Importing CSV contacts for an annual report: the guide

Why import your contacts in CSV for an annual report?

Every year, joint-stock companies, holding companies and associations must have their annual report signed by a set of stakeholders: board members, shareholders, statutory auditors and, depending on the bylaws, all unit holders. Manually entering each email address into an electronic signature platform represents a considerable loss of time and a source of human error. Importing a CSV file (Comma-Separated Values) solves this problem by allowing you to inject hundreds of structured contacts directly into your signature workflow in a matter of seconds.

This approach aligns with an increasingly widespread logic of electronic signature in business: automating mass sends whilst guaranteeing legal traceability of each signature. In this guide, we detail each step, from CSV file preparation to final validation of signatures.

---

Preparing your CSV file: structure and best practices

The quality of the import depends directly on the rigour with which the CSV file is constructed. A poorly formatted file generates import errors, missing contacts or duplicates that slow down the entire signature process.

Essential columns

For an annual report involving signatories and shareholders, your CSV file must contain at minimum the following columns:

• email: email address of the signatory (RFC 5321 format mandatory)
• firstname: contact's first name, used to personalise the invitation message
• lastname: surname
• role: role in the signature process (e.g. `signatory`, `reader`, `validator`)
• signature_order: integer indicating position in a sequential workflow (leave blank for parallel signature)
• telephone (optional): number in international E.164 format (+33XXXXXXXXX) for SMS authentication in the context of advanced signature
• group (optional): business category (e.g. `majority_shareholder`, `board_member`, `statutory_auditor`)

Certyneo accepts UTF-8 and UTF-8 BOM encodings, which avoids display problems with accented characters that are common with exports from Excel on Windows. The standard separator is the comma, but semicolon is also supported — specify it during import if your management software uses this convention.

Clean data before import

Before uploading your CSV, carry out a data cleaning phase:

1. Deduplication: a shareholder present twice with two different email addresses must be resolved upstream. A duplicate generates two invitations and can create legal ambiguity about which signature value is retained.
2. Email format validation: use a validation formula in Google Sheets (`=REGEXMATCH(A2,"^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$")`) or a dedicated tool like Hunter.io Verifier.
3. Role verification: for an annual report, some shareholders have read-only rights (management report) whilst others must affix a formal signature (resolutions at assembly). Distinguish them clearly in the `role` column.
4. Phone number check: if you opt for advanced electronic signature with OTP via SMS, all numbers in the `telephone` column must be in E.164 format. A missing number blocks sending for that contact.

Example of valid CSV structure

```csv email,firstname,lastname,role,signature_order,telephone,group jean.dupont@exemple.fr,Jean,Dupont,signatory,1,+33612345678,board_member marie.martin@exemple.fr,Marie,Martin,signatory,2,+33698765432,majority_shareholder pierre.durand@exemple.fr,Pierre,Durand,reader,,+33677889900,statutory_auditor ```

Note that `Pierre Durand`, statutory auditor in read-only mode, has no order number (column empty) as he is not a signatory.

---

Importing the CSV into Certyneo: step-by-step procedure

Once your file is prepared, importing into Certyneo takes just a few steps from the signature folder creation interface.

Create the signature folder for the annual report

1. Log in to your Certyneo space and click on New folder.
2. Upload the annual report PDF (management report, consolidated accounts, resolutions). You can use Certyneo's AI contract generator⟧ if you need to prepare a supplementary assembly minutes.
3. In the Signatories tab, click on Import from a CSV.

Configure the import

A configuration window opens:

• Encoding: select `UTF-8` or `UTF-8 BOM` depending on your file.
• Separator: comma or semicolon.
• Header row: check the box if the first line of your CSV contains column names (recommended).
• Column mapping: Certyneo proposes automatic mapping based on standard column names. Verify that each column is correctly associated with the right field. If your column is called `mail` instead of `email`, adjust the mapping manually.

Certyneo displays a preview of the first 5 contacts before validation. Check that no critical field is empty or incorrectly formatted. The system flags in red the rows containing blocking errors (invalid email, unknown role) and in orange non-blocking warnings (missing phone number for an advanced signatory).

Validate and configure the workflow

After validation of the import, Certyneo displays the complete list of imported contacts. You can then:

• Define the signature type by group: simple signature (eIDAS article 3.10) for readers, advanced or qualified signature for board members. Consult the comparison of electronic signature solutions to choose the level appropriate for your context.
• Configure signature order: sequential (the majority shareholder signs before board members) or parallel (all signatories receive the invitation simultaneously).
• Personalise the invitation message: integrate the signatory's name (`{{firstname}} {{lastname}}`) and the document title into the email body.
• Set expiration date of the folder: for an annual report, 15 to 30 days allows sufficient time for non-resident shareholders.

---

Managing errors and follow-ups after import

Even with a well-prepared CSV, unforeseen situations arise once sending is launched.

Dealing with bounces and invalid addresses

Certyneo reports in real time soft bounces (mailbox full) and hard bounces (non-existent address). For an annual report with legal stakes, a bounce must trigger immediate action:

1. Identify the contact concerned in the folder dashboard.
2. Update their email address from the contact sheet.
3. Resend the individual invitation without recreating the entire folder.

This granular correction capability is essential for meeting legal deadlines for notice or distribution of the report defined by your bylaws or by the Commercial Code.

Automate follow-ups

For an annual report with many shareholders, manual management of follow-ups is impractical. Certyneo allows you to schedule automatic follow-ups:

• D+3: first follow-up for signatories who have not opened the invitation email.
• D+7: second follow-up for signatories who have opened but not yet signed.
• D+14: final follow-up mentioning the folder expiration deadline.

Each follow-up is logged in the folder with timestamp, which constitutes proof of diligence in the event of subsequent challenge. For companies managing multiple annual reports (subsidiaries, funds) and wishing to refine their electronic signature productivity calculation, the electronic signature ROI calculator allows you to estimate gains achieved compared to a paper or standard email process.

Export the signature report

Once all signatories have affixed their signature (or upon folder expiration), Certyneo automatically generates:

• The audit report (audit trail) in PDF format, listing each timestamped event: opening, authentication, signature, electronic identity used.
• The consolidated signed document with integrated electronic signatures, archived for a configurable duration (from 5 to 30 years depending on the retention policy defined in your space).

This audit report is the key piece in the event of dispute: it proves that each signatory has indeed received, opened and signed the document under the required conditions. It must be preserved at the same security level as the document itself, in accordance with the obligations of article 1366 of the Civil Code and the eIDAS regulation.

---

Optimising your import process for future years

CSV import of an annual report is not an isolated event: it repeats every fiscal year. A few best practices allow you to reduce preparation time from one year to the next.

Maintain a master CSV file

Keep a master CSV file of your permanent signatories (board members, statutory auditors, stable shareholders). Each year, you only need to update the entries that have changed (departures, new shareholders, email address changes) rather than rebuilding the file from scratch.

Use Certyneo folder templates

Certyneo allows you to save a folder as a template: workflow parameters, personalised invitation message, signature order, signature levels by group. The following year, simply load the template, import the updated CSV, and replace the report PDF. This configuration saving represents in practice 60 to 80% of the setup time for a new folder.

Connect your shareholder register via the API

For companies with a shareholder register in management software (ERP, cap table tool), Certyneo's REST API allows you to completely automate the export-import. A scheduled script can extract the list of shareholders the day before sending the report, generate the CSV, upload it via API and launch the signature folder without human intervention. This approach is particularly relevant for structures managing dozens of subsidiaries or several hundred shareholders. For teams wishing to evaluate Certyneo pricing tailored to this usage volume, the dedicated page details API options and enterprise plans.

Legal framework applicable to electronic signature of an annual report

Importing CSV contacts and sending an annual report to signatories via an electronic signature platform falls within a specific legal framework that any company must understand before deploying this type of process.

Legal value of electronic signature

Article 1366 of the French Civil Code provides that "electronic writing has the same probative force as writing on paper" provided that "the person from whom it emanates can be duly identified and that it is established and preserved in conditions such as to guarantee its integrity". Article 1367 specifies that electronic signature "consists of the use of a reliable identification procedure guaranteeing its link with the act to which it is attached".

At European level, the eIDAS Regulation No 910/2014 (and its eIDAS 2.0 update currently being transposed) defines three levels of signature: simple electronic signature (SES), advanced electronic signature (AES) and qualified electronic signature (QES). For an annual report intended for shareholders, the minimum recommended level is advanced signature, which requires strong authentication of the signatory (SMS OTP, certificate) and the use of signature creation data linked uniquely to the signatory.

Personal data protection (GDPR)

Importing a CSV file containing personal data (name, surname, email address, phone number) constitutes data processing under GDPR Regulation No 2016/679. As such, the company carrying out this import is qualified as a data controller and must:

• Ensure that data collection is based on a valid legal basis (article 6 GDPR): performance of a contract (shareholding) or compliance with a legal obligation (filing of accounts, general meeting) constitute solid legal bases.
• Inform signatories of data processing in accordance with articles 13 and 14 of GDPR (legal notices in the invitation message).
• Govern the relationship with Certyneo by a data processing agreement (Data Processing Agreement, DPA) compliant with article 28 GDPR. Certyneo provides this contractual document in the general terms of use.
• Respect retention periods: signatory data and audit report must be retained for at least 5 years (commercial prescription, article L.110-4 of the Commercial Code) and up to 30 years for acts relating to real estate rights or major corporate undertakings.

Applicable technical standards

The advanced and qualified electronic signature formats used by Certyneo comply with ETSI EN 319 132 (XAdES), ETSI EN 319 122 (CAdES) and ETSI EN 319 162 (PAdES for PDFs) standards. These standards guarantee the interoperability of signatures between EU Member States and their recognition by European judicial systems.

Finally, the NIS2 Directive (2022/0383/COD), transposed into French law in 2024, imposes strengthened cybersecurity requirements on digital service operators, including electronic signature platforms. Certyneo integrates these requirements via TLS 1.3 encryption of communications, encryption at rest of documents and an active bug bounty programme.

Use scenarios: CSV import and annual report in practice

Scenario 1 — A family holding managing about twenty subsidiaries

A family holding with interests in about twenty structures must each year have the consolidated annual report signed by all managers and associates of its subsidiaries, around 80 signatories. Before implementing CSV import, the general secretary spent on average 3 hours manually entering coordinates into the signature tool, with a data entry error rate of approximately 8% (wrong addresses, swapped first names).

After adoption of structured CSV import on Certyneo, the time for folder preparation dropped to 25 minutes (including 15 minutes of updating the master CSV). The data entry error rate fell to zero. Automatic follow-ups scheduled at D+3 and D+7 achieved 100% of signatures within an average of 9 days, compared to 22 days with the previous postal process. This 60% reduction in signature collection time is consistent with the ranges published by professional associations of group general secretaries.

Scenario 2 — An agricultural cooperative with several hundred members

An agricultural cooperative with 340 active members must annually submit the management report and certified accounts for approval by its members. Members, spread across several departments, could not all travel to the general meeting, which delayed formal closure of the process.

By integrating CSV import into Certyneo, the cooperative was able to send documents simultaneously to all members with a parallel signature workflow. The CSV file, exported directly from the unit share management software, contains all up-to-date coordinates. Simple electronic signature (SES) was selected for member signatories of the approval deed, this level being sufficient for routine management acts according to internal legal analysis. The signature rate within 10 days reached 91%, compared to 67% via the previous postal process, significantly reducing the costs of registered mail (estimated at €4 to €6 per item according to La Poste rates 2026).

Scenario 3 — A consulting firm supporting multiple clients at their annual closure

A consulting firm assisting twenty clients — SMEs — with their annual accounting obligations centralises the collection of annual report signatures on behalf of its clients. Each client has a different list of signatories (partners, managers, accountants).

Thanks to Certyneo's multi-client sub-spaces and CSV import by folder, the firm has standardised its process: one CSV template per structure type (SARL, SAS, SA), a documented import procedure provided to assistants, and a consolidated dashboard allowing the manager to track signature progress across all clients. The estimated time saving is 2 to 3 hours per client per fiscal year, or 40 to 60 hours across the entire annual portfolio. This saving is reinvested in higher value-add missions for clients.

Conclusion

Importing contacts from a CSV file for an annual report is not simply a matter of technical convenience: it is a strategic decision that determines the legal reliability, speed of execution and GDPR compliance of your signature process. A well-structured CSV, careful mapping, automated follow-ups and rigorous audit reporting form the four pillars of a flawless annual signature workflow.

Whether for a holding, a cooperative or a firm supporting multiple clients, Certyneo provides the tools needed to industrialise this import whilst respecting the requirements of the eIDAS Regulation and GDPR. Ready to simplify your next annual report? Create your Certyneo account free of charge and import your first CSV in less than five minutes.