Having adopted Scrive as our go-to service for digital signatures we need to integrate it into our Privacy documentation and work flow.
While most of the documents are of a contractual nature and so will get saved for other reasons it is worth noticing the following.
1) Data gets stored in Scrive even if the user does not sign the document, even if the document is never sent to them (kept as a draft). this data may include more sensitive info such as personnr.
2) Data gets stored in Scrive beyond what a user might expect (e.g. if they opened the e-mail, if they looked at the document)
3) Data might get distributed to third parties (e.g. Fortnox) or moved to other systems, e.g. exported to Drive
[X] Add Scrive to the [[https://se.wikimedia.org/wiki/Integritetspolicy/Personuppgiftsbitr%C3%A4desavtal|Personuppgiftsbiträdesavtal]] list.
[] Add an entry to [[https://se.wikimedia.org/wiki/Integritetspolicy/Registerf%C3%B6rteckning_och_rensningsrutiner|Registerförteckning och rensningsrutiner]].
[X] Ensure recipients are made aware of any personal data which gets stored by the system.