Adobe electronic signature services additional privacy information
Last updated: March 08, 2022
The Adobe Privacy Policy describes the general privacy practices of Adobe’s websites and applications, including the Adobe Acrobat Sign electronic signature services. More privacy-related information for Adobe's electronic signature services is provided below.
What information does Adobe electronic signature services collect about me other than as described in the Adobe Privacy Policy? How is the information used other than as described in the Adobe Privacy Policy?
When using electronic signature services, the "sender" sends a document to the "signer." The signer may be required to provide personal information about him or herself in order to complete form fields and electronically sign the document. Adobe collects some of this information on behalf of the sender of the document and other information for the purposes of providing the electronic signature service.
Information collected on behalf of the sender: Where Adobe collects and uses information on behalf of the sender of the document (or the organization to which the sender belongs), the sender is the controller of this information. This may include, without limitation, information embedded within a document, collected via form fields, or other information regarding the signer’s access and use of the electronic signature service such as the date and time of a signature or transaction event, IP address, and other information about the browser or device used to send, sign, delegate, approve, or take other actions with respect to the document. For example, IP address is recorded as part of the “activity log” and/or "audit trail" that is linked to the electronically signed document. The activity log and audit trail are generally made available to senders, signers, and other “participants” in a document workflow and is retained according to the agreement between Adobe and the sender.
Additionally, a “sender” may elect to employ additional authentication methods to apply a more stringent standard for verifying the identity of a “signer.” For example, a sender may request that a signer take a photo for identity verification purposes and upload documents (such as a government-issued ID) that help the sender (not Adobe) verify the identity of the signer. To facilitate the sender's verification request, the signer may be asked to provide a mobile number to receive instructions on their mobile device.
For the photo verification feature, Adobe's third-party provider may create biometric information from your photo (e.g., facial recognition) to perform the identity verification. Adobe and the sender receive a confirmation of the verification from the third-party provider (e.g., verified or not verified). No biometric information is shared with Adobe or the sender, and the third-party provider deletes any biometric information created by the provider within 180 days after collection.
For the document upload feature, the sender will receive and store copies of the documents (e.g., government-issued ID) or images provided by the signer, and these may be stored in the audit trail along with the electronically signed copy of the document. If the sender requests that the signer’s identity be verified through other identity verification processes (challenge questions or SMS verification code), then additional information may be collected from the signer. As part of this process, information such as the signer’s identification details and answers to challenge questions may be passed through the Adobe electronic signature service. That information is used only to verify the signer’s identity on behalf of the sender. The documents and images uploaded during the authentication/identity verification process will be retained for as long as the sender retains the document in the Adobe electronic signature service.
By default, Adobe's electronic signature services send a copy of the electronically signed document to both the sender and the signer. The sender also controls how long documents are stored by Adobe and available to signer to access or download. The sender is responsible for configuring any security options available within the service to protect the documents and their exchange between the sender and signer.
Information collected by Adobe to provide services: Adobe collects information about how senders and signers use and access features and capabilities of the electronic signature services. We collect and use this information to operate, improve, and personalize the electronic signature services.
How do Adobe's electronic signature services let me share data other than as described in the Adobe Privacy Policy?
Adobe's electronic signature services may integrate with several other websites, including social networking websites such as LinkedIn and Facebook. These features allow senders and signers to log into the service using their accounts from the other websites. Also, senders may choose to link their Adobe accounts with another online document service or sales automation service that the sender may use, such as Salesforce.com or a third-party data storage provider. In those cases, note that some personal information of the sender and signer, as well as any documents signed or identity documents provided by the signer, may be stored in these other services (as well as on Adobe's servers). The Adobe Privacy Policy does not apply to information or documents processed or stored on non-Adobe systems.