FLEX Account
Data Room Login
Free trial
Contact us
drooms-mobile-menu
security

Drooms is fully compliant with the GDPR.

Data protection & IT security

Contact us for further information
Download Factsheet

Drooms is fully compliant with the GDPR

You trust us with your confidential documents and we take that responsibility seriously by safeguarding your data using the highest security standards and handling protocols available. Drooms is GDPR compliant and always puts the privacy of its customers first. Our dataroom software solution is continuously audited to ensure that we adapt to new technologies as they develop. We also work to keep improving our internal processes for handing your sensitive data.

What is the GDPR?

  • The data protection regulation is an EU regulation with the aim to protect personal data
  • It came into effect in May 2018 and replaced the Data Protection Directive 95/46/EC as well as all regulations of single EU countries.
  • The GDPR applies to all companies based in the EU, but also to companies based outside the EU if they have a branch in the EU or process personal data of EU residents.
  • Personal data is any information leading to a person's identification e.g. name, email adress, ID number, location data, income and bank details, health information and IP address

For any questions or if you need more information please contact our Data Protection Team via: dataprotection@drooms.com

Maximum security and GDPR compliance with Drooms

Measures taken to protect data from unjustified modification, processing or loss:

  • Drooms ISO 27001:2013 and 27018 certified
  • Drooms GmbH fulfills the requirements of the GDPR and is as an organization as well as software GDPR compliant. The data protection report from our Data Protection Officer can be found here
  • Maintenance of servers is taken care of by Drooms GmbH in Frankfurt alone
  • Technical and Customer Support Services directly carried out by Drooms GmbH
  • Regular penetration tests are carried out to assess data security
  • High availability server solutions
  • Detailed real-time analytics down to a single document page
  • Individual granting of review, print, and/or storage authorisations on the user and document level
  • Multi-factor authentication process with PIN and SMS
certificates-security
certificates-security-

How we encrypt all data

At Drooms all data transfers are completed via TLS connections only and get encrypted with AES 256-bit.

Where we store all data

The provision of the contractually agreed data processing takes place exclusively in the EU or Switzerland. Any transfer to another third country requires your consent.

Limit access by IP filtering

The possibility to limit data room access at group level to specific devices with specific IP addresses is available. This ensures the data room is only accessed via a specific company network for example.

Data confidentiality

Two factor authentication and access controls are just some of the ways clients have autonomy on how and whether their data is kept.

Vulnerability management

Drooms performs internal vulnerability scans and safety tests. In case of an emergency our disaster scenario plan guarantees that data remains unaffected.

External security audits

As an ISO 27001: 2013 certified company, Drooms GmbH regularly carries out external and internal security audits to ensure safety and comply with regulations.

DROOMS CHECKLIST

Download the GDPR data room provider checklist and find out how committed your cloud service provider is.

Get free checklist

Data room user rights

Sophisticated user rights management and dynamic, personalised watermark for printed documents as well as option to disable "Print-screen" key.

IP Filtering

Limit data room access at group level to specific devices with specific IP addresses.

Data privacy made in Germany

Drooms continues to keep data accurate and secure with a system stability/availability of 99,9% per year. No installation of additional plug-ins required due to proprietary technology.

Personal data

The customer is master of its data. Drooms is a processor and processes your data solely on your instructions and only for the purpose regulated in the contract.

Processing activity

Drooms offers a complete activity reporting of all users in the data room (document access, length of stay etc.) in real-time.

GDPR

Security

Drooms continues to keep data accurate and secure with a system stability/availability of 99,9% per year. No installation of additional plug-ins required due to proprietary technology.

Read more on our blog

Have questions?

Ask us!

By clicking "Submit", I agree to be contacted by Drooms GmbH or Drooms AG via e-mail or telephone (if provided) in order to process my request and in accordance with Drooms' privacy policy.
Solutions
Solutions
Use cases
Use cases
About us
About us
Careers
Resources
Resources
Your account
Your account
Twitter Linkedin Youtube Instagram
drooms-dataroom-grey
Copyright © 2023 by Drooms
Legal notice
Privacy policy
FLEX Account
Data Room Login
Free trial
Contact sales