Skip to main content

Data management and privacy practices for Docusign

Last updated: April 14, 2026

This information explains the policies and technical controls Docusign uses to protect and manage your data when using Docusign.  Agreement Data refers to the data related to a contract, notice, disclosure, or other record or document generated using or deposited into Docusign Services for processing.

Security & Access

How is Docusign protecting my data?

Docusign uses robust security measures to ensure your agreement content is secure.

  • Encryption at Rest: All Agreement Data is automatically encrypted using AES 256-bit encryption (or equivalent) upon upload, limiting access to the contents of such Agreement Data to only the sender and designated recipient(s).

  • Encryption in Transit: Data being sent (in transit) is secured using TLS 1.2 protocols with a collection of strong cryptographic algorithms used to secure network connections. 

  • Access Controls: Access is limited to the sender and designated recipient(s). Docusign’s architecture, which includes systematic encryption and key management, prevents Docusign personnel from viewing or reading the content of your Agreement Data.

Docusign’s cloud migration to Microsoft Azure for CLM and eSignature, as well as Intelligent Agreement Management’s (IAM’s) Azure-native implementation, further enables us to maintain robust security standards with native Azure cryptography and key management: leveraging security architecture with built-in Zero Trust principles, continuous threat monitoring, and automated patching.

Customers who adopt Security Appliance as part of their Docusign plan can control the encryption keys on their documents.

What security standards does Docusign follow?

Docusign maintains a written Information Security Program that is certified under ISO 27001, which is an international standard for information security management. This program uses a multi-tiered approach of technical, procedural, and personnel controls.

Who can access my data?

Docusign allows you to control who can access your Agreement Data, which is limited to your authorized users and your designated recipients. Docusign deploys robust technical and organizational measures, including strong authentication as well as physical and logical access controls, to safeguard your data from unauthorized access. 

Docusign personnel cannot view or access the contents of your Agreement Data. They may have limited, role-based access to specific transactional data (information surrounding the envelope, not the document itself) on a strict need-to-know basis, such as:

  • Username, phone number, email address, and address

  • Authentication method used

  • Envelope metadata, history, and subject line

In accordance with Docusign’s Acceptable Use Policy, this access is heavily controlled by:

  • Direct manager approval

  • Application/data source owner approval

  • Security management approval for sensitive data

  • Enforcing the “rule of least privileged access”

  • Enforcing formal logical and account separation of the development, QA, and production environments

Access to critical applications and data is removed upon personnel termination and is reviewed to ensure appropriate and current access levels are maintained. Docusign is ISO 27001 certified and maintains formal policies and procedures for access control.

For more information on Agreement Data access and control, customers can request our product-specific security trust and assurance pack (STAP) from their Docusign account representative or via this link: https://www.docusign.com/trust/stap.

Data Retention & Storage

How can I delete data from my Docusign accounts?

You can delete data within the Docusign product across various features – like envelopes, templates, and more. You can also delete user-level and other data via Docusign’s Admin API

Can I control how long my documents are kept on Docusign?

You can set your account’s envelope retention policies. For example, in Docusign eSignature, you are free to purge your Agreements at any time and can use the product or API to verify that a purge has been completed. Once an eDocument or its envelope is purged, it’s also purged from the active sites in near real time.

Envelope purging is a process to permanently remove documents and their field data from completed and voided envelopes after a specified retention period. If you purge the envelopes sent from your account, we provide an option to retain the audit log data (which includes the Certificate of Completion and history) to support our ability to attest to the details of a transaction. Customers view this behavior as a valuable feature that allows Docusign to be a neutral record.

Audit log data in Docusign eSignature may include:

  • Envelope addressing information, including sender(s) and signer(s)

  • Envelope history

  • Envelope information, such as IP’s, date/time of signing, and authentication methods used by recipients

More information on document retention, targeted envelope purge, and data deletion capabilities can be found on the Docusign Support pages.

For more information about how Docusign collects and uses personal data, visit the Privacy Notice.

Where is my data physically stored?

Docusign stores your Agreement Data in one of five geographically distinct data center regions (U.S., Canada, Europe, Australia, or Japan). Each of these regions employs the same technical and organizational security and has the same data protection measures in place.

Customer service instances are provisioned in the data center region closest to the location where you sign up for a Docusign account (e.g., based on your company billing address). For Web customers, automatic logic based on your location determines your data center region.

If you work with a Docusign representative when setting up an account, you can choose their preferred data center region. You can have multiple accounts, and those accounts can be provisioned to different data center regions. Please see [Data Residency] for more information. 

Privacy and Compliance

How does Docusign prioritize privacy regulations, like GDPR?

Docusign operates on internal privacy and data protection policies aligned to industry best practices, including international regimes, such as the GDPR and the California Consumer Privacy Act (CCPA). We have a dedicated Global Privacy Program overseen by a team of dedicated privacy professionals. IAPP-certified privacy professionals review company data processing activities that have privacy and data protection implications, assess compliance, and make recommendations to help meet or exceed compliance requirements. 

On an annual basis, Docusign undergoes rigorous review and approval by the Irish Data Protection Commission, Docusign’s lead supervisory authority for its Binding Corporate Rules (BCRs), widely considered the ‘gold standard’ for legal transfers of personal data outside the EU, as both a data processor and as a data controller. See Privacy and the GDPR for more on how Docusign prioritizes GDPR-compliant processes and is committed to customer privacy.

How can I submit a data privacy rights request regarding my personal data?

Docusign operates in accordance with fundamental privacy principles that underlie global privacy regulations. We respect every individual’s right to know what personal data is collected and how it is used or processed. Privacy rights requests apply specifically to personal data relating to an individual. They do not include requests to close a Docusign account, offboard a customer, or delete organization- or tenant-level service data, which are governed by your applicable service agreement and managed through administrative controls.

A data privacy rights request is a formal inquiry allowing you to exercise control over your personal information. Depending on your jurisdiction, this typically includes the right to:

  • Access: Receive a copy of the personal data Docusign holds about you.

  • Correct: Update inaccurate or incomplete personal information.

  • Delete: Request the removal of your personal data from our systems (where applicable).

  • Object: Object to the processing of your personal data, such as for direct marketing purposes or when processing is based on legitimate interests.

You can submit requests regarding your personal data using the Docusign Privacy Request Portal

How is Docusign prioritizing privacy in its products & business practices?

Docusign uses a "Privacy by Design" approach, meaning privacy principles are embedded into products and services from the initial concept and development phases through to release. 

Beyond product development activities, our privacy team assesses a variety of activities across the company involving personal data for privacy compliance. Moreover, all Docusign personnel undergo mandatory privacy and security training. These trainings are audited for compliance and reviewed regularly to ensure employee awareness of the importance of compliance and its relevance to our business activities. We also deliver periodic privacy and security communications to supplement required role-based training, further reinforcing data privacy and data security best practices.

Does Docusign use third-party service providers (Subprocessors)?

Yes. We maintain a public list of the subprocessors we use for products and services, including the activities the subprocessors perform and their geographic location.  We ensure that we have data protection agreements in place with our subprocessors that bind them to privacy and data protection obligations.

Where can I view your full privacy notice?

Our privacy notice is available at Privacy Notice.