# Configure NDA and Access Controls

Sprinto’s Trust Center allows you to enforce security and privacy controls around access to sensitive documents. This includes NDA enforcement, visibility toggles, and document access validity settings. These configurations ensure that sensitive content is shared only with authorised users under predefined terms.

This article explains how to configure these controls using the **Configuration** tab. Here's a short video on how to set up NDA in Trust Center.

{% embed url="<https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FHnvcffP8i2ETK8Xzesrl%2FSetting%20Up%20NDA%20in%20the%20Trust%20Center.mp4?alt=media&token=4fe771e3-e8ae-432d-8989-bd7e1e934df8>" %}

***

### Step 1: Set Up NDA for Restricted Items

1. Navigate to the **Configuration** tab of your Trust Center.
2. Locate the **Configure NDA for Restricted Items** section.
3. Click the **arrow icon** to open the drawer.

#### Option A: Use Sprinto’s Default NDA

* Select **Use Sprinto NDA template**.
* Fill in required fields such as governing law, company name, and counterparty.
* Agree to the terms and click **Enable NDA**.

#### Option B: Upload Your Own NDA

* Click on **Upload NDA**.
* Select a PDF version of your own NDA document.
* Click **Enable NDA**.

{% hint style="info" %}
Once enabled, any visitor requesting access to restricted documents must sign the NDA before proceeding.
{% endhint %}

***

### Step 2: Set Document Access Validity

1. Scroll to the **Access Validity** section.
2. Set a default expiry duration for all document access links (e.g., 7 days).
3. Click **Save**.

This ensures access is automatically revoked after the configured duration.

***

### Step 3: Configure Document Visibility Defaults

1. Scroll to the **Document Access Visibility** section.
2. Enable or disable default visibility for each category of documents.
3. You can override these settings per document if needed.

***

### Step 4: Create Private Trust Centers (Optional)

Private Trust Centers are locked views restricted to specific stakeholders.

1. Click on **Private Trust Center** within the Configuration tab.
2. Define the Trust Profile name.
3. Configure its sections (overview, documents, policies, etc.).
4. Whitelist users or email domains allowed to view it.

This is ideal for region-specific, customer-specific, or confidential information.

***

By enforcing NDAs and access controls, your Trust Center ensures that sensitive security and compliance information is shared securely and responsibly.