Skip to main content

Retention and Deletion Policy

Effective date: April 28, 2026

Permissio, Inc.


1. Purpose

This Retention and Deletion Policy explains how Permissio, Inc. ("Permissio") retains, deletes, exports, and preserves data in connection with the Services.


2. Customer-Configurable Retention

Permissio allows customers to configure retention settings for categories of records, including:

  • Default retention periods for completed, voided, declined, and expired envelopes
  • Sandbox environment data expiration
  • Legal hold placement and release for specific envelopes or data sets

Available controls may vary by plan. Customers are responsible for selecting retention settings appropriate for their legal, regulatory, and business requirements.


3. Standard Retention Categories

Data categoryDefault retentionNotes
Completed envelopes and signed PDFs~7 years (2,555 days)Configurable shorter; legal holds block deletion
Voided, declined, and expired envelopes365 daysConfigurable shorter; legal holds block deletion
Account and workspace recordsWhile active, plus a reasonable period after terminationRequired for account administration, audit, billing, and dispute resolution
Audit logs and security logsRetained for security, legal, and compliance purposesMay be retained longer than envelope data
Billing recordsAs required for tax, accounting, and compliance obligationsMay be held by payment processor and Permissio
Support recordsRetained for support history, quality, and dispute resolutionMay include attachments submitted by customer
BackupsDeleted or overwritten under standard backup cyclesImmediate deletion from backups may not be technically feasible

4. Deletion Requests

Customers may request deletion through available product controls (Settings → Retention & Compliance) or by contacting support@permissio.us. Permissio will process deletion requests in accordance with this Policy, the Terms of Service, applicable law, technical constraints, active backup cycles, and any legal holds.

Individual signer or recipient deletion requests relating to Customer Content should be directed to the Customer, who controls that data. Permissio may coordinate with the Customer to fulfill such requests.


Permissio may preserve records beyond their standard retention period when required by law, subpoena, court order, legal claim, regulatory inquiry, security incident investigation, billing dispute, or active customer-initiated legal hold. Legal holds override retention settings for the duration of the hold.


6. Export

Customers should export needed records before terminating an account or deleting Customer Content. Export tools and formats may vary by plan and feature availability. Permissio is not responsible for data loss resulting from Customer's failure to export records before account termination or data deletion.


7. Sandbox Data

Sandbox data is subject to shorter retention periods, automatic expiration, suppression of real outbound emails and notifications, and other non-production controls. Customers should not use sandbox data as a system of record or rely on sandbox data for production evidence.


8. Signer and Recipient Records

Signer and recipient records are retained as part of the envelope record, audit trail, completion certificate, security log, and legal evidence package. These records support the integrity and admissibility of completed electronic signatures under ESIGN and UETA. Customers are responsible for selecting retention periods appropriate for their transactions and evidentiary requirements.


9. Limitations

Deletion may not immediately remove records from:

  • Already-downloaded files in customer or recipient systems
  • Webhook destinations, email recipients, or third-party systems controlled by Customer
  • Backup systems, until overwritten under standard backup retention cycles
  • Records that are subject to an active legal hold

10. Contact

Retention and deletion questions: privacy@permissio.us