In short: getting a document signed shouldn't require a DocuSign subscription or an Odoo Enterprise licence. We built an electronic-signature module that lives right inside Odoo Community: your documents never leave your server, every signature is time-stamped and sealed, and a completion certificate travels with the final PDF. The result: a signature that holds up before a Quebec court, with no recurring fees and no dependence on a foreign provider.
A client sends you back a 'signed' contract: they typed their name at the bottom of a PDF and emailed it back. Is that worth anything? If the relationship sours, does that document hold up before a judge?
It's the question that comes up most often when we talk about electronic signatures with our clients. And it's exactly the one that kicked off our module: 'will it hold up in court?'. The short answer: yes, as long as the signature is properly instrumented. Here's what that means, and why we chose to do it right inside Odoo rather than renting the service elsewhere.
Electronic signatures, in a nutshell
First things first, and it matters: we're not legal advisors. What follows is our reading of the legal framework, the one we leaned on to design the tool. It isn't legal advice, and for a specific file, nothing replaces a check with your lawyer or notary.
In the eyes of the law, a signature isn't a scribble: it's an act that links a person to a document and shows they agree with its content. The Civil Code of Quebec already says so in article 2827, and the Act to establish a legal framework for information technology (often shortened to LCCJTI) adds the principle of equivalence: an electronic document has the same value as a paper one, as long as its integrity can be guaranteed.
In concrete terms, three conditions must be met for an electronic signature to be solid:
First, consent: the person knowingly agrees to sign. Next, the link between the signer and the document: you have to be able to tie the signature to a specific person. Finally, integrity: you have to be able to prove the document wasn't changed after signing. A checkbox in an email isn't nothing, but it ticks none of these three boxes in a verifiable way. That's where the tool makes the difference.
What makes a signature hold up in court
As we understand it, the cornerstone in Quebec is the presumption of integrity set out by the LCCJTI. In other words, if your document is properly sealed and backed by its proof, it's not on you to show that it's authentic: it's on the party contesting it to prove it was altered. The burden shifts sides. For an SMB, that's huge.
And it's not just theory. To our knowledge, Quebec courts have already recognized DocuSign-style electronic signatures, precisely because they came with a completion certificate, an audit trail and a coherent context. The lesson is clear: it's not the software brand that matters, it's the quality of the proof surrounding the signature.
For an electronic signature to be defensible, it needs four things:
- A digital fingerprint of the document: a unique mathematical calculation that changes at the slightest altered byte.
- An audit trail that records who signed, when, from which address and how their identity was verified.
- A completion certificate that sums all of this up in a readable document, attached to the final PDF.
- A seal that makes any later modification detectable.
Our module does all four, automatically, with every signature.
The real problem: DocuSign rents, Enterprise charges
Most SMBs end up facing two unappealing options. The first is a service like DocuSign: a monthly subscription per user, billed year after year, with your documents passing through a cloud hosted abroad. For a Quebec business subject to Law 25, that's one more thing to manage: where do your contracts, your confidentiality agreements, your HR files actually live?
The second option is Odoo's Sign module. The catch: it only exists in the Enterprise edition, so a paid licence per user. If you run Odoo Community, like many of our clients, the app simply isn't there. We already walked through that choice in our article on Odoo Community vs Enterprise.
Here's how the three approaches compare in practice:
| Criterion | DocuSign | Odoo Sign (Enterprise) | Our module (Community) |
|---|---|---|---|
| Where your documents live | Cloud abroad | Your server, if self-hosted | Your Odoo server |
| Recurring cost | Subscription per user | Enterprise licence per user | None |
| Audit trail | Yes | Yes | Yes, chained and tamper-proof |
| Tamper-proofing seal | Yes | Yes | Yes (PAdES standard) |
| Open, auditable code | No | No | Yes, published on GitHub |
What we deploy
Our module adds a 'Signatures' space inside your Odoo. You drop in a PDF, place the signature blocks in the right spot by dragging them onto the document, add the signers, and send. Each person receives an email in your branding with a personal, secure link. Nothing for them to install, nothing to download: they sign in their browser.
Several signers, in the right order
A contract with two or three parties is handled without gymnastics. You choose whether everyone signs at once or each in turn, and the system automatically reminds the next person when their moment comes. You can also insert fields to fill in: a date, a file number, a name, that the signer completes along the way.
The proof, not just the signature
This is where the real value sits. At every step, the module records what happens in an audit trail that can't be modified or erased, because each entry is locked to the previous one by a cryptographic calculation. The signed document gets a completion certificate listing the signers, the times, the addresses and the identification method. And the final PDF is sealed: if anyone changes so much as a comma, a reader like Adobe flags it immediately. A 'Verify integrity' button lets you confirm, months later, that everything is intact.
Sign straight from a quote or a purchase order
No need to dig the document back out, export it, re-import it elsewhere. From a quote or a purchase order in Odoo, a 'Send for signature' button prepares the request in one click. Once it's signed, the final version automatically files itself back onto the record, with a note in the log. The flow stays in a single tool, from the first draft to the signed document.
The key stays out of reach
It was the number-one concern when we designed the tool: 'that we be limited on our own side'. The key that seals your documents is encrypted and kept outside the application code, in the server configuration. Even someone with access to the program couldn't forge a valid seal. You can also require a verification code sent by email before a person can sign, and a signer can always refuse by giving a reason, which is recorded in the log like everything else.
SES, AES, QES: how far do you need to go?
Electronic signatures are often sorted into three levels, a grid borrowed from European regulation. The 'simple' signature (SES) links a person to a document. The 'advanced' signature (AES) adds a digital certificate unique to the signer. The 'qualified' signature (QES) layers on a certification authority recognized by a state. In Canada, the QES doesn't exist in the same form as in Europe, and notarial acts stay outside the scope of any software anyway.
Our module produces a simple signature, but a well-instrumented one: fingerprint, audit trail, certificate, seal and time-stamp. For the vast majority of commercial contracts, agreements and binding acknowledgements of receipt, that's exactly what's needed, and it's precisely the kind of proof courts have already accepted. If you need to step up to the advanced signature, we lean on LibreSign, which we covered in our article on open-source electronic signatures. The module then becomes the layer that orchestrates all of it inside Odoo.
Not sure which level you need? It's rarely a technical question to begin with, it's a question of risk and document type. Let's talk about your signatures and we'll point you to the right tier, without selling you more than you need.
The limits to know about
Let's stay honest: no tool is magic. The seal we generate is, by default, self-issued. Adobe will therefore read it as 'valid, but not certified by a recognized authority', a bit like a website whose certificate isn't yet validated by an external body. Integrity is guaranteed, but to get the automatic green check, you need to anchor the seal to a certification authority, a step we can add if needed.
Next, since you host it, you're the one responsible for it: backups, updates, keeping the documents over time. That's already true for the rest of your Odoo, but it's worth saying. Finally, this module doesn't replace a notary: for acts that legally require one, there's no software shortcut.
One last point, and it counts: like any open-source software, the module is provided 'as-is', with no warranty. You have the full code and full control, and with that comes the responsibility for how it's used and configured. That's also why we deploy it and support it, rather than leaving you alone with a GitHub repository.
Our approach
We deploy this module on Odoo Community, hosted in Quebec, under your control. Your contracts stay with you, Law 25 compliance is baked in from the start, and the code is open: you, or any expert, can check exactly what it does. We use it ourselves every day, and it serves service agreements just as well as binding acknowledgements of receipt. No subscription that climbs with your headcount, no document quietly travelling abroad.
The code is public on our GitHub repository, alongside our other in-house modules. If you want to see everything we've published, it's in our article on our Odoo modules on GitHub.
Shall we talk?
Still getting your documents signed by email, or paying a subscription for it? Let's talk about your contracts : we'll look together at what's circulating in your shop and how to make it solid, with no recurring fees.
Sources
- Civil Code of Quebec, art. 2827 (definition of a signature): LégisQuébec
- Act to establish a legal framework for information technology (LCCJTI), art. 5 to 7 and 39 (legal value, integrity, presumption): LégisQuébec
- Secure Electronic Signature Regulations (SOR/2005-30), federal framework: Justice Laws
- PAdES standard (PDF seal) and RFC 3161 time-stamping for tamper-proofing
- Our code, published on GitHub