Skip to main content
Trust Center

Docusign Trust Center

See Updates and AlertsView System Status

Transparency is essential

Docusign’s first priority is to make your experience safe and secure—and to ensure you have the information you need to feel comfortable transacting business online. That’s why we created the Trust Center: to give you access to the latest Docusign security, compliance, legal, privacy, and system performance information, when and where you need it.

As of April 11, 2024, Docusign has a new look and feel, including a new logo. Learn more about our new brand chapter.

> Docusign Trust and Security Overview

> Read our AI Innovation Principles

> Read about our trusted AI approach

> Newsweek names Docusign the #1 most trusted software & telecommunications company in America, 2024

Trust resources

  • trustcenter-vce-third-party-risk-management

    Third-party risk management

    Read how third-party risk management teams evaluate e-signature solutions.

    Learn More
  • trustcenter-vce-blog

    Are electronic signatures safe?

    Learn how e-signatures are more secure than wet signatures.

    Read the post
  • trustcenter-vce-security-and-legal

    Learn how successful teams work together to protect their organization from harm.

    Read the Whitepaper

Docusign compliance certifications

Docusign meets or exceeds stringent US, EU and global security standards. Our commitment to and significant ongoing investment toward protecting customer data extends to all of Docusign’s operating environments.

Docusign BCR logo
schellman iso27001 seal blue logo
pci logo
aicpa logo
align iso27001 logo
Learn More

Alerts and updates

Alert: Phishing Campaign Observed, November 6, 2024
11/06/2024

Docusign has observed phishing activity where bad actors are abusing Docusign APIs to send fake invoices (Norton, PayPal) that appear authentic. While, in the interest of security, we don’t disclose specifics that could alert bad actors to our prevention tactics, Docusign has a number of capabilities, technical systems and teams in place to help prevent misuse of our services. 

Activity matching this campaign can be reported to Docusign through our Report Abuse feature or directly through our online web portal i-Sight. As a reminder, do not click on any email or attachment links from unknown or untrusted senders. See the Security Incident Reporting page, How Docusign Users Can Spot, Avoid and Report Fraud, and Tools to Protect Your Data From Phishing for more information.

Planned Disaster Recovery Exercise for e-Signature in Canada
11/05/2024

Docusign will undertake a planned disaster recovery exercise on Saturday, November 9 2024 from 00:00 EST to 02:00 EST. The scope of this exercise is to perform a regional full-platform failover of e-Signature services in Canada. 

This exercise is not expected to cause downtime or detrimentally impact e-Signature services, however we are notifying customers as a precautionary measure.


UPDATE: Subprocessor Update for Docusign Services, October 10, 2024
10/10/2024

Dear Customer,

We want to inform you that Docusign has updated the Subprocessor List for Docusign Services.

Below are the key changes:

DocuSign eSignature Service and Related Add-ons (including Rooms for Real Estate):

  • Included the following optional Service Add-on Subprocessors to the Extension Apps section:

    • Vonage Holdings Corporation for phone number verification

    • Lexis-Nexis Risk Solutions FL Inc. for Email address verification (Basic) SSN, Business Entity (Premium)

  • Added the following new optional Service Add-on Subprocessors to the Extension Apps section:

    • Zapier (Left Hook Inc.) for Infrastructure services, email delivery, and cloud hosting services

    • Smarty for physical address verification

    • Twilio for email address verification

DocuSign CLM Service and Related Add-ons:

  • Modified the subprocessor DocuSmart Inc. (d/b/a Lexion) for AI-Assisted Review services.

You may object to a subprocessor by emailing privacy@docusign.com with the subject line “Subprocessor Objection,” along with your name, your company’s name, the name of the Docusign service, the name of the subprocessor, and the specific grounds for objection.

Regards,
The Docusign Team

See AllFollow Us on TwitterSubscribe to the RSS Feed