Data room permissions explained: how to control who sees what

Permissions are what separate a real data room from a shared Google Drive folder. Here's how they work, which ones you actually need, and how to set them without overcomplicating it.

What is data room access

Data room access is the system that controls who can enter your virtual data room and what they can do once they're inside. It sounds simple. In practice, founders get it wrong constantly.

Without access controls, a data room is just a folder with a link. Anyone who gets that link can see everything. They can download it, share it, forward it. You have no record of who saw what. If something leaks, you don't know where it came from.

With proper access controls, you decide exactly who enters, what documents they can see, whether they can download files, and whether they need to sign an NDA before any of that happens. You can also revoke someone's access at any time - mid-conversation if you need to.

In the context of fundraising or strategic partnerships, access control is how you stay in charge of a process that involves sharing sensitive information with multiple external parties simultaneously.

Why this matters for founders
You might have three investors doing diligence at the same time. One is further along in the process than the others. Access controls let you show investor A your full financial model while investor B only sees your pitch deck and company overview. You're running one data room, not three separate email threads.

What are the three types of permissions

Across most data room platforms and document management systems, permissions fall into three broad categories. The exact labels vary by platform, but the underlying logic is consistent.

👁 View only

The person can open and read documents but can't download, copy, or modify anything. This is your default permission for most external parties - investors, potential partners, advisors at early stages. They see the content. That's it.

💬 Comment / annotate

The person can view documents and leave comments or questions, but still can't download or modify the source files. Useful in due diligence when you want a reviewer to flag questions directly in the document without you managing a separate email thread for every question.

✍ Full access / admin

The person can upload, modify, organize, and delete files. This is for your internal team members who are actively managing the data room. You should give this level of access to as few people as possible. Most founders give it only to themselves and one co-founder or trusted advisor.

Some platforms add a fourth level - download access - as a separate permission distinct from view-only. This lets you allow someone to see a document on screen but block them from saving a local copy. It's a useful middle ground when you want to share something without creating an uncontrolled copy that can be forwarded.

What are the 4 types of shared data in a data room

Not everything you put in a data room carries the same sensitivity. A useful framework is to think about your documents in four categories based on what they reveal and how much damage it causes if they end up in the wrong hands.

This framework helps you avoid the most common mistake: treating all documents the same. Your company overview and your cap table are not the same kind of information. They shouldn't have the same permission settings.

The four-type model also helps you think about sequencing. Early in a conversation, you share type 1 and type 2. As the relationship develops and trust builds, you open access to type 3. Type 4 usually only appears when you're close to signing something.

Why permissions matter in a startup context

Most founders underestimate this until something goes wrong. Here are the situations where getting permissions right is not optional.

When you're running multiple investor conversations at once

You don't want all investors seeing the same information at the same depth. Someone in the first meeting doesn't need your full financial model. Someone who's given you a term sheet and is doing legal diligence does. Permissions let you manage depth without managing separate data rooms for each investor.

When a potential partner is also a competitor

This is more common than people admit. Enterprise partners often operate in adjacent spaces. You want to explore the partnership, but you're not handing over your customer list or your product roadmap until there's a signed agreement. Permissions let you engage without overexposing.

When your team needs to be involved

Your CFO might need to manage the financial documents section. Your legal counsel might need to upload contracts. Your co-founder might need full access. You don't want to be the single point of control for every file update. User-level permissions within your own team let you delegate without losing oversight.

When a deal falls through

This happens. When it does, you need to revoke access cleanly and immediately. Without a permissions-based system, you have no way to do this. With one, it's one click. Every document they had access to becomes inaccessible instantly.

Common permission mistakes founders make

These are the mistakes that show up repeatedly. Most of them happen because founders are moving fast and don't stop to think about access design before sharing.

Giving everyone the same access level

The easiest thing to do is share one link with full access to everything. It's also the worst thing you can do. An early-stage investor who gets access to your full legal due diligence package before you've even had a second call didn't need that. A potential partner who can download your complete customer list before you have a signed NDA is a real problem.

Not using folder-level permissions

If you set permissions file by file, you'll miss one eventually. A new financial update gets uploaded and nobody remembers to set the right permissions. Use folder-level settings and let files inherit them.

Never revoking access

Someone who passed on your deal six months ago probably still has access to your data room if you never closed it. Go through your access list every 30-60 days and remove anyone who's no longer in an active conversation.

Forgetting about download controls

View-only is not the same as no-download. On many platforms, view-only still allows screenshots. On better platforms, you can block downloads specifically. Know what your platform does and doesn't block.

No NDA before sensitive access

You share a data room link, the person opens it, reads your financial model, and then decides not to proceed. They now have your numbers in their head with no legal framework around what they can do with that information. An NDA gate before access is a two-minute setup that creates meaningful legal protection.

Common scenario: A founder shares their full data room with a strategic partner who's also a potential competitor. The deal doesn't close. The partner now knows their pricing model, their key accounts, and their product roadmap. With proper permissions and a signed NDA, the founder would have had legal recourse. Without it, they have nothing.

How to set permissions in a data room

Here's a practical walkthrough of how to think about and configure permissions before you share your data room with anyone.

Step 1 - map out who needs access and at what depth

Before you touch any settings, write a simple list. Column one is the person or group. Column two is what they need to see. Column three is what they're allowed to do with it (view, download, comment). This takes 10 minutes and prevents most configuration mistakes.

Step 2 - set up your folder structure first

Create folders before you upload documents. A clean structure makes permission management much simpler. You set permissions at the folder level, not the file level. When you add a new document to a folder, it automatically gets the folder's permission settings.

A standard folder structure for a fundraising data room looks like this: Overview / Financials / Legal / Product / Team / Customers. For a partnership data room, you'd adjust based on what's relevant - sometimes Product and GTM matter more than Legal in early conversations.

Step 3 - configure access by user or group

Most VDR platforms let you create groups - "Seed investors," "Legal reviewers," "Strategic partners" - and apply permissions to the whole group at once. This is more efficient than configuring each user individually and reduces the risk of inconsistency.

In Ellty Data Room Plus plan, group visitor permissions let you manage cohorts of reviewers with consistent settings. For smaller processes, individual user permissions on the Data Room plan work fine.

Step 4 - add NDA gating before you share

If your data room contains anything sensitive - which it almost certainly does - add an NDA gate. The reviewer agrees to your confidentiality terms before they can access any documents. You get a timestamped record of their agreement.

Step 5 - generate unique links per person or group

Don't share one link with everyone. Generate a unique trackable link per user or per group. This is how you get meaningful analytics - you'll know that it was the investor from firm X who spent 45 minutes in your financials, not just that "someone" did.

NDA gating and watermarking

These two features deserve their own section because they're frequently misunderstood or skipped entirely.

NDA gating

An NDA gate is a step that appears before someone enters your data room. They have to agree to your confidentiality terms before they can see anything. The agreement is logged - you get a record of who agreed, and when.

This isn't a foolproof legal shield. But it's a meaningful layer of protection. If information is later misused, you have documented evidence that the person agreed to keep it confidential. Without it, you have nothing.

Most founders skip NDA gating for early-stage conversations where they're only sharing a pitch deck. That's reasonable. Once you're sharing financials, customer data, or detailed product information, turn it on. It takes less than five minutes to configure.

Dynamic watermarking

Watermarking adds visible text to every page of a document when someone views it - usually the viewer's email address and a timestamp. If they screenshot a page and share it, your watermark is on it. You know exactly who leaked it.

Dynamic watermarking is different from static watermarking. A static watermark is the same on every copy. Dynamic means the watermark changes per viewer - so each person who accesses the document gets a uniquely marked version.

This is a deterrent more than a technical block. A determined person can get around it. But most accidental or opportunistic leaks don't involve someone going out of their way to remove a watermark. It changes the calculus for a lot of people.

In Ellty, NDA gating and dynamic watermarking are available on the Data Room plan at $149 per month. These aren't extras - they're core to what makes a data room different from a shared folder.

Audit logs and access tracking

An audit log is a timestamped record of every action taken inside your data room. Who opened it. Which documents they viewed. How long they spent. Whether they tried to download something. Whether access was granted or revoked.

This matters for two reasons.

First, it gives you useful intelligence about the deal. If an investor spends 40 minutes on your financial model and then requests a call, you know what they're going to ask about. If a potential partner opened your data room three times in one day, they're engaged. That changes how you run the conversation.

Second, it protects you legally. If a confidentiality dispute arises, you have a timestamped record proving who accessed what and when. This is much more useful than trying to reconstruct events from email threads after the fact.

What a good audit log captures

• User identity (email, name) and access time
• Which documents were opened and for how long
• Page-by-page time tracking within documents
• Download attempts and whether they were allowed or blocked
• NDA agreement timestamp
• Any access setting changes made by admins

What most basic platforms miss

• Page-level analytics (they show document opens but not which pages were read)
• Session-level detail (multiple visits vs. single long session)
• Export functionality for audit records
• Alerts when specific documents are accessed

Ellty includes real-time notifications when someone opens your documents - useful when you're waiting to hear from an investor who said they'd review the room "this week." Audit logs with detailed access history are available on the Data Room Plus plan.

How Ellty handles permissions

Ellty is a pitch deck sharing, document analytics, and virtual data room platform. Here's what it actually does on the permissions side - without the marketing language.

What's included by plan

Where Ellty works well for permissions

• Granular per-user or per-folder permissions without technical complexity
• NDA gating before data room entry - configurable in minutes
• Dynamic watermarking on documents to track unauthorized sharing
• Real-time notifications when someone accesses specific documents
• Page-level analytics so you know exactly what reviewers are spending time on
• Trackable unique links per user - not one shared link for everyone
• No per-user pricing - your internal team accesses the same plan

Where Ellty's permissions have limits

• Audit logs with full export capability are only on the Data Room Plus plan
• Group permissions (managing cohorts of users) also require Data Room Plus
• Very large processes with thousands of documents and complex user hierarchies may need a more enterprise-grade tool
• Always verify current security certifications directly on Ellty site - don't rely on third-party summaries including this one

For most seed to Series B fundraising and partnership conversations, the Data Room plan at $149 per month covers what you need. You get the permissions features that matter without paying for enterprise infrastructure you won't use.

Frequently asked questions

What are the three types of permissions in a data room?

The three core permission types are view only (the person can read documents but not download or modify them), comment or annotate (they can read and leave notes but not change source files), and full access or admin (they can upload, edit, and manage files). Some platforms add download access as a separate tier distinct from view-only, making it effectively four levels. For most startup data rooms, you'll use view-only for all external parties and full access only for your internal team.

What is data room access and how does it work?

Data room access is the system that controls who can enter your virtual data room and what they can do once they're inside. You set it up by inviting specific users or generating unique trackable links. Each user or link can be assigned a permission level (what they can see and do), and many platforms let you add additional controls like NDA gating, download blocking, and link expiry. When someone's access needs to be revoked - say, a deal falls through - you remove their access and they immediately lose the ability to view any documents.

What are the 4 types of shared data in a data room?

A useful framework breaks data room content into four sensitivity types: public or promotional content (pitch decks, company overviews - low sensitivity), operational content (org charts, high-level roadmaps - medium sensitivity), financial content (P&L, financial model, cap table - high sensitivity), and legal or confidential content (customer contracts, employee agreements, IP filings - very high sensitivity). Each type should have different permission settings. Don't treat your financial model the same as your company overview.

Do I need an NDA before giving someone data room access?

It depends on what you're sharing. For early-stage conversations where you're only sharing a pitch deck and company overview, most founders skip the NDA - it can feel like friction before a first meeting. Once you're sharing financials, customer data, or detailed product information, an NDA gate is worth configuring. It takes a few minutes and creates a timestamped record of the reviewer's agreement. If a dispute arises later, that record matters. For strategic partner conversations - especially if the partner is in an adjacent market - get the NDA in place early.

Can someone download documents from my data room even if I set view only?

It depends on the platform. Some platforms that say "view only" still allow users to take screenshots or use browser tools to save content. Better VDR platforms have a specific download block setting that's separate from view-only access. They may also restrict print-to-PDF and similar workarounds. Dynamic watermarking is an additional layer - even if someone manages to save a copy, your watermark (with their email and timestamp) is on every page. Check your specific platform's documentation to understand what view-only actually prevents.

What is dynamic watermarking and do I need it?

Dynamic watermarking stamps each viewer's identifying information (usually their email address and a timestamp) on every page of a document when they view it. It's different from a static watermark because the mark changes per viewer - so each person who accesses your documents gets a uniquely marked version. If someone screenshots your financial model and shares it, you'll know exactly who did it. You don't absolutely need it for every document, but for anything sensitive - financials, customer data, proprietary technology details - it's a meaningful deterrent that takes seconds to enable.

How do I revoke data room access when a deal falls through?

In any reputable VDR platform, you go into the access settings, find the user, and remove or deactivate their access. It takes about 30 seconds. Their link or login immediately stops working - they won't be able to open any documents even if they have the URL saved. This is one of the core reasons to use a proper data room instead of a Google Drive link. With a shared Drive folder, removing access is less reliable and you often can't be sure a local copy doesn't exist. With a VDR, the access revocation is clean and immediate.

What is an audit log in a virtual data room?

An audit log is a timestamped record of every action inside your data room - who accessed it, which documents they opened, how long they spent, whether they tried to download anything, and when. It's useful for two things: understanding engagement (which investors are actively reviewing your materials and which aren't), and legal protection (if a confidentiality issue arises, you have documented evidence of exactly who accessed what and when). On Ellty, full audit log export is available on the Data Room Plus plan.

Can I set different permissions for different folders in the same data room?

Yes, on most proper VDR platforms including Ellty Data Room plan, you can set permissions at the folder level. This means investor A might have access to your Overview and Financials folders but not your Legal folder, while your co-founder has access to everything. Set permissions at the folder level rather than per file - it's easier to manage and you're less likely to accidentally misconfigure a newly uploaded document. When a file goes into a folder, it inherits the folder's settings automatically.

Is Ellty suitable for managing data room permissions during fundraising?

For series A to Series B fundraising processes, yes - Ellty handles the permission features that matter most: granular folder and user-level permissions, NDA gating, dynamic watermarking, download controls, and real-time analytics on who's reading what. The Data Room plan at $149 per month includes three users and covers most founder use cases without per-seat pricing. If you're running a large institutional fundraise with complex multi-party legal diligence, a more enterprise-focused tool might be worth evaluating. Ellty is most useful when you want to get set up fast, keep costs straightforward, and have clear visibility into how your documents are being engaged with.

The short version

Permissions are not a nice-to-have. They're the difference between sharing information intentionally and losing control of it. Set up folder-level permissions before you share anything. Add an NDA gate when the documents get sensitive. Use unique trackable links so you know who's engaged. Revoke access the moment a conversation ends. None of this is complicated - it just has to be done deliberately.