DocuSign can share your personal information with its vendors, business partners, and in the event of a sale or merger of the company.
This analysis describes what DocuSign's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Your personal data, including account details and potentially document metadata, can be transferred to third parties for business operations and in corporate transactions, which may expose your information to entities whose privacy practices differ from DocuSign's.
Your personal information may be shared with DocuSign's service providers, joint venture partners, and acquirers in a corporate transaction, and these transfers occur without individual notification in most circumstances.
How other platforms handle this
We may share your information with third-party advertising partners to provide you with targeted advertising. We also work with third-party analytics providers who help us understand how users interact with our Services. These third parties may use cookies, web beacons, and similar tracking technolo...
We process personal data you provide to Oura to enable third party integrations, services, features, and offerings. For example, with your permission, our Services may integrate with third-party services like Google Health Connect and Apple HealthKit, or those of our partners. Oura takes measures to...
We may share your personal data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We may also share your personal data with advertising partners to display relevant advertising to y...
Monitoring
DocuSign has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share your personal information with third parties in the following circumstances: with service providers who perform services on our behalf; with business partners with whom we jointly offer products or services; in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business; and when we believe disclosure is necessary to comply with applicable law or legal process.— Excerpt from DocuSign's DocuSign Privacy Statement
(1) REGULATORY LANDSCAPE: GDPR Articles 13 and 14 require disclosure of third-party recipients and their categories at the time of data collection. CCPA requires disclosure of categories of third parties to whom personal information is disclosed. Sharing with business partners for joint offerings may require analysis of whether this constitutes a sale or sharing under CPRA, triggering opt-out rights. (2) GOVERNANCE EXPOSURE: Medium. The breadth of sharing categories, particularly with business partners for jointly offered products, warrants scrutiny as to whether adequate data processing agreements or joint controller arrangements are in place. Corporate transaction sharing is standard industry practice but requires careful data room controls and transition agreements. (3) JURISDICTION FLAGS: EU users have rights to know specific categories of recipients and may challenge transfers to third countries without adequate safeguards. California residents have the right to know categories of third parties receiving their data and, if sharing constitutes a sale or cross-context behavioral advertising share, to opt out. (4) CONTRACT AND VENDOR IMPLICATIONS: Vendor management teams should maintain a current inventory of DocuSign's disclosed sub-processors and business partners receiving data. Due diligence in any M&A context involving DocuSign as a target or acquiree should include a full data transfer audit. (5) COMPLIANCE CONSIDERATIONS: Organizations embedding DocuSign in customer-facing workflows should disclose DocuSign as a data recipient in their own privacy notices to meet transparency obligations under GDPR and CCPA.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Your personal data, including account details and potentially document metadata, can be transferred to third parties for business operations and in corporate transactions, which may expose your information to entities whose privacy practices differ from DocuSign's.
Your personal information may be shared with DocuSign's service providers, joint venture partners, and acquirers in a corporate transaction, and these transfers occur without individual notification in most circumstances.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by DocuSign.