Adobe electronic signature services additional privacy information
Last updated: 08 March 2022
When using electronic signature services, the "sender" sends a document to the "signer." The signer may be required to provide personal information about him or herself in order to complete form fields and electronically sign the document. Adobe collects some of this information on behalf of the sender of the document and other information for the purposes of providing the electronic signature service.
Information collected on behalf of the sender: Where Adobe collects and uses information on behalf of the sender of the document (or the organisation to which the sender belongs), the sender is the controller of this information. This may include, without limitation, information embedded within a document, collected via form fields or other information regarding the signer’s access and use of the electronic signature service such as the date and time of a signature or transaction event, IP address and other information about the browser or device used to send, sign, delegate, approve or take other actions with respect to the document. For example, IP address is recorded as part of the “activity log” and/or "audit trail" that is linked to the electronically signed document. The activity log and audit trail are generally made available to senders, signers and other “participants” in a document workflow and is retained according to the agreement between Adobe and the sender.
Additionally, a “sender” may elect to employ additional authentication methods to apply a more stringent standard for verifying the identity of a “signer.” For example, a sender may request that a signer take a photo for identity verification purposes and upload documents (such as a government-issued ID) that help the sender (not Adobe) verify the identity of the signer. To facilitate the sender's verification request, the signer may be asked to provide a mobile number to receive instructions on their mobile device.
For the photo verification feature, Adobe's third-party provider may create biometric information from your photo (e.g., facial recognition) to perform the identity verification. Adobe and the sender receive a confirmation of the verification from the third-party provider (e.g., verified or not verified). No biometric information is shared with Adobe or the sender and the third-party provider deletes any biometric information created by the provider within 180 days after collection.
For the document upload feature, the sender will receive and store copies of the documents (e.g., government-issued ID) or images provided by the signer and these may be stored in the audit trail along with the electronically signed copy of the document. If the sender requests that the signer’s identity be verified through other identity verification processes (challenge questions or SMS verification code), then additional information may be collected from the signer. As part of this process, information such as the signer’s identification details and answers to challenge questions may be passed through the Adobe electronic signature service. That information is used only to verify the signer’s identity on behalf of the sender. The documents and images uploaded during the authentication/identity verification process will be retained for as long as the sender retains the document in the Adobe electronic signature service.
By default, Adobe's electronic signature services send a copy of the electronically signed document to both the sender and the signer. The sender also controls how long documents are stored by Adobe and available to signer to access or download. The sender is responsible for configuring any security options available within the service to protect the documents and their exchange between the sender and signer.
Information collected by Adobe to provide services: Adobe collects information about how senders and signers use and access features and capabilities of the electronic signature services. We collect and use this information to operate, improve and personalise the electronic signature services.