bytes as the body. We cannot read what you’re signing — even if we wanted to, there is no technical path to do so.

That separation is not just marketing copy. It’s the architecture that many corporate data-protection officers explicitly require under Schrems II: data that never reaches a third-country server needs no data-transfer impact assessment. Data that is never stored anywhere needs no deletion log.

Which kind of signature do I need?

The EU regulation eIDAS (electronic IDentification, Authentication and trust Services) defines three levels of electronic signature. The US ESIGN Act and UETA recognize similar distinctions in spirit. For most everyday contracts, the simple level is enough — but not for everything.

Signature typeEvidential weightWhen to use
SES (simple)Weak — the recipient must prove authenticity in a disputeForm-free contracts: order confirmations, internal agreements, delivery notes, receipts, NDA acknowledgments
AES (advanced)Strong — uniquely linked to the signer, tamper-evidentBusiness contracts, international B2B agreements, sureties (often recommended, not always required)
QES (qualified)Same as a handwritten signature — legally equivalentForm-bound documents under EU law: rental contract, employment termination, surety declaration, consumer loan agreement

Rule of thumb: If a contract is legally required to be signed by hand (the German „Schriftform” under §126 BGB, equivalent provisions in other EU states, or specific statutory exclusions under ESIGN §103), you need QES — or wet-ink. Otherwise SES is fine.

This tool creates SES — a simple electronic signature. Under eIDAS, ESIGN and UETA it is legally valid for all contracts without specific form requirements. For QES you need a trust-service provider with a certificate, identity verification, and a smart card or wallet — that cannot happen inside a browser.

ESIGN, UETA, eIDAS — how do they compare?

The US and the EU recognize electronic signatures through different statutes, but the practical bar is similar: an electronic signature is a sound, symbol or process attached to a record that the signer intends to authenticate. A drawn signature in a PDF satisfies that intent test under all three frameworks.

  • ESIGN Act (15 U.S.C. §7001) — Federal US law from 2000. An electronic signature has the same legal effect as a wet-ink signature for transactions in or affecting interstate commerce, provided both parties consent to electronic conduct. ESIGN explicitly excludes a handful of categories: wills, codicils, family-law records (adoption, divorce), notices of cancellation of utility services, default or repossession notices, foreclosure-related papers, health-insurance termination notices, and notices of product recall affecting health or safety. For everything else, your SES is valid.
  • UETA — Uniform state-level law adopted by 49 US states (New York being the holdout, with its own statute). UETA mirrors ESIGN’s intent test and adds a record-retention requirement: the electronic record must be capable of accurate retrieval later. A signed PDF stored on your own device meets that bar.
  • eIDAS — EU regulation in force since 2016, refreshed by eIDAS 2.0 in 2024. Defines three tiers (SES, AES, QES). Only QES is legally equivalent to a wet-ink signature across all EU member states. SES is admissible as evidence but its weight depends on the dispute.

For everyday US and EU contracts — purchase orders, NDAs, internal agreements, service confirmations — SES is the practical default. Form-bound situations (US: ESIGN exclusions; EU: §126 BGB Schriftform and equivalents) require either QES or wet-ink.

When does a contract need more than SES?

In the EU the answer is precisely defined: contracts under §126 BGB Schriftform and its national equivalents require QES or a handwritten signature. Examples include termination of employment contracts, surety declarations, consumer loan agreements, and landlord-side termination of residential rentals. Real-estate transfers go one step further and require notarization, not just QES.

In the US the answer is shaped by the ESIGN exclusions plus state-specific rules. Wills, divorce papers, foreclosure notices, and certain insurance cancellations stay on paper or require specific compliant platforms. Most everyday business — purchase agreements, NDAs, employment offers, vendor contracts, leases below state thresholds — is squarely in SES territory.

Starting 2026, the EU rolls out the Digital Identity Wallet, which lets every EU citizen create a QES from a phone. Until then SES remains the practical default for around 90 % of use cases — and SES will still be the default for everything that doesn’t strictly require QES even after the wallet rollout.

Which use-cases fit a simple electronic signature?

A simple electronic signature works for any document that doesn’t fall under specific form requirements — that means most of what you sign in everyday and business life. The most common scenarios from a typical inbox:

  • Order and purchase confirmations — A supplier sends a contract or order acknowledgment by email for counter-signing. Purchase processes are form-free in both US and EU law; an SES on the PDF is fully valid and routine.
  • Delivery notes and proof-of-receipt — You confirm that a shipment arrived or a service was delivered. The evidential purpose is enough — no statutory form requirement.
  • NDAs and confidentiality side-letters — Confidentiality agreements between companies, freelancers and business partners are form-free. An SES on a two- or three-page NDA is the market standard, even for Fortune 500 vendor onboarding.
  • Internal agreements — Vacation requests, expense reports, IT-acceptable-use acknowledgments, hardware receipt confirmations, travel approval forms. All form-free, all SES-friendly.
  • Documenting verbal agreements after the fact — You agreed something on a call or in a meeting and want it in writing. A signed PDF documents the contract conclusion, clarifies terms, and is admissible as evidence in a dispute.
  • Property handover and condition-report protocols — Even where a lease termination requires written form, the handover protocol itself is form-free. Both parties sign the PDF, done.
  • Service-level confirmations and maintenance records — IT vendors, contractors, external consultants document delivered work. An SES on the PDF serves as order acknowledgment and invoicing trigger.
  • Receipts for cash or valuables — Anyone issuing a private receipt or proof-of-payment can do so via an SES PDF. Best practice: state date, amount, purpose and both names explicitly so the evidential weight is highest.

In all these cases, a drawn or image-inserted signature in a PDF is legally identical to a hand-signed paper signature — as long as the other party has consented to electronic form (which they do implicitly by responding via email or PDF).

When is a photo signature enough, when do you need more?

A photo signature — the image of your hand-drawn ink signature inserted into the PDF — is legally exactly an SES. There is no difference between drawing directly in the browser with your finger, inserting a stored signature image, or uploading a photo of your ink signature on paper. All three are „simple electronic signatures” under eIDAS, ESIGN, and UETA.

The difference matters when the contract value is high or the other party contests your identity. An SES has the weakest evidential weight in a dispute: you must show that it was actually you who signed. For a 50-dollar order, that’s irrelevant. For a five-figure B2B deal or an international contract with an unknown counterparty, an AES (advanced electronic signature) or QES is worth the effort — both contain cryptographic identity proof plus tamper-evidence that makes any post-signing change to the document visible.

Concrete rules of thumb for practice:

  • Contract value below $5,000, trusted counterparty — SES is fine. You save the effort and cost of an AES or QES platform.
  • Contract value above $25,000 or unknown counterparty abroad — Consider AES. Many B2B platforms offer AES by default, often with an audit trail (who signed when from which IP address).
  • Statutorily form-bound (EU §126 BGB or US ESIGN exclusions) — QES required, or the contract is void. You’ll need a certified trust-service provider — no browser-only path works here.
  • Notarization required (real estate, certain corporate filings) — Even QES isn’t enough. You need an in-person notary appointment or a compliant Remote Online Notarization platform (RON), available in most US states.

Adobe, DocuSign, and Smallpdf offer workflows covering AES and QES via paid subscriptions — sensible for companies with high contract volume. For private use and most B2B small-to-midsize business, an SES is entirely sufficient.

How do I store signed PDFs securely?

A signed PDF is only truly evidence-proof if it’s archived unchanged. Three recommendations from practice:

First: store the original and the signed version separately. The original proves the agreed contract text; the signed version proves your consent. Some data-protection authorities recommend versioning both files with a date suffix — for example lease-2026-05-11.pdf and lease-2026-05-11-signed.pdf.

Second: create a cryptographic hash of the signed file. With our file hash checker you get a SHA-256 fingerprint of the PDF. If the same hash comes out identical two years later, the file demonstrably wasn’t tampered with. You can keep the hash separately in a note, email, or USB-stick backup.

Third: avoid uploading sensitive contracts to third-party cloud services. An NDA, employment contract, or medical consent doesn’t belong in a cloud drive without end-to-end encryption. Local backups on encrypted drives or zero-knowledge cloud providers are the clean solution.

Statutory retention periods depend on contract content. In the US, the IRS recommends keeping tax-relevant records for at least 7 years; many employment contracts must be kept 4 to 7 years depending on state law. In the EU, employment contracts and pay stubs are typically 10 years, business correspondence and order confirmations 6 years under commercial codes, private receipts 3 years under civil statute of limitations. When in doubt, archive longer — storage is cheaper than a lost piece of evidence.

Where is eIDAS 2.0 and the EU Digital Identity Wallet heading?

The EU has been working since 2023 on an extension of the eIDAS regulation that takes effect in stages from 2026. The core of the reform is the European Digital Identity Wallet, or EUDI Wallet: a member-state-issued smartphone app where every EU citizen can bundle identity documents, driver’s license, health insurance card, academic credentials, and signature certificates.

For the signature world, that breaks with the status quo. Until now, a QES cost roughly 30 to 200 euros per year in license fees from a Trust Service Provider — which made QES unattractive for individuals and small companies. With the EUDI Wallet, QES becomes free and triggerable from a phone in seconds. That dramatically lowers the economic threshold for using QES.

For tools like kittokit, the use-case doesn’t fundamentally change. Most everyday signatures — order confirmations, NDAs, internal agreements, receipts — stay form-free and remain SES territory. What shifts: from 2026, private individuals get an easy path to QES for the few cases where it’s actually required (residential lease termination from the landlord side, surety bonds, consumer loans). The historic „we handle these on paper” gap closes.

Our take: local, privacy-first SES tools like this one remain the practical daily driver for around 90 % of all signatures. For the 10 % that are form-bound, the EUDI Wallet opens a free path that currently sits behind paywalls. The two tools complement each other — they don’t compete.

Which devices does this tool work on?

The tool runs in every modern browser:

  • Desktop: Chrome, Firefox, Edge, Safari from version 16, all current releases
  • iPhone: Safari from iOS 14, Chrome iOS, Firefox iOS
  • Android: Chrome, Firefox, Samsung Internet, Edge, all current browsers
  • Tablet: all of the above plus Apple Pencil support on iPad

On touch devices below 768 px the drawing canvas opens fullscreen so you don’t accidentally scroll the page with your finger while drawing. Stylus input (Apple Pencil, Wacom, S-Pen) works automatically via the Pointer Events API — no extra configuration needed.

A PWA install is available: on phone „Add to Home Screen”, on desktop „Install app” from the URL bar. Once installed, kittokit also runs offline — perfect for signing contracts on a plane or train.

Frequently Asked Questions

Eight questions we hear most often or find searched-for in „People also ask”:

Is my PDF uploaded to a server?

No. The tool runs entirely in your browser. Your file never leaves your device — technically no upload is possible, you can verify this in your browser’s network tab.

Is an electronic signature on a PDF legally binding?

Yes — under ESIGN, UETA and eIDAS, an electronic signature on a PDF is legally binding for most everyday contracts. The simple electronic signature (SES) created by this tool is valid for documents without specific form requirements.

How do I sign a PDF on my phone?

Open the PDF in your mobile browser, draw your signature with your finger, place it, and save — no app required. On small screens, the drawing area opens in fullscreen mode.

What’s the difference between electronic and digital signature?

An electronic signature is any digital mark of intent. A digital signature is a cryptographic signature with an identity certificate that proves authenticity and document integrity.

Can I sign a PDF without Adobe?

Yes — you don’t need Adobe Acrobat or any installation. kittokit signs PDFs directly in your browser, on any device with a modern browser, free and without sign-up.

What PDF sizes are supported?

Up to 50 MB without restrictions. For larger PDFs we show a hint because processing can be slow on older devices. Maximum is 200 MB.

Can I sign a password-protected PDF?

The tool detects encrypted PDFs and shows a clear message. Please remove the password first using a PDF decryption tool, then sign the unprotected file here.

Can I save my signature for later?

Yes, optionally. If you enable „Remember on this device”, your signature is stored locally in your browser — no cloud sync, no account. You can delete it any time.

About kittokit

kittokit builds over 100 converters and tools that all follow one rule: your data stays on your device. No upload, no account, no tracking. We earn money via discreetly placed ads — never via your file. That makes us boring compared to „AI PDF cloud workflows” — but safe.

Last updated:

You might also like