Last Updated: December 14, 2023
Welcome to GSign, the digital signature certificate service provided by The General Authority for State Registration of Mongolia. This Privacy Policy aims to inform users about the types of information we collect, how we use that information, and the choices users have regarding their information.
We collect and process the following types of information:
We use the collected information for the following purposes:
We do not share your personal information with third parties, except in the following circumstances:
We implement reasonable security measures to protect your information. However, please be aware that no method of transmission over the internet or electronic storage is completely secure.
Digital signature certificates issued through GSign are valid for a period of 5 years from the date of issuance to the expiration date, in accordance with Mongolian law.
This Privacy Policy is subject to change. Any updates will be posted on this page, and your continued use of GSign after changes constitute acceptance of the updated policy.
If you have any questions or concerns regarding our privacy practices, please contact The General Authority for State Registration of Mongolia at contact@burtgel.gov.mn.
1.1. The state administrative body in charge of state registration (hereinafter referred to as the state registration authority) shall regulate the issuance, suspension, renewal and revocation of digital signature certificates to citizens of Mongolia who have reached the age of 16 and other related issues.
1.2. This regulation shall not regulate relations related to digital certificates issued by a license holder to Mongolian citizens, foreign citizens, stateless persons and legal entities for the purpose of using additional digital signatures.
1.3. Any activities related to issuance, suspension, renewal and revocation of digital signatures shall be in accordance to the Law of Digital Signatures and the Regulation of issuing, suspending, renewing and revoking digital signature certificates of Mongolian citizens over 16 years of age by the State Registration Authority.
1.4. The carrier device is the storage device that contains the digital signature.
1.5. Digital signatures shall be considered equally valid as physical signatures on paper documentation.
2.1. A digital signature certificate shall be issued to a citizen for a period of 5 years and shall be valid for the period from the date of issuance to the expiration date in accordance with Article 11.2 of the Law on Digital Signature.
2.2. Upon expiration of the certificate, the citizen shall obtain a new certificate.
2.3. The state registration authority shall provide digital signatures to citizens free of charge.
2.4. A citizen shall scan the QR code issued by the State Registration Authority in the G-sign application and send a request for a certificate in accordance with the instructions.
2.5. After the request is sent, the certificate password (hereinafter PIN code, PUK code) along with user information shall be sent to the e-mail address or mobile number.
3.1. There are two types of passwords: PIN code or login and confirmation password, and PUK code or password to reset the login and verification password.
3.2. If the PIN code is entered incorrectly 3 times in the G-sign application, the device will be locked and the lock can be unlocked by entering the PUK code correctly.
3.3. If the PUK code is entered incorrectly 10 times in the G-sign application, the certificate will be revoked and a request for a new certificate must be sent again.
4.1. The certificate holder has the following rights:
4.1.1. Use digital signatures and Digital stamps
4.1.2. To submit a request to suspend, renew or revoke the certificate
4.1.3. To partially deposit their private key with the certification body for storage
4.1.4. To set restrictions specified in Article 10.3 of the Law on Digital Signatures
4.1.5. Other rights specified in the law
4.2. The certificate holder has the following obligations:
4.2.1. Not to transfer private key to others
4.2.2. Ensure the confidentiality and security of private keys
4.2.3. To immediately notify the certification body if he / she considers that the private key is exposed to or has grounds to have been exposed to others
4.2.4. Not to use the private key related to the certificate in case of a revoked certificate
4.2.5. Not to use private key to confirm and or keep confidential any information that is considered illegal
4.2.6. Other obligations specified in the law.
5.1. The state registration authority shall suspend the certificate issued to a citizen in the cases specified in Article 17.1 of the Law on Digital Signature
5.2. In accordance with Article 17.1.1 of the Law on Digital Signature, if the certificate holder submits a written request to suspend the certificate to the state registration authority or the Diplomatic Mission of Mongolia abroad, the state registrar or registrar shall suspend it within 6 working hours and suspend the certificate for the period specified in the request.
5.3. If a certificate holder submits a request to suspend the certificate digitally using the public service system /e-mongolia.mn/, digital service device of the state registration authority and G-sign application, the state registrar and registration officer shall suspend the certificate in accordance with Article 4.2 of this regulation.
5.4. In case of discrepancies in the information of the certificate holder, a notification shall be sent to the e-mail address specified in 2.2 of this regulation or to the mobile phone.
5.5. In accordance with Article 17.1.2 of the Law on Digital Signature, the state registrar shall immediately suspend the certificate if the information specified in the certificate is erroneous or the privacy of the private key is violated and the state inspector issues a conclusion.
5.6. The certificate shall be suspended based on the decision made by the corresponding authority specified in Articles 17.1.3 and 17.1.4 of the Law on Digital Signature and the certificate holder will be informed through the e-mail address specified in 2.2 of this regulation or to the mobile phone.
5.7. The decision of the competent authority shall be received in accordance with the “Procedure for organizing document circulation” approved by the Annex to the Order A / 780 of 2021 of the Director General of the State Registration Agency and the decision shall be immediately reflected in the database.
5.8. If the certificate holder requests to renew the suspended certificate in accordance with Article 17.4 of the Law on Digital Signature, the state registrar and registrar shall confirm the request and relevant information and renew the certificate immediately.
5.9. Upon elimination of the reasons for suspension in accordance with Articles 17.1.2 and 17.1.3 of the Law on Digital Signature, the state registrar and registrar shall renew the certificate within 8 working hours and notify the certificate holder by relevant e-mail and or mobile phone number.
5.10. The state registrar / registrar / shall revoke the certificate on the grounds specified in Article 18.1 of the Law on Digital Signature.
5.11. In case the certificate is incorrectly suspended, renewed or revoked due to erroneous, careless or illegal actions of the state registrar or registrar, the certificate shall be renewd and suspended by the conclusion of the state inspector.
6.1. The holder shall bear the consequences of losing the private key due to his / her own fault, declassifying the private key, and forgetting the PIN and PUK code.
6.2. The certificate issuer shall not be liable for any damages caused by the certificate holder notifying the State Registration Authority and not suspending the certificate in accordance with Article 5.2 of this Terms of Service.