Privacy Policy

Last Updated: August 20, 2024

DocuSeal, LLC (“we,” “our,” or “us”) is dedicated to respecting your privacy. This Privacy Policy outlines how your personal information is collected and used by DocuSeal.

This Privacy Policy is applicable to our services and their related domains (collectively referred to as our “Service”). By accessing or using our Service, you confirm that you have read, comprehended, and consented to our collection, storage, and use of your personal information as detailed in this Privacy Policy and our Terms of Service.

1. Data We Collect

We collect several different types of data:

2. Purpose for Collection and Use of Data

We use the collected data for the following reasons:

3. Sharing Your Information

Protecting your privacy is crucial for us, which is why we do not sell, trade, or otherwise transfer your personal information to outside parties, except under defined circumstances, such as:

4. Data Residency and International Transfer

docuseal.co - Our primary operations involving personal data occur within the US (AWS Northern Virginia region). Your data may be transfered to locations outside the US for the reasons outlined in Section 3. We perform due diligence on our service providers to ensure that the entities receiving your personal data implement adequate data protection and security policies.

docuseal.eu - We use AWS EU region, and all documents and user data are stored in Ireland, EU. Your data may be processed in countries outside the EU by third-party service providers that help us operate (see section 3). We rely on data processing agreements (DPAs) with Standard Contractual Clauses (SCCs) to address cross-border transfers.

5. Data Security

DocuSeal Cloud services implement the Service Organization Control 2 (SOC 2) standard, which helps to ensure data security and privacy.

We employ strict security measures to safeguard your data from unauthorized access, disclosure, alteration, and destruction. This includes using encryption technologies, access controls, and secure network infrastructures. However, it's essential to understand that no security system is impenetrable. We continuously monitor for potential threats and update our security practices to address new risks. Nevertheless, the effectiveness of these measures also depends on your actions, so we encourage you to use strong passwords with 2FA, and exercise caution when sharing personal information.

6. Data Retention

Your personal information is retained only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting obligations. This retention period may vary based on the type of information and the nature of our relationship. Once the retention period expires or if you request deletion, we will securely dispose of or anonymize your data.

7. Your Rights

You have various rights regarding your personal data. These rights include:

To exercise these rights, contact us using the contact information provided at the end of this Privacy Policy. We will respond to your request in accordance with applicable laws.

8. Cookies and Tracking Technologies

A cookie is a piece of data that a website saves on a user's computer, which the user's browser sends back to the website whenever they return. We do not use cookies for tracking and analytics purposes.

Essential cookies are used to authenticate the user's login session and provide access to the services. Essential cookies are also used during the submission completion process to authorize the data input form and implement the necessary compliance and fraud prevention measures.

We do not use third-party tracking services to collect information about you.

9. Children's Privacy

Safeguarding the privacy of young children is of utmost importance. Our Services are not directed towards individuals below the age of 18, and we do not intentionally collect personal data from minors. If we discover that we have unintentionally obtained personal information from someone under the age of 18 without confirming parental consent, we will take appropriate measures to remove such information from our records. If you suspect that we may have any information from or about a minor under the age of 18, please reach out to us using the contact information provided at the end of this Privacy Policy, and we will strive to address and resolve the issue promptly.

By using the Services, you affirm that you are at least 18 years old and acknowledge that you must be at least 18 years old to create an account and/or purchase services through our website.

10. Gmail Integration

If you use the Gmail integration with DocuSeal, you will be asked to grant us permission to send emails from your Gmail account.

IMPORTANT: DocuSeal's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

We do not access your emails through your Gmail account. We use the granted access to your Gmail account to implement the emails sending from your connected email address.

11. GDPR

We may be collecting and using information from you if you are from the European Economic Area (EEA), and in this section of our Privacy Policy, we are going to explain exactly how and why this data is collected, and how we maintain this data under protection from being replicated or used in the wrong way.

GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have over their personal data.

The GDPR is relevant to any globally operating company and not just EU-based businesses and EU residents. Our customers' data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.

Learn more about how we implement GDPR here.

12. California Residents

The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.

We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:

If you would like to exercise any of these rights, please contact us.

We do not sell the Personal Information of our users.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, the regulatory environment, or the expanding functionality of our Services. When we make changes, we will notify you by updating the "Effective Date" at the top of this policy, and in some cases, we may provide additional notification such as displaying a prominent notice on our website. Changes to the policy will be effective as of the date specified in the notice. Your continued use of the Services after any changes or revisions to this Privacy Policy indicates your agreement to the terms of the revised policy. We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the ways you can protect your privacy.

14. Contact Us

We're committed to maintaining the confidentiality, integrity, and security of your personal information. If you have any questions, concerns, or comments about this Privacy Policy or our data handling practices, please do not hesitate to reach out to us. You can contact us using the following information:

DocuSeal, LLC
332 S Michigan Ave, Suite 121 #5896,
Chicago IL 60604

privacy@docuseal.com