DocuSign Trust Center
Your source for our latest security, compliance, legal, privacy and system performance information
Trust AlertsView System StatusTransparency is essential
DocuSign’s first priority is to make your experience safe and secure—and to ensure you have the information you need to feel comfortable transacting business online. That’s why we created the Trust Center: to give you access to the latest DocuSign security, compliance, legal, privacy, and system performance information, when and where you need it.
Trust resources
Third-party risk management
Learn MoreRead how third-party risk management teams evaluate e-signature solutions.
Are electronic signatures safe?
Read the postLearn how e-signatures are more secure than wet signatures.
Security and legal collaboration
Read the white paperLearn how successful teams work together to protect their organization from harm.
DocuSign compliance certifications
DocuSign meets or exceeds stringent US, EU and global security standards. Our commitment to and significant ongoing investment toward protecting customer data extends to all of DocuSign’s operating environments.
Alerts and updates
DocuSign has recently updated the Subprocessor List. To see relevant changes and access the updated list, please visit this page.
Should you have any questions, do not hesitate to contact us at privacy@docusign.com.
DocuSign has observed a new technical support impersonation themed phishing campaign through improper use of DocuSign. Report improper use of DocuSignaccounts directly through the envelope email notification Report Abuse link or through the DocuSign i-Sight portal directly via this link (https://docusign.i-sight.com/portal/reportonline?lang=en_US&theme=DocuSign).
The envelopes are sent from a variety of senders and associated email addresses, many with the public outlook.com domain. Here are some examples of common email notification subject lines:
MS Office 365
Windows Defender purchased Order
Order Successfully
Complete with DocuSign: Bot Content (90).html
Fire wall protection order successfully placed
NOTE: If you do not see activity matching the email notification when reviewing your DocuSign account, then the email is an imitation DocuSign attempt. Report imitation DocuSign attempts to spam@docusign.com.
As a reminder, do not click on any email or attachment links from unknown or untrusted senders. All customers are also reminded that they should continue their own due diligence, identify, and report suspicious activity, including fraud/illegal activity. See the Incident Reporting page (https://www.docusign.com/trust/security/incident-reporting) on our Trust Center for more information. Customers should also continue to utilize their own organization’s security tools to investigate potentially malicious documents, links and notifications.
For more information on how to spot phishing, please see our Combating Phishing and Protecting Your Organization Against DocuSign Brand Impersonation white papers.
The new Connect certificates for AU, CA, and EU are now published.
Please see the DocuSign Support Portal link here for further details on the new certificates and “Force” scheduled date.