How Kela protects your data, your documents, and your deals.
Kela has been independently assessed by a third-party auditor and meets the AICPA Trust Services Criteria for Security, Availability, and Confidentiality. Our certification demonstrates a verified commitment to protecting your data.
View Full Trust Center Start Free TrialTrust Center includes: security controls, subprocessors, incident history, and compliance documentation.
Kela is designed to handle the most sensitive financial and legal documents.
All files stored using AES-256 encryption. All data in transit is protected by TLS 1.3. Encryption keys are managed using envelope encryption with per-organization key derivation.
Granular per-user, per-folder permissions. Google SSO and TOTP-based multi-factor authentication are available for all accounts. Admin sessions use mandatory MFA.
Every action — views, downloads, logins, permission changes — is permanently logged with user identity, timestamp, and IP address. Logs are exportable as CSV at any time.
Every PDF rendered inside Kela is automatically watermarked with the viewer's name and IP address. Document leaks are instantly traceable to the individual who viewed them.
Deployed on Vercel's edge network with automatic SSL termination. Database hosted on Neon (PostgreSQL) with point-in-time recovery, automated backups, and geo-replication.
Require NDA acceptance before any user can access a data room. Configurable session timeouts and automatic log-outs protect access on shared or public devices.
We work with a limited number of vetted third-party providers. A complete and current list is always available at our Trust Center.
Found a security vulnerability in Kela? We take all reports seriously and respond within 48 hours. Please contact our security team directly — do not publish findings publicly before we've had a chance to investigate.