Privacy Policy

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support.

• Account information (name, email, password)
• Document content and signatures
• Usage data and analytics
• Communication preferences
• IP addresses and device information
• Browser type and operating system
• Cookies and similar tracking technologies
• Location data (with your consent)
• Payment and billing information
• Customer service interactions and recordings

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services:

• Process and store your electronic signatures
• Provide customer support and respond to inquiries
• Send important service updates and notifications
• Improve our platform and develop new features
• Verify your identity and prevent fraud
• Process payments and manage billing
• Comply with legal and regulatory requirements
• Conduct analytics and research to improve our services
• Personalize your experience and content
• Send marketing communications (with your consent)
• Monitor and analyze usage patterns and trends
• Maintain security and prevent unauthorized access

3. Anti-Spam Policy

DotSign is committed to preventing spam and maintaining the highest standards of email deliverability and compliance.

Email Communications

• We only send emails to users who have explicitly opted in or have an existing business relationship with us
• All marketing emails include clear unsubscribe mechanisms
• We honor unsubscribe requests immediately and within 10 business days maximum
• We maintain suppression lists to prevent sending to users who have opted out
• We regularly clean our email lists to remove invalid or bounced addresses
• We use double opt-in confirmation for newsletter subscriptions

CAN-SPAM Compliance

• We clearly identify ourselves as the sender in all emails
• Subject lines accurately reflect the content of the message
• We include our physical business address in all commercial emails
• We distinguish between transactional and promotional content
• We process opt-out requests promptly and efficiently

Email Service Provider Compliance

• We maintain high sender reputation scores with major ESPs
• We implement proper authentication (SPF, DKIM, DMARC)
• We monitor bounce rates and maintain them below industry thresholds
• We segment our email lists based on engagement and preferences
• We provide clear expectations about email frequency and content

Prohibited Activities

• Sending unsolicited bulk emails or spam
• Purchasing or renting email lists from third parties
• Using deceptive subject lines or sender information
• Continuing to email users after they have unsubscribed
• Using our platform to send spam or malicious content

4. Data Security

We implement industry-standard security measures to protect your data:

• End-to-end encryption for all documents
• SOC 2 Type II compliance
• Regular security audits and penetration testing
• Multi-factor authentication support
• TLS 1.3 encryption for data in transit
• AES-256 encryption for data at rest
• Regular security training for all employees
• Incident response and breach notification procedures
• Access controls and principle of least privilege
• Regular backup and disaster recovery testing
• Third-party security assessments and certifications

5. Data Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

• With your explicit consent
• To comply with legal obligations
• To protect our rights and prevent fraud
• With trusted service providers under strict confidentiality agreements
• In connection with a merger, acquisition, or sale of assets (with notice)
• To law enforcement or government agencies when legally required
• To protect the safety and security of our users and the public
• With professional advisors (lawyers, accountants) under confidentiality obligations

6. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

• Account information: Retained while your account is active and for 7 years after closure
• Document signatures: Retained for the legally required period (typically 7-10 years)
• Usage data: Retained for up to 2 years for analytics and service improvement
• Marketing data: Retained until you unsubscribe or for 3 years of inactivity
• Support communications: Retained for 3 years for quality assurance
• Financial records: Retained for 7 years as required by law

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

• We use Standard Contractual Clauses approved by the European Commission
• We ensure adequate level of protection as determined by relevant authorities
• We implement additional technical and organizational measures when necessary
• We provide notice and obtain consent where required by applicable law

8. Your Rights

You have the right to:

• Access and download your personal data
• Correct inaccurate information
• Delete your account and associated data
• Opt out of marketing communications
• Port your data to another service provider
• Restrict processing of your personal information
• Object to processing based on legitimate interests
• Withdraw consent at any time (where processing is based on consent)
• Lodge a complaint with supervisory authorities
• Receive information about data breaches that may affect you

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

10. Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Providing in-app notifications for significant changes
• Updating the "Last updated" date at the top of this policy

11. Contact Us

If you have any questions about this Privacy Policy, please contact us: