Your business is built on trust.
Ours is, too.

The only thing more critical than protecting your organization’s information is protecting your customers'. Both are our priorities.

Security and privacy

  • Data encryption in transit and at rest
    We work with external partners to independently audit our security architecture and controls. We engage regularly with a penetration testing firm to provide independent assurance that we stay up to date with security best practices.
  • Right-to-be-forgotten API
    We adhere to GDPR and CCPA regulations and provide a programmatic integration to remove all personally identifiable information.
  • Fine-grained authentication and authorization
    We support single sign-on and role-based access control, as well as SAML and SCIM via multiple identity providers, such as Okta, Microsoft Azure Active Directory, and more.


  • 99% uptime SLA
    We offer a 99% uptime service-level agreement with 24/7 uptime monitoring.
  • Natively built integrations
    All of our integrations use official APIs and conform to the terms of service of third-party providers, so you never need to worry about compromising data quality or privacy.


  • GDPR
    We comply with the General Data Protection Regulation, the European Union's law on data protection and data subject rights for EU residents.
  • CCPA
    We adhere to the California Consumer Privacy Act, the state's law on privacy rights and consumer protection for California residents.
  • SOC 2 Type 1 and Type 2
    Our SOC 2 Type 1 report demonstrates that we understand the necessary security procedures to safely handle customer data and our Type 2 report shows that we have upheld these standards over a set period of time.

We’re proud to be trusted by leading organizations of all sizes

rocket ship blasting off

Try Common Room for free

Start for free

Wanna learn more? Book a demo