We care about data privacy and security and strive to keep our security practices on par with industry leaders. Read our most frequently asked questions about data privacy and security.
Where is Miro data stored?
Under EU Data Center Residency, the compute infrastructure and all Customer Content (production data, backup data and metadata) is hosted within the EU by default. Learn more about Data Center Residency.
The content we create is very sensitive. How do we make sure we don't share boards outside of our Miro teams?
Miro Enterprise provides the following features to help you ensure team members can collaborate in Miro while maintaining security and privacy.
- Sharing policy allows you to set a list of trusted domain. Only users with emails in listed domains can be invited to your subscription.
- Link access controls allow you to disable users from sharing boards via a public link, ensuring only users who are part of your subscription can access specific boards.
- Domain control allows you to verify ownership of corporate domains and provides the control needed to maintain a centrally-managed Enterprise subscription.
Can anyone at Miro access my boards?
No, without your request and permission no one can view your board content. Miro restricts access to the production environment to a limited number of IP addresses and employees.
How do I make sure that only I have access to my board?
Learn how to create a private board. You can always check who has access to your board on the board share dialog.
Do you offer the same level of data protection to all of your users?
Yes, regardless of which Miro plan rest assured your data is securely managed and held. With TLS 1.2 or higher for transit and AES 256 at rest, in compliance with GDPR and CCPA standards, your data is secured to the highest levels at no additional cost.
For advanced security, privacy, and administrative controls, please contact us to learn more about Miro Enterprise.
Do you sell data to third-party vendors?
No, we do not sell our user data as stated in our Privacy Policy.
Does Miro comply with requirements under the General Data Protection Regulation (GDPR)?
Yes, please check our Privacy Policy for more information.
Where can I download the SOC3 report?
Read and download our System and Organization Controls Report (SOC 3).
I need my clients to allow access to my Miro board but their firewall may block it. How do they allow access?
Learn how to add Miro to allowed domains.
Where can I access legal information about Miro?
You can find our Terms of Service, Privacy Policy, Data Processing Addendum (DPA) and Cookies Policy in the Miro Trust Center.
Do you have a bug bounty program?
Yes, Miro has a public bug bounty program on HackerOne. If you'd like to participate, please visit the Miro HackerOne program page. Submissions for bounties are handled according to the program rules. Please check the rules carefully before you submit a report.