Docusign - Privacy Notice

[Sparweb]

Not sure how many engineers use this. Maybe some engineers use Docusign with their clients to handle authorizations and contracts online.
It's become a big thing of course since 2020. I have encountered it in many places, like banks and government offices recently.

Have you read their Privacy Notice?
Perhaps I'm being paranoid but there's some crazy stuff in there.

https://www.docusign.com/privacy/

Here's an excerpt that caught my eye:

Um, what "third country"?

If you're from Australia, Canada, or Israel especially, you should read it before you use it for your banking. The rules change drastically depending on the country you live in.

 

[phamENG]

Thanks for posting this, Sparweb. I use Docusign with my clients - it's helped a lot as I've had much more success in getting smaller clients to actually sign contracts in a reasonable amount of time. I'll have to look into some of that a bit closer...

 

[CWB1]

I've used it ~15 years now for signing all manner of legal documents. Docusign is like any other company, if their overseas help desk accesses your docs to resolve a problem then yes, those documents are subject to local law at both ends. This is why the big battery of mandatory corporate training usually includes not only anti-harassment, conflict of interest, ethics, etc but also ITAR and import/export compliance. As engineers many of us work on technology for non-govt industries which cannot legally be shared outside the US, even with colleagues working for our employer. Know the law, follow the law.

 

[Sparweb]

So I couldn't help myself and I fell down the rabbit hole for a while today.
[ul]
[li]Citibank (a bank based in the USA that does business internationally) says basically the same thing on their site.[/li]
[li]Bank of America (a bank based in the USA that does not seem to do much business outside the USA) is completely mute on the subject of sending their customer's data out of the USA. Perhaps because they don't. Maybe[/li]
[li]Bank of Montreal (a bank based in Canada that does business internationally) admits to similar things on their site, but also explains why. They provide the rationale and limitations to these transfers of personal data. Usually it's needed by a variety of 3rd party service providers, and they offer a heck of a lot of online services.[/li]
[li]Alberta Treasury Branch (a bank based in Canada that does business mostly in Canada) is extremely specific about how personal data can be transferred overseas. They list what country any personal data goes to, the reason, and when it's for 3rd party service providers or to fulfill legal obligations such as EU fintrack compliance.[/li]
[/ul]
So there are different levels of information that your bank may offer you. You may not actually know what they do with your data even if you go looking.

 

[Compositepro]

I've never used Docusign, but get occasional emails that are spam or viruses with docusign attachments. Although just last week I had a customer in Canada say that I could use Docusign to sign a document.