Trust Center

Security, privacy, and compliance are foundational to DataRoom Snap. Here's how we protect your data.

Security Overview

Data Encryption
  • AES-256 encryption at rest via Supabase (PostgreSQL)
  • TLS 1.3 encryption in transit for all connections
  • Encrypted file storage for uploaded documents
Access Control
  • Role-based access control (Admin, Analyst, Viewer)
  • 18 granular permissions per role
  • SSO/SAML support (Okta, Azure AD, Ping Identity)
  • IP allowlisting per organization
Data Isolation
  • Row-Level Security (RLS) on all database tables
  • Organization-scoped data — no cross-tenant access
  • Separate storage buckets per organization
Audit & Compliance
  • Immutable audit trail for all actions
  • 7-year log retention for compliance
  • GDPR Article 17 right to erasure (one-click data deletion)
  • SOC 2 Type I in progress (expected Q2 2026)
AI & Data Privacy
  • Documents analyzed via Anthropic Claude API
  • Your data is NEVER used to train AI models (per Anthropic’s API Terms)
  • Analysis results stored in your org’s isolated database
  • No third-party data sharing
Infrastructure
  • Hosted on Vercel (Edge Network, 99.99% uptime SLA)
  • Database on Supabase (AWS us-east-1)
  • EU data residency available on Enterprise plan
  • Automated backups with point-in-time recovery

Compliance

SOC 2

In Progress

GDPR

Compliant

CCPA

Compliant

Anthropic API

Partner

Security Practices

  • Penetration testing (annual)
  • Dependency vulnerability scanning (automated)
  • Least-privilege access for all team members
  • Incident response plan with 24-hour notification SLA
  • Background checks for all employees with data access

Frequently Asked Questions

Have security questions?

Contact security@dataroomsnap.com

View Data Processing Agreement