A data room NDA only matters if you can prove what was agreed and when. CAPLINK enforces consent at the room level: nobody — not even a re-invited investor — sees a single file until they've accepted your current confidentiality text.
You define the NDA text per data room. Most founders use a short mutual confidentiality clause; some legal teams plug in a longer template. Either way, the signed version is stored verbatim, alongside the signer's identity, IP and server-side timestamp.
When you update the text later, previous acceptances stay attached to the version they originally signed. You can prove to a court — or to your own counsel — exactly which wording each investor agreed to, even three rounds later.
All of this is GDPR-aligned: data stored in the EU, encrypted at rest, accessible only via row-level security policies. The consent log is part of the same tamper-evident audit trail that records every view, download and revoke action in the room.
Open a CAPLINK data room and your NDA is enforceable the moment your first investor clicks Accept.