The value of transaction data
Transaction data and the certificate of completion
- Transaction data is metadata outside a DocuSign envelope that describes activities, events, and actions that occur in the normal course of using the Signature service, such as an envelope creation date, a recipient’s email address, or the date and time an envelope is returned to a sender.
- Transaction data does not include the content within an eDocument, as such content is encrypted while on the Signature service and not a part of the transaction data metadata.
- The primary business purpose for collecting and retaining transaction data is to enable the customer and all parties involved in a transaction, as well as DocuSign, to validate its authenticity via the neutral, third-party audit trail.
What is transaction data?
Transaction data is metadata about activities, events, and actions that occur in the normal course of users starting, progressing, and completing the digital transaction on the Signature service.
A helpful analogy is when a courier service delivers an envelope from one party to another. The courier service tracks when an envelope is picked up, its progress through distribution centers or airline facilities, and when it’s delivered to the recipient (who may be required to sign for it). This information is available to both parties throughout the process, as well as after delivery is complete for confirmation or future reference.
Similarly, the Signature service provides a record of activities in support of a customer’s transactions on the Signature service. This metadata serves multiple purposes, including providing an audit trail if a transaction is ever challenged and helping DocuSign maintain the quality and performance of the service.
What types of information are included?
Transaction data includes some information provided by the sender (e.g. an email address), as well as information generated by the Signature service (e.g. the date/time of an action), and falls into three general categories:
- Description of the envelope and parties involved, such as recipient names and email addresses and the method designated by the sender to authenticate a recipient’s identity (if applicable)
- Time of occurrence and key events and actions, such as:
- When an envelope is sent or viewed
- A recipient’s acceptance of the Electronic Records and Signature Disclosure, consenting to receive notices electronically
- Status designations that indicate if an envelope was declined or voided
- System-level tracking, such as an Internet Protocol (IP) address and other online identifiers and location data
Is transaction data distinguishable from eDocument content?
Transaction data provides limited information about DocuSign envelope activities. It does not include the envelope’s associated eDocuments.
eDocuments are encrypted during upload to the Signature service and remain so while stored there. The customer is the eDocument owner, and DocuSign employees cannot access the content within an eDocument. Moreover, the Signature service also applies a tamper-evident seal when a customer downloads their eDocument, helping ensure it is not altered after the fact.
How is transaction data used?
There are three primary uses for transaction data: audit trail, objective data, and validity. In support of each of these activities, the Signature service generates a Certificate of Completion (CoC), an electronic record that serves as an audit trail and proof of the transaction for all authorized participants as well as in court, if necessary.
Transaction data provides an audit trail of the transaction, allowing DocuSign to function as a neutral third party in the event a customer’s transaction is challenged – even if it is related to the transaction’s very existence. For example, a customer can use the audit trail to confirm who the sender and recipients were and that a document was signed at a specific time.
Customers and all recipients have objective data that confirms envelope delivery and the signing ceremony were completed. For example, the sender can confirm the recipient received the envelope, and the recipient can confirm the envelope was returned back to the sender – all via the Signature service.
By design, the Signature service generates a range of transaction data – including participants, actions, timestamps, and systems-level tracking – that support the validity of court-admissible electronic signatures.
How is transaction data maintained?
The Signature service provides the capability to produce an audit trail to evidence the electronic signature, if required, or to provide reference information regarding a transaction.
In order to produce an audit trail and provide reference information, the Signature service retains transaction data during the time of a customer’s subscription and after it has ended. DocuSign will continue to protect and secure transaction data even when a customer no longer has a current subscription with DocuSign.
Even if requested by a customer, DocuSign cannot delete or export transaction data from the Signature service due to the need to validate transactions on behalf of a customer or recipient at any point in the future. Moreover, DocuSign has not architected the Signature service to provide this capability.
However, customers may download, save, and print both eDocuments and Certificates of Completion at any time during their subscription period. The sender of an envelope may also purge their eDocuments at any time during their subscription, removing them from the Signature service (after a short queue period).
Where to find additional information
Supplemental information about the Certificate of Completion and a related document called Document History is available in the DocuSign User Guide.