Get Started with Datasite

Speak to our authoritative sales team, wherever you are in the world, and we’ll get you started in no time.

Contact Us

Security & Compliance

Trust, privacy, compliance and security are central to everything we do at Datasite. For over 25 years you have entrusted us with your most sensitive information. We take this responsibility seriously, continuously investing in industry-leading security across all aspects of our business.

Why do dealmakers trust Datasite?

Security Icon

Security

Know your data is secure with Datasite. We have embedded security at every level: platform, processes and people.

Privacy Icon

Privacy

For over 25 years you have entrusted us with your most sensitive information. We take this responsibility seriously, continuously investing in industry-leading security across all aspects of our business.

Compliance

Compliance

Datasite commits to the highest global standards to bring you the best in technology and security. Wherever you are in the world, we help you get your deal done right.

Security

Security Culture

Our company-wide organizational security policies and procedures include:

  • Regular and mandatory training for all employees in security awareness and data privacy.
  • All employees must adhere to Datasite's Code of Conduct and Confidentiality Agreements, and affirm these annually.
  • Software Engineering staff must also complete annual training in secure coding.
  • Annual testing of our security incident response. This includes external and internal notifications, escalation procedures and communications criteria.
  • Program to allow security researchers to find and inform us of vulnerabilities.
  • An Access Management Standard, based on roles and responsibilities, requires quarterly review and documented approval. In the event of termination, access is removed within 24 hours.
  • Infrastructure and application penetration testing conducted by an industry-recognized third party.
Physical Security
  • Datasite runs securely on Microsoft Azure.
  • Microsoft Azure has built-in data redundancy (i.e. multiple backups in multiple locations).
  • All Datasite locations are secured with key card access. Critical infrastructure components are additionally segregated.
  • Suppliers must be registered for access to office premises. Suppliers are always accompanied by Datasite personnel when on the premises.
Platform Security
  • User information, app data, and logs are stored and maintained separately.
  • Passwords are encrypted.
  • Events are captured, monitored, and actioned in real time.
  • Infrastructure penetration testing done by industry-recognized third party.
  • File destruction begins at 30 days post project closure and meets NIST 800-88 guidelines.
  • Platform data secured in transit using TLS 1.2 encryption.
  • Data at rest secured with AES 256 encryption.
  • Vulnerability scans conducted regularly.
Application Security

Every Datasite product is built around ironclad security. You can execute deals end-to-end without leaving the security and comfort of the project environment. Key features include:

  • One secure environment for all deal activity, including sourcing, marketing, preparation, due diligence, negotiation, closing, PMI and value capture. Data never leaves the secure space.
  • Application Code is regularly scanned through the deployment process to ensure any vulnerabilities are found.
  • Securely manage every phase of due diligence, including Q&A, analytics and redaction.
  • Give project subject-matter experts limited admin rights to upload and publish documents.
  • Protect documents from unauthorized copying with advanced watermarking.
  • Control access to content down to the word-level with embedded redaction.
  • Turn on, turn off, and update granular user permissions.
  • Set and verify permissions prior to inviting users to your project.
  • Manage permissions—whether real time or staged— by user, group, or document.
  • Utilize biometric security on mobile devices.
  • Change permissions for your users from your mobile device.
  • Control the content of your project access disclaimers, as well as how often they’re accepted.
  • Elect to set up single sign on (SSO) at an organization level to streamline and secure access to projects.
  • Opt for Multifactor Authentication (MFA) as an additional layer of identity verification to increase security.
  • Share content with reviewers securely, while maintaining full control over it via Information Rights Management (IRM).

Privacy

Data Privacy Statement

Datasite is committed to conducting its business in accordance with all applicable Data Protection laws and regulations and in line with the highest standards of ethical conduct. Datasite maintains policies that establish expected behaviors of its employees and contractors in relation to the collection, use, retention, transfer, disclosure and destruction of any personal data belonging to a Datasite user, employee or customer.

Information on how Datasite processes personal data can be reviewed here.

Global Privacy

Compliance

Compliance
  • Datasite products are ISO 27001 certified since 2007.
  • Datasite products are also ISO 27017 and 27018 certified.
  • Our infrastructure provider is ISO 27001 and SOC2 Type II compliant.
  • Datasite products obtain a SOC 2 Type II attestation on an annual basis.

 

  • Be Secure in Your Success

    We take this responsibility seriously, continuously investing in industry-leading security across all aspects of our business.