CORE PRODUCT / 04
Data Rooms
Resilient collaboration environments where data remains policy-bound, revocable, and auditable across teams, partners, and external organizations.
A data room is the moment control usually breaks. The conventional approach copies sensitive files into a shared portal and trusts the perimeter around it. Lattix inverts that model. The policy travels with each document, enforcement happens at every interaction, and the audit record is anchored so it cannot be quietly edited after the fact. You share the data without surrendering authority over it.
Access to a Data Room is decided by attribute-based access control, not by a static invite list. Each request is evaluated in real time against who the subject is, when they are asking, the posture of the device they are on, and the network they connect from. A reviewer authorized on a managed laptop from an approved location does not retain that authorization when the same identity appears on an unmanaged device or outside the permitted window. Because the decision is recomputed on every interaction, revoking one attribute closes the door without touching any of the others.
SCOPING DIMENSIONS
- User attributes: role, clearance, organization, and group membership govern entry and visibility.
- Time windows: access is bound to a defined engagement period and expires without manual cleanup.
- Device posture: only endpoints meeting the required posture are permitted to render documents.
- Network scope: access can be constrained to specific IP ranges for sensitive engagements.
Sharing a document and controlling what happens to it are two different problems. Data Rooms keep structured collaboration inside the secure boundary so review, annotation, and approval do not require exporting content to less governed tools. The controls below operate at the platform level rather than relying on a viewer to behave.
Dynamic Watermarking
Every rendered document carries a watermark generated at view time, embedding the viewer's identity, a timestamp, and session metadata directly into the output. If a screen is photographed or a page is captured outside the platform, the resulting image still attributes the leak to a specific person and moment, which raises the cost of exfiltration and supports investigation.
Capture, Print, and Download Controls
Screen capture protection, print restrictions, and download permissions are enforced by the platform rather than left to policy on paper. An engagement can be set to view-only, allow controlled download under specific attributes, or block printing entirely. The same document can be made downloadable for one group and view-only for another within the same room.
Version Control and Diff History
Document revisions are tracked with full version history, so collaborators always work against a known state and reviewers can see how a document changed across the engagement. This removes the ambiguity of circulated file copies, where it becomes unclear which version a comment or approval actually referred to.
Permission Tiers
Collaborators are organized into groups with distinct permission tiers. Some members view the full document set, others see only specific folders, and auditors can be granted access to the complete activity log without being able to read the underlying document contents. The same room serves participants with materially different need-to-know without creating separate copies of the data.
Each control maps to a concrete enforcement mechanism and a defensible outcome. The point of the table is to show that these are operational guarantees with a place where they are applied, not descriptive labels on a feature list.
Every action inside a Data Room is recorded to an audit log anchored to the Lattix blockchain. The record captures document views with their duration, downloads, failed access attempts, policy changes, and session metadata. Anchoring the log makes it tamper-evident: an attempt to alter or remove a past entry breaks the cryptographic chain and becomes detectable, which is what separates an evidentiary record from an ordinary application log. Reports can be generated on demand or on a schedule, giving you a complete account of who accessed what, when, and from where without reconstructing it after an incident.
RECORDED EVENTS
- Document views captured with viewer identity and view duration.
- Downloads and the policy state under which each was permitted.
- Failed access attempts, retained as evidence of probing or misconfiguration.
- Policy changes and administrative actions taken on the room.
- Session metadata covering device, network origin, and timing.
Instant, Complete Revocation
When an engagement ends, access is revoked instantly and completely. Because documents are wrapped in a Lattix Passport that mediates every interaction rather than handed over as plain copies, revoking access closes off the underlying data wherever it was rendered. There are no residual copies to chase down and no lingering permissions that quietly survive the end of a deal or a review.
Non-Persistent Delivery
Data Rooms are built so that sensitive content does not accumulate in unmanaged endpoints over the life of an engagement. Delivery is mediated through the platform under live policy, so the working assumption is that authority can be withdrawn at any point rather than only at a scheduled expiry. This matters most during incident containment, when the ability to cut access mid-engagement is the difference between scoping a problem and absorbing it.
Data Residency Boundaries
Residency controls keep documents within specified geographic boundaries. This supports GDPR obligations, data sovereignty requirements, and export control regimes such as ITAR and EAR, where the location of data and who can reach it across a border is itself a compliance question. Residency is expressed as policy on the room, so a single product serves engagements with different jurisdictional constraints.
The same governed environment serves engagements where the cost of losing control over a document is high and the requirement to prove who saw it is explicit. Each of the following is a setting where policy-bound access and a tamper-evident record are operational necessities rather than conveniences.
M&A Due Diligence
Acquirers and advisors review sensitive financials and contracts under scoped, time-bound access, with watermarking and a complete log of who examined which materials during the diligence period.
Regulatory Examinations
Examiners are given visibility into exactly the records in scope, with every view and download captured to an anchored audit trail that demonstrates cooperation without over-exposing the organization.
Litigation Document Review
Counsel reviews discovery material inside the boundary, where download and print controls and a tamper-evident record support litigation holds and chain-of-custody expectations.
Classified Information Sharing
Material is shared under attribute-based controls and residency boundaries, so access reflects clearance and need-to-know and stays within permitted jurisdictions.
Third-Party Security Assessments
Assessors receive room access scoped to the evidence they need, with auditors able to inspect the activity log without reading the underlying sensitive contents.
Board and Investor Reporting
Board and investor materials are distributed view-only with per-recipient policy, so sensitive reporting reaches the right people without becoming an uncontrolled set of forwarded files.
Because access is decided per interaction and every interaction is written to a tamper-evident record, compliance becomes continuous rather than a point-in-time snapshot. The audit trail and residency controls map directly to the obligations these engagements carry.
Share Sensitive Data Without Surrendering Control
See how Lattix Data Rooms keep documents policy-bound, revocable, and auditable across teams, partners, regulators, and auditors. We can walk through a diligence, examination, or review workflow against your own access requirements.