What access controls does Dataroom support?

Email verification (magic link or one-time code), password gates, domain and IP allow-lists, expiry windows, max-view counts, download disable, screen-share blockers, and on-the-fly revoke. All controls are per-link, per-room, or per-recipient. Customer-managed KMS keys available on Enterprise.

Log inGet started

Loading…

Log inGet started

Access control

Set the bar. Let the rest in.

Email verification, passwords, domain & IP allow-lists, expiry windows, max-view counts, screen-share blockers, and on-the-fly revoke. Every control is one toggle away - applied per link, per room, per recipient.

Get started See security

dataroom.corgi.com/share/lk_2j9hf2/settings

Legal folder policy

Series A room · recipient-specific

enforced

PreviewSend

Allowed

Blocked

Audit events

Policy controls

Email verification

Domain allow-list

IP allow-list

Watermark

Disable download

Session expiry

Access decision

Viewer admitted

admitted

maya@northwind.co matched the legal folder policy.

Email verified

admitted

maya@northwind.co

Domain rule

allowed

@northwind.co matched

Leak control

watermarked

Recipient email on every page

ChatGPT Claude Perplexity Gemini Grok

Capabilities

Everything you'd expect.No stitched-together tools.

Email verification

Recipient confirms ownership via magic link before content unlocks. One-time codes optional for high-stakes shares.

Password gates

Optional password per link. Strength rules enforceable workspace-wide. Reset-on-leak in one click.

Domain & IP allow-lists

Allow @summit.vc, deny everyone else. Office IP-only on the legal vault. Combine to taste.

Expiry & view limits

Auto-expire in 7 days. Cap at 5 views. Revoke at any time without re-sending.

Anti-leak controls

Disable downloads, disable copy, disable right-click, disable screen-share. Watermark every page.

Per-recipient policy

Same room, different access levels per recipient. Lead investor sees everything; analyst sees the public deck.

Built for security teams

What your security team asked you to never share by email.

Tamper-evident audit trail on every action
Per-link, per-room, per-recipient access policies
Per-tenant key isolation on Enterprise
Streaming audit log to Splunk / Datadog / Elastic
Customer-managed retention & deletion
Coordinated disclosure program with bounty

Access control plane

Link controls

Expiry + view caps

Encryption

AES-256 at rest

Audit stream

Datadog + Splunk

Retention

90 days custom

SSO

Okta enforced

Audit log

Immutable

FAQ

Quick answers.

Adjacent

Pieces that snap into this one.

Data rooms Document sharing Electronic signature Analytics Security overview Enterprise

Lock down what you share.

Get started See pricing

Loading…

Access control

Set the bar. Let the rest in.

Get started See security

dataroom.corgi.com/share/lk_2j9hf2/settings

Legal folder policy

Series A room · recipient-specific

enforced

PreviewSend

Allowed

Blocked

Audit events

Policy controls

Email verification

Domain allow-list

IP allow-list

Watermark

Disable download

Session expiry

Access decision

Viewer admitted

admitted

maya@northwind.co matched the legal folder policy.

Email verified

admitted

maya@northwind.co

Domain rule

allowed

@northwind.co matched

Leak control

watermarked

Recipient email on every page

ChatGPT Claude Perplexity Gemini Grok

Capabilities

Everything you'd expect.No stitched-together tools.

Email verification

Recipient confirms ownership via magic link before content unlocks. One-time codes optional for high-stakes shares.

Password gates

Optional password per link. Strength rules enforceable workspace-wide. Reset-on-leak in one click.

Domain & IP allow-lists

Allow @summit.vc, deny everyone else. Office IP-only on the legal vault. Combine to taste.

Expiry & view limits

Auto-expire in 7 days. Cap at 5 views. Revoke at any time without re-sending.

Anti-leak controls

Disable downloads, disable copy, disable right-click, disable screen-share. Watermark every page.

Per-recipient policy

Same room, different access levels per recipient. Lead investor sees everything; analyst sees the public deck.

Built for security teams

What your security team asked you to never share by email.

Tamper-evident audit trail on every action
Per-link, per-room, per-recipient access policies
Per-tenant key isolation on Enterprise
Streaming audit log to Splunk / Datadog / Elastic
Customer-managed retention & deletion
Coordinated disclosure program with bounty

Access control plane

Link controls

Expiry + view caps

Encryption

AES-256 at rest

Audit stream

Datadog + Splunk

Retention

90 days custom

SSO

Okta enforced

Audit log

Immutable

FAQ

Quick answers.

Adjacent

Pieces that snap into this one.

Data rooms Document sharing Electronic signature Analytics Security overview Enterprise

Lock down what you share.

Get started See pricing

Set the bar. Let the rest in.

Legal folder policy

Everything you'd expect.No stitched-together tools.

Email verification

Password gates

Domain & IP allow-lists

Expiry & view limits

Anti-leak controls

Per-recipient policy

What your security team asked you to never share by email.

Quick answers.

Can recipients still screenshot the doc?addremove

How does revoke work?addremove

Is there an SSO requirement?addremove

Pieces that snap into this one.

Lock down what you share.

Set the bar. Let the rest in.

Legal folder policy

Everything you'd expect.No stitched-together tools.

Email verification

Password gates

Domain & IP allow-lists

Expiry & view limits

Anti-leak controls

Per-recipient policy

What your security team asked you to never share by email.

Quick answers.

Can recipients still screenshot the doc?addremove

How does revoke work?addremove

Is there an SSO requirement?addremove

Pieces that snap into this one.

Lock down what you share.