Privacy Policy
At DocSign, privacy is not just a policy—it is the foundation of our entire ecosystem. We recognize that when you use our platform, you are entrusting us with your most sensitive professional and personal assets: your signatures and your legal documents. This Privacy Policy is designed to explain, in exhaustive detail, exactly how we handle that trust.
1. The Core Philosophy of Data Ownership
The most important principle at DocSign is that you own your data. Unlike many digital platforms that treat user data as a product, we treat your data as a sacred trust. We do not claim any ownership over the signatures you create or the documents you upload, sign, or manage through our service.
Our role is strictly limited to that of a service provider. We provide the infrastructure, the security layers, and the interface required for you to execute and manage your digital identity. Your signatures remain your property, and we only process them to the extent necessary to fulfill the specific actions you initiate—such as signing a document or syncing a signature from your drawing app.
2. Deep Dive: How Your Signatures are Handled
When you use the DocSign app (our signature creator) to handcrafted your digital signature, the privacy process begins immediately. We understand that a physical signature is a unique biometric identifier, and its protection is paramount.
- Encryption at Storage: The moment your signature is synced to our cloud "Signature Store," it is encrypted using advanced algorithms. This means that even if a bad actor were to gain access to our raw database, your signature would be unreadable and unusable.
- Limited System Access: Our internal systems are designed so that our staff—including developers and support specialists—cannot "see" or download your physical signature image. It is converted into a secure metadata format that the system uses to apply it to documents, but the visual asset remains shielded.
- App-to-Vault Transit: When you sync your signature from the drawing suite to your dashboard, it travels through a secure, encrypted tunnel. We do not store intermediate copies of your signatures in temporary caches.
3. Information We Collect and Why
To provide a legally-defensible and functional e-signature service, we collect a specific set of data. We are committed to "Data Minimization"—collecting only what is strictly necessary.
A. Account Information
We collect your name and email address. This is required to create your secure workspace, manage your document templates, and ensure that you can recover your account should you lose access.
B. Security & Audit Logs
For every signature applied to a document, we record an "Activity Log." This includes your IP address, a timestamp (accurate to the millisecond), and the device type used. This information is critical for providing a "Trusted Digital Seal," allowing you to prove exactly when and where a signature was executed in a court of law.
C. Workspace Metadata
We store information about your team structures, document folders, and template categories. This metadata helps us organize your Command Center so you can manage your digital identity efficiently.
4. The Absolute Right to Erasure
"Your data should never be a permanent prisoner of a cloud service."
At DocSign, we believe in the "Right to be Forgotten." We have implemented a "Cloud Delete" feature that gives you total control over your digital footprint.
You have the power to delete any signature image from our "Signature Store" at any time. Furthermore, you can delete finalized documents from your vault. When you initiate a deletion, the following happens:
- The raw document or signature file is purged from our primary database.
- The cryptographic pointers to that data are invalidated.
- The data is removed from our active cloud environment permanently.
Please note that while document deletion removes the file from our servers, it does not "un-sign" the physical copies you or your clients may have already downloaded. We recommend that you download all important files before using the cloud-delete feature.
5. Data Privacy and Secure Storage
We have a zero-tolerance policy for data selling or unauthorized sharing.
We do not sell your personal information, signature data, or document content to anyone. Your signatures and documents are stored within our own highly secure, encrypted database infrastructure. We do not transmit or "share" your sensitive data with external third parties for processing.
Everything you create and manage on DocSign stays within our proprietary secure environment. By keeping your data in our own protected vault, we ensure it remains under our direct control and is guarded by the highest levels of digital security.
6. Document "Sealing" and Security
Every document processed through DocSign is protected by a "Trusted Digital Seal." This is a cryptographic hash of the document's content. If even a single character or pixel in a signed document is changed after the signature is applied, our verification system will immediately flag the document as invalid.
This "Lock-and-Key" approach ensures that your documents remain immutable and truthful from the moment the final signature is applied until the end of the document's life.
7. Changes to This Policy
As we add new features to the DocSign ecosystem, we may update this Privacy Policy. Any significant changes will be communicated to you via email or through a prominent notice on our landing page. Your continued use of the service after such updates constitutes your acceptance of the new terms.
Still have privacy concerns?
"We believe that everyone deserves to know exactly how their digital identity is being guarded. If there is anything in this policy that isn't clear, we want to hear from you."
Contact our Privacy Team in the Help Center