We care about data privacy and security and strive to keep our security practices on par with industry leaders. The article covers answers to the most frequently asked questions about data privacy and security.
- Where are users' board and account data stored?
- Miro maintains all production data within the EU (Ireland) and US (Virginia). Additionally, all data transfers conform to EU/US General Data Protection Regulation (GDPR) requirements under the Standard Contractual Clauses (SCCs).
The content we create is very sensitive and we don't want to share boards outside our Miro account. Is it possible?
- Miro Enterprise provides the following features to help you ensure team members can collaborate in Miro while maintaining security and privacy.
- Sharing policy allows you to set a list of trusted domain. Only users with emails in listed domains can be invited to your account.
- Link access controls allow you to disable users from sharing boards via a public link, ensuring only users who are part of your account can access specific boards.
- Domain control allows you to verify ownership of corporate domains and provides the control needed to maintain a centrally-managed Enterprise subscription.
Can anyone at Miro access my boards?
- No, without your request and permission no one can view your board content. Miro restricts access to the production environment to a limited number of IP addresses and employees.
Do you offer the same level of data protection to all of your users?
- We provide high levels of security to all users, no matter what plan they use. Enterprise plan users can leverage additional features, for example, SSO/SAML 2.0 and audit logs.
Does Miro comply with the then-current requirements under the General Data Protection Regulation (GDPR)?
- Do you have a bug bounty program?
- Yes, Miro has a private bug bounty program on HackerOne. If you'd like to participate, please, send a request to email@example.com specifying your HackerOne username and you will be invited to the program. Submissions for bounties are handled according to the program rules. Please, check the rules carefully before you submit a report.
To learn more about the security measures we take in Miro, visit this page on our website.