## Overview A contract usually has two sides: the **contracted party** (your issuing company) and the **external signers** (the customer and other parties). In ConversaLabs: - **Internal signing** is the contracted party's **auto-signature** — performed server-side, using the issuing company's details (and, for qualified signing, its **A1 certificate**). - **External signing** is done by the signers through a secure **public page**, with no need to sign up or log in. You choose the signature's **legal level** based on the document's risk: **simple** (consent with IP and device record), **advanced** (with **OTP** by email/WhatsApp and a visual signature) or **qualified** (an **ICP-Brasil A1** digital certificate, PAdES standard). ## Prerequisites - Contracts module **enabled** and a contract generated from a template. - A registered **issuing company** (for the auto-signature). For the qualified level, it needs a valid **A1 certificate**. - To send the link to external signers, a native channel (**WhatsApp** or **email**) and the signers' **contact details**. ## Step by step 1. On the contract, define the **signers** (the contracted party and the external signers). 2. Choose the **signature level** (simple, advanced or qualified). 3. **Send for signature**: the link is delivered through native channels as a **card with a button** in the conversation. 4. The **contracted party** signs automatically (server-side auto-signature). 5. Each **external signer** opens the **public page**, reviews the document and signs. 6. At the **advanced** level, the signer validates an **OTP code** and records a **visual signature** (drawn, typed or uploaded as an image). 7. Once all signatures are complete, the **final signed PDF** is generated and the status becomes completed. ## Settings & options - **Signature levels**: - **Simple** — consent with capture of IP, date/time and device. - **Advanced** — OTP by email/WhatsApp + visual signature (drawn, typed or uploaded). - **Qualified** — A1 digital certificate (ICP-Brasil), PAdES standard. - **Auto-signature**: the contracted party signs automatically with the issuing company. - **Order and multiple signers**: define who needs to sign. - **Time-stamp (TSA)**: when configured, it strengthens the signature's legal validity. - **Audit trail**: each signature records IP, device, consent and timestamp (SHA-256). ## Use cases - A customer signs over **WhatsApp** with **OTP** in a few taps, installing nothing. - A higher-value contract requires a **qualified signature** with an A1 certificate. - The contracted party **signs automatically** and just waits for the counterparty. ## Tips, limits & best practices - Use the **advanced (OTP)** or **qualified** level for higher-value or higher-risk documents. - Make sure the signers' **contact details** are correct so the link is delivered. - For the qualified level, keep the **A1 certificate valid** and, if applicable, an accredited **TSA** configured. - Track the contract's **status** — it shows who has signed and what's still pending. ## Troubleshooting - **The signer didn't get the link**: confirm the channel and contact details; resend if needed. - **The OTP code doesn't arrive**: check the signer's email/WhatsApp and try resending the code. - **The qualified auto-signature failed**: make sure the issuing company has a valid, in-date **A1 certificate**. - **The contract won't complete**: check that **all** signers have signed. ## See also - [Contracts & E-signature overview](/hc/ajuda/articles/contracts-esignature-overview-en) - [Issuing companies and the A1 digital certificate](/hc/ajuda/articles/contracts-esignature-empresas-emissoras-certificado-a1-en) - [Templates, variables and auto-fill](/hc/ajuda/articles/contracts-esignature-templates-variaveis-auto-fill-en) - [Public contract page and validator](/hc/ajuda/articles/contracts-esignature-pagina-publica-e-validador-en)