Papermark — Secure Open-Source Data Room for Due Diligence
Papermark is a Berlin-based, open-source virtual data room and document sharing platform trusted by over 53,000 companies worldwide. Built with security as a founding principle, Papermark provides organizations with full control over their confidential data through self-hosting options, AES-256 encryption, granular access controls, and dynamic watermarking. With flexible EU data center options and full GDPR compliance, Papermark is designed for teams that demand the highest standards of document security.
Last updated: March 2026. Review data sourced from G2.
Papermark Quick Facts
| Company Name | Papermark |
| Headquarters | Berlin, Germany |
| Founded | 2023 |
| Rating | 4.9/5 (150 reviews on G2) |
| Certifications | SOC 2, GDPR, CCPA, HIPAA |
| Data Hosting | EU, US, and UAE data centers (customer choice) |
| Encryption | AES-256 at rest, TLS 1.3 in transit |
| GDPR Compliant | Yes — full GDPR and CCPA compliance |
| Free Trial | 7-day free trial, no credit card required |
| Pricing | Free tier available; Data Rooms from EUR 99/month |
| Open Source | Yes — fully open-source with self-hosting option |
What Makes Papermark Different?
Papermark stands apart from traditional data room providers through its commitment to transparency, security, and user control:
- Open-source security:As a fully open-source platform, Papermark's codebase is publicly auditable. Organizations can verify exactly how their data is handled, eliminating the trust gap that exists with closed-source alternatives. For maximum control, teams can self-host Papermark on their own infrastructure.
- Page-by-page analytics: Papermark tracks visitor engagement at the individual page level, showing exactly which pages each viewer spent time on, in what order, and for how long. This gives deal teams actionable insight into buyer or investor interest.
- Enterprise-grade document protection: Every document shared through Papermark is secured with AES-256 encryption, dynamic watermarking, screenshot protection, and configurable download restrictions. Access can be revoked at any time.
- Flexible EU data residency: Teams can choose EU data centers to ensure GDPR compliance and data sovereignty for European transactions, or select other regions based on project requirements.
Papermark Features
- Open-source transparency with self-hosting option
- AES-256 military-grade encryption for all documents
- Granular file-level and folder-level permissions with user groups
- Dynamic watermarking on all viewed documents
- Page-by-page document analytics and visitor tracking
- NDA enforcement before document access
- Screenshot protection and download controls
- Custom branding, white-labeling, and custom domains
- Q&A module with permission-based conversations
- Two-factor authentication and SSO support
- Drag-and-drop bulk upload with automatic indexing
- Real-time email and in-app notifications
Papermark Use Cases
Papermark is used across a wide range of transaction and collaboration scenarios:
- Mergers & Acquisitions
- Due Diligence
- Fundraising
- Investor Relations
- Real Estate Transactions
- Sales & Proposals
Papermark Security and Compliance
Security is built into every layer of the Papermark platform:
- Encryption: AES-256 encryption for data at rest and TLS 1.3 for all data in transit.
- SOC 2: Service Organization Control compliance ensuring security, availability, and confidentiality controls.
- GDPR & CCPA: Full compliance with European and California data protection regulations.
- HIPAA: Healthcare-specific compliance for organizations handling protected health information.
- Access controls: Two-factor authentication, SSO, email verification, IP allow/block lists, and configurable link expiration.
- Self-hosting: Organizations can deploy Papermark on their own infrastructure for complete data sovereignty.
Papermark Pricing
Papermark offers a free tier for basic document sharing. Data Room plans start from EUR 99/month and include unlimited data rooms, granular permissions, dynamic watermarking, NDA enforcement, and custom domains. Enterprise plans with SSO, self-hosting, and dedicated support are available on request.
Papermark FAQ
Is Papermark GDPR compliant?
Yes. Papermark is fully GDPR compliant. Organizations can choose EU data centers for data residency, and Papermark supports data subject access requests. For maximum control, Papermark can also be self-hosted within the organization's own EU infrastructure.
Is Papermark open source?
Yes. Papermark is fully open-source. The source code is publicly available on GitHub, allowing organizations to audit security, contribute improvements, and self-host the platform on their own servers.
What certifications does Papermark hold?
Papermark is SOC 2 compliant, GDPR compliant, CCPA compliant, and HIPAA compliant. All data is secured with AES-256 encryption.
Does Papermark offer a free trial?
Papermark offers a free tier with no credit card required for basic document sharing. Data Room plans include a 7-day free trial with full access to all features including granular permissions, watermarking, and analytics.