Data Security and Privacy Statement
Overview
DocuSign Cloud for Jira uses AWS EC2, an Atlassian recommended cloud platform, for running the hosted service, AWS DynamoDB for data persistence and AWS Secrets Manager for storing private RSA Key of DocuSign application. We store only minimum amount of data on our database.
Â
Data Storage
In order to work properly, DocuSign Cloud for Jira need to store the following information:
·     DocuSign credentials
·     DocuSign default envelope configuration
·     DocuSign user’s ids
·     Basic information about signing documents (not whole documents)
Â
DocuSign credentials
In order for DocuSign Cloud for Jira to be able to authenticate with DocuSign platform, we need to store credentials such as API Account ID, Integration Key, Account’s Base URL and OAuth URL, which are stored in AWS DynamoDB. All that values are encrypted using encrypted key from AWS Key Management Service. We also store private RSA Key in AWS Secrets Manager.
Â
DocuSign default envelope configuration
We store user preferences about envelope configuration such as Anchor String, OffsetX and OffsetY, which identify default place of signature in documents. This is not mandatory to provide this information, it is kind of simplification of signature procedure.
Â
DocuSign user’s ids
In order to that every Jira user should have unique DocuSign account, we need to have some kind of bridge between these two types of accounts. Therefore, we store combination of Jira’s user id, e-mail, username and DocuSign’s user id to identify signer.
Â
Basic information about signing documents
The most important is that we don’t store signed documents in our database at all. We are some kind of proxy between Jira Attachments, where all documents are placed and DocuSign platform. After finishing signature procedure, we collect only basic information for signing history feature such as document name, signer name, signature date and status.