Adobe electronic signature services privacy
Last updated: 15 June 2020
When using Adobe Sign, the "sender" sends a document to the "signer." The signer may be required to provide personal information about him or herself in order to complete form fields and electronically sign the document. Adobe collects some of this information on behalf of the sender of the document and other information for the purposes of providing the electronic signature service.
Information collected on behalf of the sender: Where Adobe collects and uses information on behalf of the sender of the document (or the organisation to which the sender belongs), the sender is the controller of this information. This may include, without limitation, information embedded within a document, collected via form fields or other information regarding the signer’s access and use of the electronic signature service such as the date and time of a signature or transaction event, IP address and other information about the browser or device used to send, sign, delegate, approve or take other actions with respect to the document. For example, IP address is recorded as part of the “activity log” and/or "audit trail" that is linked to the electronically signed document. The activity log and audit trail are generally made available to senders, signers and other “participants” in a document workflow and is retained according to the agreement between Adobe and the sender.
Additionally, a “sender” may elect to employ additional authentication methods to apply a more stringent standard for verifying the identity of a “signer.” For example, a sender may request that a signer upload documents that help the sender (not Adobe) verify the identity of the signer. With this feature, the sender will receive copies of the documents provided by the signer and these may be stored in the audit trail along with the electronically signed copy of the document. If the sender requests that the signer’s identity be verified through other identity verification processes (challenge questions or SMS verification code), then additional information may be collected from the signer. As part of this process, information such as the signer’s identification details and answers to challenge questions may be passed through Adobe Sign. That information is used only to verify the signer’s identity on behalf of the sender.
By default, Adobe's electronic signature service sends a copy of the electronically signed document to both the sender and the signer. The sender also controls how long documents are stored by Adobe and available to signer to download. The sender is responsible for configuring any security options available within the service to protect the documents and their exchange between the sender and signer.
Information collected by Adobe to provide Adobe Sign: Adobe collects information about how senders and signers use and access features and capabilities of the electronic signature service. We collect and use this information to operate, improve and personalise the electronic signature service.