How to Share an Interactive Board Report With Your Directors (Securely)

Last updated: June 2026

TL;DR: A board deck is read in the meeting; a board dashboard gets used after it. If you email a flattened PDF board pack, you freeze one view and then lose control of it — it sits in eight directors' inboxes and gets forwarded to their EAs. If you use a portal that converts your HTML to PDF, the interactivity dies on arrival. The third way is to share the live board report through a secure viewer that renders the HTML with its JavaScript running, stamps a per-director watermark, tells you which directors read it before the meeting, gates sensitive material behind confidentiality, and revokes after the cycle. On Peony, an .html board report renders natively with JavaScript executing inside that control layer — at the Data Room tier ($52/admin/month), not Enterprise.

Quick answer: Export the board report as a self-contained .html, upload it to a viewer that renders HTML live, turn on a dynamic per-viewer watermark, gate the sensitive sections with an NDA or confidentiality acknowledgement, send one tracked link per director and observer, watch who opens it before the meeting, and set the link to expire after the cycle. The board drives the live report; you stay the gatekeeper.

I'm Deqian Jia, co-founder of Peony, a data room company. I spend most of my time on how files actually render and move between two parties, and over the last year a particular deliverable has changed shape in front of me: the board report. It used to be a slide deck. Now, more and more, founders and CFOs build an interactive board report — a live KPI dashboard, a cohort and runway scenario model, a "drive-it-yourself" view where a director can flip the assumptions themselves — and increasingly the thing is AI-built HTML, generated in Claude or GPT, that runs in the browser. Then they hit the wall this whole post is about: how do I get the living thing in front of my board without either killing it or losing control of it?

That second half matters more here than almost anywhere else. Board material — the real numbers, the comp discussions, the litigation update, the M&A approach you haven't told the team about — is some of the most sensitive data a company holds. It deserves identity-bound control, not a PDF in a reply-all chain. I run Peony, a data room company, so I see both failure modes land in support: the CFO who PDF'd their board dashboard and got "the scenario toggle doesn't do anything" back from a director, and the founder who realized the board pack they emailed had been forwarded to two EAs and an outside advisor nobody had cleared. This post is the playbook I'd give either of them. It's written to be useful even if you never touch Peony — I'll be explicit about where a free public link or a dedicated board portal beats us, and where they don't.

Why does my board report break when I email it as a PDF?

Because an interactive board report is an app, not a picture, and a PDF can only carry a picture. The whole value of the report is that a director does something to it — stretches the date range, flips the base case to the downside case, drills from "ARR" into the cohort that's dragging it — and the charts recompute in front of them. A PDF or a screenshot freezes exactly one of those states. Everything that made it a dashboard is gone: the inputs are dead, the recomputation never fires, the drill-downs are flat images. You spent the effort to build a tool your board could explore between meetings, and you mailed them a photograph of it.

This is the spine of the whole post: a board deck is read in the meeting; a board dashboard gets used after it. The reason the interactive format is worth the trouble is precisely that directors engage with it on their own time — the audit-committee chair who reruns your covenant headroom at 11pm, the operator-director who wants to see the sales-efficiency cohort you glossed over. Flatten it to a PDF and you've thrown away the entire after-the-meeting half of its life. Most people reach for the most inert format they can — "PDF it, to be safe" — and that instinct is exactly backwards for an interactive deliverable. You don't make the report safer by killing it; you make it useless while it's still leaky as a file. Flatten only when the value survives flattening — a finished chart, a prose CEO letter, a signed resolution can flatten freely. A live dashboard, a runway model, anything the board is supposed to drive, has to stay live.

Can I send a live board dashboard to directors without emailing a PDF to everyone?

Yes — and avoiding the email attachment is the single highest-leverage change you can make. The default board-pack workflow is an email with the deck attached, sent to the whole board at once. Think about what that actually creates: one frozen copy, replicated into every director's inbox, outside any system you control. From there it gets forwarded to executive assistants who format calendars, to a director's personal account, sometimes to an outside advisor — each hop invisible to you. You cannot tell who opened it, you cannot tell who forwarded it, and you cannot pull any of those copies back. For the most sensitive document the company produces, that is a remarkable amount of lost control to accept by habit.

The way out is to bind the view to each named director instead of attaching a file to a thread. Send one tracked, personalised link per director and observer, put the live report behind it, and now every open is attributable to a specific person — and there is no detached copy to forward, because they hold a permission, not a file. You get the interactivity of a live report and the control of a private channel, which most people assume you can't have at once. You can, if the viewer renders HTML live and wraps per-viewer control around the running render.

Are free public-link tools like ShareDuo and Stacktree good enough for a board report?

For a genuinely non-confidential link, they're good — credit where it's due. ShareDuo and Stacktree are real public/unguessable-link sharing tools: fast, free or cheap, no login required for the recipient, with a password and an expiry date. Stacktree even has an MCP publish flow with update-in-place, which is handy when you're iterating a draft — you push a new version and the link shows the latest without re-sending. If what you're circulating is a board-approved metric you'd publish anyway, or a rough draft you want one trusted advisor to glance at, a public-link tool is the fast, correct answer, and I won't pretend a data room is somehow "better" for that job.

Where the public-link approach stops being enough is the exact thing a board pack is: confidential, and tied to specific people. A public link, by design, can't bind the view to a named director, can't stamp a per-director watermark, can't gate on a confidentiality acknowledgement, can't tell you which directors read it, and can't be revoked for one departing board member while staying live for the rest. Those aren't nice-to-haves for board material — they're the whole game. So the honest split is: a public link for a non-sensitive share; an identity-bound viewer the moment the report carries the company's private numbers. Peony's edge over a public link is precisely that list — bind the view to a named director, watermark per director, see who actually read it before the meeting, gate confidentiality, and revoke. The mistake is using a public link for the board pack because it was the tool already open in your browser.

How do I keep the board report interactive AND keep control of it?

Use a viewer that renders the HTML live — executing the JavaScript in each director's browser — and that wraps per-viewer control around that same render. This is the one capability that decides whether your report survives the trip. Peony renders .html/.htm natively with the JavaScript actually executing, so a KPI dashboard, runway model, or scenario tool runs for your directors exactly as it ran for you — it is not flattened to a PDF or an image. Most tools do the opposite: they reject HTML or convert it to a static document, and the app dies in the conversion. That difference is the reason this post exists, and it's worth checking before you commit to any "secure" board channel, because a lot of them quietly flatten.

What makes the live render useful rather than just clever is the layer traveling on it. The same report that's running for a director is simultaneously carrying a per-viewer dynamic watermark, sitting behind an optional confidentiality gate, respecting granular per-file and per-link permissions, generating page-level analytics, and one click from instant revoke. The live app and the control aren't two things you bolt together — the control rides on the running render. As far as I know, live-render-plus-per-viewer-control on the report itself is unusual; most tools give you one or the other. This is also where this post differs from its sibling on sending a live dashboard to a client: that one is a consultant handing a dashboard to an external client; this one is an executive handing a report to the board, where the counterparty is a fiduciary, the material is governance-sensitive, and "who read it before the meeting" is a different and sharper question. Same live-render mechanics, different stakes.

How do I watermark a board report so a leak points back at the director who leaked it?

Turn on a per-viewer dynamic watermark — one that burns the specific director's name, email, and a timestamp onto the live render, not a generic company logo in the corner. Because each director sees their own identity stamped across the report while they use it, any screenshot or phone photo of the screen carries that identity with it. A leaked image points straight back at the person who leaked it.

Be precise about what this does and doesn't do: no tool can stop a person photographing their own screen with a phone — that's the analog hole, and anyone claiming to block it outright is overstating. A dynamic watermark makes the capture self-incriminating rather than impossible — it's deterrence and attribution, not prevention. On the desktop, screenshot protection deters the easy in-app capture; on mobile, Screenshield blocks screen capture and recording on supported devices. None of these are magic, and I won't pretend otherwise, but for a board pack the deterrence is the point: a director who knows their name is stamped across every page thinks twice before forwarding a screenshot, and if material does leak, you're not guessing who held it. On Peony, dynamic per-viewer watermarks live on the Data Room plan at $52/admin/month, and desktop screenshot protection starts on Business at $30/admin/month.

How do I know which directors actually opened the report before the meeting?

Share through a tracked link and read the page-level analytics — that's the mechanism. An emailed PDF and a single public URL are both anonymous by construction: the whole board can receive them and you learn nothing about any of them. One tracked link per director flips that, so every open is tied to a named person, and page-level analytics tell you which directors opened the report, when, how long they stayed, and which sections they lingered on.

For a founder or chief of staff running a board cycle that's real signal, not a vanity metric. You want to walk in already knowing who has read the pack and who hasn't — the director who reopened the runway scenario three times is ready to go deep, and the one who never clicked the link you sent four days ago is the one you'll need to walk through it live. It also quietly retires the awkward "did everyone get a chance to review the materials?" round-robin at the top of the meeting. Pair the analytics with per-director watermarks and one board report becomes several accountable, measurable pre-reads instead of one attachment you fired into eight inboxes and hoped for the best.

How do I revoke directors' access to the board report after the cycle ends?

Share the report as a permission you grant, not a file you hand over — then closing out the cycle is a setting you flip, not a cleanup you chase. When the report lives behind a tracked link in a secure viewer, ending access is one click: you revoke the link and the report goes dark for everyone immediately. There's no "please delete the board pack you have" email, because no director ever held a detached copy — they held a permission, and you just took it back. If a director rotates off the board mid-cycle, you revoke that one person without touching the rest.

You can also let the link close itself. Set a link expiry for shortly after the meeting and the report stops rendering on its own, with the option to kill it early if something changes. This is the part the email-PDF and public-link workflows simply can't touch: a PDF you emailed is a copy every director keeps forever, and a public link you pasted stays live until you remember it exists and go hunting for where you posted it. A revocable, expiring link is board-cycle hygiene by design. If you also want the full solution context — board books, observer access, committee materials — that's what the board communications solution page is for; this post is the how-to complement to it.

My board report is AI-built HTML from Claude or GPT — how do I share that with directors?

Share it through a viewer that runs the HTML rather than converting it, and you keep the whole AI-built report alive for the board. More and more of the board reports I see are generated by Claude or GPT as a self-contained .html file — the founder describes the metrics, the AI produces a working interactive dashboard, you wire in the real numbers, and you have a drive-it-yourself board report in an afternoon. The catch is the same one as before: most channels flatten it. A viewer that renders .html natively with the JavaScript executing keeps the AI-built report interactive; a viewer that converts to PDF kills it on arrival.

Peony's edge here is twofold. First, the live render: the AI-built report actually runs for each director, watermarked and tracked, instead of arriving as a flat PDF. Second, there's a publicly available MCP server that's bidirectional — an AI agent can read a room's contents and push an artifact into the room. In practice that means you can build the board report in Claude, install the Peony MCP, and push the finished artifact straight into a watermarked, gated, revocable room without leaving the chat. (Stacktree, to be fair, has its own MCP publish flow for the public-link case — the difference is what wraps the result.) And if you ever need to go further, on the Enterprise tier you can connect your own GPT, Claude, and Gemini under zero-retention, permission-scoped, audited access — every AI query and document open logged — though a founder sharing a board report each cycle is nowhere near needing that. For the broader question of letting AI output into sensitive material safely, our companion post on securely sharing Claude artifacts goes deeper on the investor-and-deal version of this same problem.

Is this the same as a board portal like Diligent or Boardvantage?

No — and the honest boundary is worth stating plainly. Dedicated board portals — Diligent, Boardable, Nasdaq Boardvantage — run the full governance workflow: agendas, voting, minutes, resolutions, director questionnaires, a permanent searchable board book across years. Peony is not a board-management suite and doesn't do any of that. It doesn't replace your portal if your problem is "run our entire governance process." What Peony is, is the secure sharing-and-control layer for one live interactive report: it renders your HTML board dashboard live, binds it to named directors, watermarks per viewer, tracks who read it, gates the confidential sections, and revokes after the cycle.

So the decision is clean. If you need full governance workflow — voting, minutes, the multi-year board book — use a board portal; that's what they're for, and I won't pretend a data room covers it. If your specific problem is getting a single live, interactive board report to your directors under identity-bound control without flattening it and without standing up a whole governance suite, that's exactly this. Plenty of teams run both: the portal for the formal record, Peony for the live dashboard the board actually drives between meetings. For where Peony fits in board work end to end, see the board communications solution page.

What does it cost to share a live board report securely?

Less than you'd guess, and you do not need Enterprise. This is the most common misread I hear, so here's the exact map for the founder-or-CFO-to-board job:

• Free — $0: kick the tires, basic sharing. Fine for trying it; not where the per-director control lives.
• Business — $30/admin/month: desktop screenshot protection, Simple NDA (acknowledge-to-enter), download prevention, page-level analytics, custom logo. Good for a lower-sensitivity report where you mainly want read-receipts and a light gate.
• Data Room — $52/admin/month: everything this job actually needs — live HTML render with dynamic per-director watermarks, Screenshield mobile screenshot/recording block, Advanced NDA (signed PDF), granular per-file permissions, custom domain, unlimited rooms. This is the tier for a confidential board report on a live dashboard.
• Deal Team / Enterprise — $64+/custom: for larger teams and, at Enterprise, connecting your own GPT/Claude/Gemini under audited, zero-retention access — a different problem than sharing one board report.

For the founder, CFO, or chief of staff sending a live, watermarked board report to the directors, the answer is the $52 Data Room tier — under $60/month, no Enterprise required. Live render plus dynamic per-director watermark plus the confidentiality gate sit right there. The only reasons to climb higher are team size and connecting your own external models, neither of which the core job needs. See the full pricing page for the current breakdown, and remember the honest carve-outs from earlier: if the link genuinely isn't confidential, a free public-link tool is the faster call, and if you need full governance workflow, a board portal is the right buy — this tier is for the live, sensitive report itself.

The bottom line

A board deck is read in the meeting; a board dashboard gets used after it — so treat the report as what it is, an app, and the right workflow falls out. Don't email a flattened PDF board pack (you ship a corpse and lose control of eight copies) and don't run it through a portal that flattens (the interactivity dies on arrival). Send the live render through a viewer that runs the HTML, stamp it per director, gate the sensitive sections, see which directors read it before the meeting, and revoke after the cycle. That's the difference between mailing your board a photograph of your work and handing each director the working thing under your control. Peony is the data room used by 5,900+ customers precisely because it lets you keep the report alive and stay the gatekeeper, instead of choosing one — and when the share genuinely doesn't need that control, or when you need a full governance suite, I'll happily point you elsewhere. The skill is knowing which job you're doing.

Frequently asked questions

How do I share an interactive board report with directors without it turning into a static PDF?

Upload the report's .html file to a viewer that renders HTML live — it executes the JavaScript in each director's browser instead of rasterizing the page to a flat image. That single choice is what keeps the KPI dashboard, the scenario toggles, and the runway model working. Most board-pack channels (email attachments, shared drives, and many board portals) either reject .html or convert it to a flattened PDF, so the board sees a photograph of your dashboard rather than the working thing. On Peony, a data room used by 5,900+ customers, an .html file renders natively with its JavaScript executing, so directors interact with the real report — and the live render carries a per-director watermark and link controls at the same time.

Can I send a live board dashboard to my board without emailing a PDF to everyone?

Yes — bind the view to each named director instead of attaching a file to a reply-all chain. An emailed PDF is a copy: it freezes one view, lands in every director's inbox, gets forwarded to their EAs, and you can never pull it back or tell who read it. A gated share instead puts the live report behind one identified, tracked link per director, so each open ties to a specific person and you can revoke it after the cycle. I run Peony, a data room company, and the way I'd do it is one personalised link per director and observer, watermarked per viewer, set to expire after the meeting.

Why does my board report break when I export it to PDF or send a screenshot?

Because an interactive board report is an app, not a picture. The value is that a director changes a date range, flips a scenario, or drills into a cohort and the charts recompute — and a PDF or screenshot captures exactly one frozen frame of that. Everything that made it a dashboard (the inputs, the recomputation, the drill-downs) is gone the moment you flatten it. The fix is to keep the .html live and wrap control around it rather than killing the app to feel safe. Peony renders the .html natively with JavaScript executing, so the report stays interactive while still being watermarked, gated, tracked, and revocable.

Is a free public-link tool like ShareDuo or Stacktree good enough for a board report?

For a non-confidential link — a board-approved metric you'd publish anyway, or a draft you're circulating to one trusted advisor — honestly yes. ShareDuo and Stacktree are fast, free or cheap, need no login, and support a password and an expiry, and Stacktree even has an MCP publish flow with update-in-place. Where they stop being enough is the board pack itself: a public link can't bind the view to a named director, can't stamp a per-director watermark, can't gate on confidentiality, can't show you which directors read it, and can't be revoked per person. Board material is the most sensitive data a company holds, so that control is the whole game, which is the gap Peony fills with a per-viewer watermark on a live render.

How do I watermark a board report so a leak points back at the director who leaked it?

Use a per-viewer dynamic watermark that burns each director's name, email, and a timestamp onto the live render, not a generic company logo. Because every director sees their own identity stamped across the report while they use it, any screenshot or phone photo carries that identity, so a leaked image points back at the person who leaked it. No tool can stop a director photographing their own screen, so this is attribution and deterrence, not prevention — but for board material that deterrence matters. On Peony, dynamic per-viewer watermarks are on the Data Room plan at $52 per admin per month.

Can I see which board members actually opened the report before the meeting?

Yes, if you share through a tracked link rather than an email attachment or a public URL. Page-level analytics show you which directors opened the report, when, how long they stayed, and which sections they spent time on — so you walk into the meeting knowing who has read it and who you'll need to walk through it. An emailed PDF or a single shared link tells you none of that because it's anonymous by construction; one tracked link per director makes every open attributable. Peony's page-level analytics are on the Business plan at $30 per admin per month.

How do I revoke directors' access to a board report after the cycle ends?

Share the report as a permission you grant, not a file you hand over, so that closing the cycle is a setting you flip rather than a "please delete the board pack" email you have to chase. When the report lives behind a tracked link in a secure viewer, you click revoke and it goes dark for everyone immediately; you can also set the link to expire after the meeting so it closes itself, and revoke a single departing director without touching the rest. I run Peony, a data room company, and instant revoke plus link expiry are built in.

Do I need a confidentiality gate in front of a board report, and can I gate the link on one?

If the report exposes comp, litigation, M&A, or other privileged material — or you're sharing with an observer who hasn't signed — gating on a confidentiality acknowledgement or NDA is cheap insurance, and yes, you can put one in front of the link. The pattern is: the director clicks their tracked link, acknowledges or signs before anything renders, and only then does the live report load; you can also gate just the sensitive sections with per-file permissions while the rest opens freely. On Peony, a Simple NDA (acknowledge-to-enter) is on the Business plan at $30 per admin per month and an Advanced NDA that captures a signed PDF is on the Data Room plan at $52 per admin per month.

My board report was built by Claude or GPT as an HTML file — can I share that live with directors?

Yes, as long as the viewer runs the HTML instead of converting it. Founders and CFOs increasingly have Claude or GPT generate a self-contained .html board report — a live KPI dashboard, a runway scenario tool — and the whole point is that the board can drive it. A viewer that renders .html natively with the JavaScript executing keeps that app alive for each director; a viewer that converts to PDF kills it. Peony renders AI-built .html live and additionally offers a publicly available MCP server, so you can build the report in Claude, install the Peony MCP, and push the artifact straight into a watermarked, gated, revocable room without leaving the chat.

Is this the same as a board portal like Diligent or Boardvantage?

No, and it's worth being precise. Dedicated board portals — Diligent, Boardable, Nasdaq Boardvantage — run the full governance workflow: agendas, minutes, voting, resolutions, a permanent board book. Peony does not replace that; it isn't a board-management suite and doesn't do voting or minutes. What Peony is, is the secure sharing-and-control layer for the live report itself: it renders your interactive HTML report live, binds it to named directors, watermarks per viewer, tracks reads, gates confidentiality, and revokes. If you need full governance workflow, use a board portal; if your problem is specifically getting one live interactive report to directors under identity-bound control, that's this. See board communications.

What does it cost to share a live board report securely, and do I need Enterprise?

You don't need Enterprise. Rendering an .html board report live with dynamic per-director watermarks sits on Peony's Data Room plan at $52 per admin per month, alongside mobile screenshot blocking, an Advanced (signed-PDF) NDA, granular per-file permissions, a custom domain, and unlimited rooms. If you only need a Simple acknowledge-to-enter gate, desktop screenshot protection, download prevention, and page-level analytics, the Business plan at $30 per admin per month covers it. Enterprise exists for a different need — connecting your own GPT, Claude, and Gemini under audited, zero-retention access — which a founder sharing a board report each cycle doesn't require.

Related resources

• Secure board portal and board communications — the solution page this how-to complements: board books, observer access, committee materials
• How to send a live dashboard to a client securely — the consultant-to-client version of this same live-vs-flattened problem
• How to share an interactive LP report with your limited partners (securely) — the fund-IR sibling: the same live-render-plus-per-viewer-control pattern, but for a GP sending a quarterly report to named LPs
• How to share an interactive financial model with an investor (securely) — the fundraising version: sending a live model to a VC under per-viewer control
• How to share an interactive ROI calculator with a prospect (securely) — the B2B-sales version: keeping a live business-case calculator interactive without leaking your pricing logic
• How to securely share a Claude artifact — sharing AI-built HTML output under per-viewer control
• The HTML viewer: render .html live with JavaScript executing
• Dynamic per-viewer watermarks
• Page-level analytics and tracked links
• NDA and confidentiality gating
• Instant revoke and link expiry
• Pricing — find the tier that renders HTML live

---

Sources

1. Peony product documentation — supported file formats, dynamic watermarks, NDA/confidentiality gating, granular permissions, page-level analytics, instant revoke, link expiry, and the publicly available MCP server. peony.ink
2. ShareDuo — public/unguessable-link sharing with password and expiry. shareduo.com
3. Stacktree — public-link sharing with MCP publish flow and update-in-place. stacktr.ee
4. Dedicated board portals referenced for scope boundary — Diligent, Boardable, Nasdaq Boardvantage — run full governance workflow (agendas, voting, minutes, board book); Peony is the secure sharing-and-control layer for the live report, not a board-management suite.

Disclaimer: This article is for general informational purposes and is not legal advice; confirm board confidentiality, NDA, and fiduciary data-handling requirements for your company and jurisdiction with qualified counsel.