Privacy Policy
Last updated: January 17, 2026
This policy explains what information is handled by Retained on Record and how it is used to provide the service.
The firm using the service controls the content entered and sent to clients.
Information handled
- Firm and staff account details (for example username and firm name).
- Client contact details entered by the firm (for example name and email).
- Engagement workflow data (for example link tokens, timestamps, and audit events).
- Payment status and related identifiers required for reconciliation.
- Documents generated by the service (for example PDFs and retained packet ZIP files).
How information is used
- To deliver client links, signatures, and retained packet evidence.
- To operate audit logs and event timelines for evidentiary purposes.
- To troubleshoot issues and improve reliability and security.
Third-party services
Depending on configuration, the service may interact with third parties such as payment providers,
electronic signature providers, and object storage for generated documents.
Security
Access is restricted to authenticated staff, and sensitive actions are recorded in audit logs.
Firms should use strong passwords and limit staff access appropriately.