State of M&A Data Rooms — Q1 2026 Read the report →
Peony LogoPeony

How to Send a Live Dashboard to a Client Securely

Co-founder and CEO at Peony. I built the data room platform with a background in document security, file systems, and AI. Founded Peony in 2021 in San Francisco.

Connect with me on LinkedIn! I want to help you :)
Document SecurityData RoomsWatermarksArtificial IntelligenceConsulting

How to Send a Live Dashboard to a Client Securely

Last updated: June 2026

TL;DR: Your dashboard is an app, not a screenshot. If you export it to PDF you hand the client a corpse — the filters, toggles, and recomputing charts die. If you drop it on a public link, anyone with the URL sees the client's confidential numbers, untracked, forever. The third way is to share the live dashboard through a secure viewer that renders the HTML with its JavaScript running, stamps a per-viewer watermark, tells you whether the client actually opened it, and lets you revoke when the engagement ends. On Peony, an .html dashboard renders natively with JavaScript executing inside that control layer — at the Data Room tier ($52/admin/month), not Enterprise.

Quick answer: Export the dashboard as a self-contained .html, upload it to a viewer that renders HTML live, turn on a dynamic per-viewer watermark, gate it with an NDA if the numbers are sensitive, send one tracked link per client-side stakeholder, and set the link to expire when the project ends. You keep the dashboard interactive and stay the gatekeeper.

I'm Deqian Jia, co-founder of Peony, a data room company. I spend most of my time on how files actually render and move between two parties, and over the last year a new kind of deliverable has shown up again and again in client work: the interactive dashboard. A consultant builds a performance dashboard, a fractional analyst ships a scenario tool, an agency hands a client a live forecast — and increasingly the thing is AI-built HTML, generated in Claude or GPT, that runs in the browser. Then they hit the wall this whole post is about: how do I send the living thing to a client without either killing it or losing control of it?

I run Peony, a data room company, so I see the failed attempts land in support: the consultant who PDF'd their dashboard and got "the buttons don't work" back from the client, and the one who pasted a public link and then realized three other people at the client had it too. This post is the playbook I'd give either of them. It's written to be useful even if you never touch Peony — I'll be explicit about where a free public link beats us and where it doesn't.

PDF export versus public link versus secure live viewer for sharing a client dashboard

Why does my dashboard break when I send it to a client as a PDF?

Because a dashboard is an app, not a picture, and a PDF can only capture a picture. The entire value of an interactive dashboard is that the client does something to it — changes a date range, flips a scenario toggle, drills from a summary number into the detail — and the charts recompute in front of them. A PDF or a screenshot freezes exactly one of those states. Everything that made it a dashboard is gone: the inputs are dead, the recomputation never fires, the drill-downs are flat pictures. You spent the effort to build a tool and you mailed the client a photograph of it.

This is the spine of the whole post: your dashboard is an app, not a screenshot. Most people, faced with "how do I share this safely," reach for the most inert format they can — flatten it to a PDF "to be safe." That instinct is exactly backwards for an interactive deliverable. You don't make the dashboard safer by killing it; you make it useless while it's still leaky as a file. The right move is to keep the app alive and put a control layer around the live render. Flatten only when the value survives flattening — a finished chart, a prose memo, a signed page can flatten freely. A dashboard, a calculator, a scenario tool, anything the client is supposed to interact with, has to stay live.

Can I share an interactive dashboard with a client without making the link public?

Yes — and this is the second failure mode, the mirror image of the dead PDF. To dodge the flattening problem, a lot of people swing to the opposite extreme: they host the dashboard somewhere and paste the client a link. The dashboard stays live, which feels like a win, but a raw public link is a bearer link — possession is access. Anyone who has the URL can open it, and anyone who opens it can forward it. For a client's confidential numbers that's a quiet disaster: you can't tell who saw it, you can't tie a leak to a person, and you can't pull it back when the engagement ends. The link just sits out there, live and ungoverned, indefinitely.

The way out is to bind the view to a named client instead of to an anonymous URL. Send one tracked link per client-side stakeholder, put the live dashboard behind it, and now every open is attributable to a specific person. You get the interactivity of a live link and the control of a private channel — which most people assume you can't have at once. You can, if the viewer renders HTML live and wraps per-viewer control around it.

Are free public-link tools like ShareDuo and Stacktree good enough for client dashboards?

For a low-sensitivity, public-facing dashboard, they're genuinely good — credit where it's due. ShareDuo and Stacktree are real public/unguessable-link sharing tools: fast, free or cheap, no login required for the recipient, and they support a password and an expiry date. Stacktree even has an MCP publish flow with update-in-place, which is genuinely handy for an agency iterating a dashboard — you push a new version and the client's link shows the latest without you re-sending anything. If what you're sharing is a demo, a portfolio piece, or a dashboard whose numbers you'd be happy to see reshared, a public-link tool is the fast, correct answer, and I won't pretend a data room is somehow "better" for that job.

Where the public-link approach stops being enough is the exact thing client work usually requires: the numbers are confidential. A public link, by design, can't bind the view to a named client, can't stamp a per-viewer watermark, can't gate on an NDA, can't tell you who opened it, and can't be revoked for one person while staying live for another. Those aren't nice-to-haves for confidential client data — they're the whole game. So the honest split is: public link for the quick, non-sensitive share; a controlled viewer the moment the dashboard carries a client's private numbers. The mistake is using a public link for confidential work because it was the tool already open in your browser.

How do I keep the dashboard interactive for the client AND keep control of it?

Use a viewer that renders the HTML live — executing the JavaScript in the client's browser — and that wraps per-viewer control around that same render. This is the one capability that decides whether your dashboard survives the trip. Peony renders .html/.htm natively with the JavaScript actually executing, so a dashboard, calculator, or scenario tool runs for your client exactly as it ran for you — it is not flattened to a PDF or an image. Most tools do the opposite: they reject HTML or convert it to a static document, and the app dies in the conversion. That difference is the reason this post exists.

What makes the live render useful rather than just clever is the layer traveling on it. The same dashboard that's running for your client is simultaneously carrying a per-viewer dynamic watermark, sitting behind an optional NDA gate, respecting granular per-link permissions, generating page-level analytics, and one click from instant revoke. The live app and the control aren't two things you bolt together — the control rides on the running render. As far as I know, live-render-plus-per-viewer-control on the dashboard itself is unusual; most tools give you one or the other. If you want the full vendor comparison of which tools actually run HTML versus flatten it, we wrote a ranked guide to data rooms that support HTML display — this post is the how-to complement to it.

How do I watermark a dashboard so a leak points back at the client who leaked it?

Turn on a per-viewer dynamic watermark — one that burns the specific viewer's name, email, and a timestamp onto the live render, not a generic logo pasted in a corner. Because each client-side viewer sees their own identity stamped across the dashboard while they use it, any screenshot or phone photo of the screen carries that identity with it. A leaked image points straight back at the person who leaked it.

Be precise about what this does and doesn't do: no tool can stop a person from photographing their own screen with a phone — that's the analog hole, and anyone claiming to block it outright is overstating. A dynamic watermark makes the capture self-incriminating rather than impossible — it's deterrence and attribution, not prevention. On the desktop, screenshot protection deters the easy in-app capture; on mobile, Screenshield blocks screen capture and recording on supported devices. None of these are magic, and I won't pretend otherwise, but together they raise the cost of leaking and strip the leaker of anonymity. On Peony, dynamic per-viewer watermarks live on the Data Room plan at $52/admin/month, and desktop screenshot protection starts on Business at $30/admin/month.

How do I know whether my client actually opened the dashboard?

Share through a tracked link and read the page-level analytics — that's the mechanism. A single shared URL is anonymous by construction: ten people can open it and you learn nothing about any of them. One tracked link per client-side stakeholder flips that, so every open is tied to a named person, and page-level analytics tell you whether they opened the dashboard, when, how long they stayed, and which sections they lingered on.

For a consultant that's real signal, not a vanity metric. The client lead who reopened your forecast tab four times before the QBR is engaging differently from the one who never clicked the link you sent two weeks ago — and you want to know which is which before you walk into the meeting. It also quietly answers the awkward "did you get a chance to look at it?" question without you having to ask. Pair the analytics with per-viewer watermarks and one dashboard becomes several accountable, measurable conversations instead of one link you fired into the dark.

How do I revoke a client's access to the dashboard when the engagement ends?

Share the dashboard as a permission you grant, not a file you hand over — then ending access is a setting you flip, not a cleanup you chase. When the dashboard lives behind a tracked link in a secure viewer, closing out an engagement is one click: you revoke the link and the dashboard goes dark for that client immediately. There's no "please delete the file you have" email, because they never held a copy — they held a permission, and you just took it back.

You can also let the link close itself. Set a link expiry for the engagement's end date and the dashboard stops rendering on its own when the project wraps, with the option to kill it early if a relationship sours mid-stream. This is the part PDF and public-link workflows can't touch: a PDF you emailed is a copy the client keeps forever, and a public link you pasted stays live until you remember it exists and go hunting for where you posted it. A revocable, expiring link is offboarding by design. The same control matters if you're sharing AI-generated HTML you'd rather not have re-hosted — see our guide on how to password-protect an HTML file for the spectrum from a fake client-side gate to a tracked, revocable link.

My dashboard is AI-built HTML from Claude or GPT — how do I share that with a client?

Share it through a viewer that runs the HTML rather than converting it, and you keep the whole AI-built app alive for the client. More and more of the dashboards I see in client work are generated by Claude or GPT as a self-contained .html file — the AI produces a working interactive app, you tweak the numbers, and you have a real tool in minutes. The catch is the same one as before: most channels flatten it. A viewer that renders .html natively with the JavaScript executing keeps the AI-built dashboard interactive; a viewer that converts to PDF kills it on arrival.

Peony's edge here is twofold. First, the live render: the AI-built dashboard actually runs for your client, watermarked and tracked, instead of arriving as a flat PDF. Second, there's a publicly available MCP server that's bidirectional — an AI agent can read a room's contents and push an artifact into the room. In practice that means you can build the dashboard in Claude, install the Peony MCP, and push the finished artifact straight into a watermarked, revocable room without leaving the chat. (Stacktree, to be fair, has its own MCP publish flow for the public-link case — the difference is what wraps the result.) And if you ever need to go further, on the Enterprise tier you can connect your own GPT, Claude, and Gemini under zero-retention, permission-scoped, audited access — every AI query and document open logged — though a solo consultant sharing one dashboard with one client is nowhere near needing that. For the broader question of letting AI output into client-facing material safely, our companion post on securely sharing Claude artifacts goes deeper on the investor-and-deal version of this same problem.

What does it cost to share a live client dashboard securely?

Less than you'd guess, and you do not need Enterprise. This is the most common misread I hear, so here's the exact map for the consultant-to-client job:

  • Free — $0: kick the tires, basic sharing. Fine for trying it; not where the per-viewer control lives.
  • Business — $30/admin/month: desktop screenshot protection, Simple NDA (acknowledge-to-enter), download prevention, page-level analytics, custom logo. Good for a lower-sensitivity client dashboard where you mainly want tracking and a gate.
  • Data Room — $52/admin/month: everything this job actually needs — live HTML render with dynamic per-viewer watermarks, Screenshield mobile screenshot/recording block, Advanced NDA (signed PDF), granular permissions, custom domain, unlimited rooms. This is the tier for confidential client numbers on a live dashboard.
  • Deal Team / Enterprise — $64+/custom: for larger teams and, at Enterprise, connecting your own GPT/Claude/Gemini under audited, zero-retention access — a different problem than sharing a dashboard with a client.

For the consultant or agency sending a live, watermarked dashboard to one client, the answer is the $52 Data Room tier — under $60/month, no Enterprise required. Live render plus dynamic per-viewer watermark sits right there. The only reasons to climb higher are team size and connecting your own external models, neither of which the core job needs. See the full pricing page for the current breakdown, and remember the honest carve-out from earlier: if the dashboard isn't confidential, a free public-link tool is the faster call — this tier is for when the client's numbers can't leak.

The bottom line

Treat the dashboard as what it is — an app — and the right workflow falls out. Don't flatten it to a PDF (you ship a corpse) and don't drop it on a public link (you leak the client's numbers, untracked). Send the live render through a viewer that runs the HTML, stamp it per viewer, gate it if the data is sensitive, track whether the client opened it, and revoke when the work is done. That's the difference between handing a client a photograph of your work and handing them the working thing under your control. Peony is the data room used by 5,900+ customers precisely because it lets you keep the dashboard alive and stay the gatekeeper, instead of choosing one. And when the share genuinely doesn't need control, I'll happily point you at a free public link — the skill is knowing which job you're doing.

Frequently asked questions

How do I send a live, interactive dashboard to a client without it turning into a dead PDF?

Upload the dashboard's .html file to a viewer that renders HTML live — meaning it executes the JavaScript in the client's browser instead of rasterizing the page to a static image. That single choice is what keeps the filters, toggles, and recomputing charts working. Most sharing channels (email attachments, Google Drive, Notion, and many secure data rooms) either reject .html or convert it to a flattened PDF, so the client ends up looking at a photograph of your dashboard rather than the working thing. On Peony, a data room used by 5,900+ customers, an .html file renders natively with its JavaScript executing, so your client interacts with the real dashboard — and the live render carries a per-viewer watermark and link controls at the same time.

Can I share an interactive report with a client without making the link public?

Yes — the trick is to bind the view to a named client instead of to an anonymous URL. A public or unguessable link is a bearer link: anyone who has it can open it and forward it, and you can't tell who saw your client's confidential numbers. A gated share instead puts the report behind an identified, tracked link (often an NDA acknowledgement first), so each open ties to a specific person and you can revoke it later. I run Peony, a data room company, and the way I'd do it is one tracked link per client-side stakeholder, watermarked per viewer, with the link set to expire when the engagement ends.

Why does my client dashboard break when I export it to PDF or send a screenshot?

Because a dashboard is an app, not a picture. The value is in the interaction — the client changes a filter, toggles a scenario, and the charts recompute — and a PDF or screenshot captures exactly one frozen state of that. Everything that made it a dashboard (the inputs, the recomputation, the drill-downs) is gone the moment you flatten it. The fix is to keep the .html live and wrap control around it rather than killing the app to feel safe. Peony renders the .html natively with JavaScript executing, so the dashboard stays interactive while still being watermarked, gated, tracked, and revocable.

Is a free public-link tool like ShareDuo or Stacktree good enough for sharing a client dashboard?

For a low-sensitivity, public-facing dashboard, honestly yes — tools like ShareDuo and Stacktree are fast, cheap or free, need no login, and support a password and an expiry date, and Stacktree even has an MCP publish flow with update-in-place that's genuinely handy when you're iterating a dashboard for a client. Where they stop being enough is confidential client numbers: a public link can't bind the view to a named client, can't stamp a per-viewer watermark, can't gate on an NDA, can't show you who opened it, and can't be revoked per person. For client work where the data is sensitive, that control is the whole game, which is the gap Peony fills with a per-viewer watermark on a live render.

How do I add a watermark to a dashboard I share with a client so a leak points back at them?

Use a per-viewer dynamic watermark — one that burns the specific viewer's name, email, and a timestamp onto the live render, rather than slapping a generic logo on the page. Because each client-side viewer sees their own identity stamped across the dashboard, any screenshot or photo of the screen carries that identity with it, so a leaked image points back at the person who leaked it. No tool can stop someone photographing their own screen, so this is attribution and deterrence, not prevention. On Peony, dynamic per-viewer watermarks are on the Data Room plan at $52 per admin per month.

Can I see whether my client actually opened the dashboard I sent?

Yes, if you share through a tracked link rather than a raw file or a public URL. Page-level analytics show you whether the client opened the dashboard, when, how long they stayed, and which sections they spent time on — which for a consultant is real signal about whether the work landed before your next check-in. A single shared link tells you none of that because it's anonymous by construction; one tracked link per client-side stakeholder makes every open attributable. Peony's page-level analytics are on the Business plan at $30 per admin per month and let you read each viewer's activity separately.

How do I revoke a client's access to a dashboard when the engagement ends?

Share it as a permission you grant, not a file you hand over, so that ending access is a setting you flip rather than a "please delete the file" email you have to chase. When the dashboard lives behind a tracked link in a secure viewer, you click revoke and it goes dark for that client immediately; you can also set the link to expire on the engagement's end date so it closes itself. I run Peony, a data room company, and instant revoke plus link expiry are built in, so an end-of-project offboarding is one click instead of a hope that they actually deleted the PDF.

Do I need an NDA in front of a client dashboard, and can I gate the link on one?

If the dashboard exposes the client's confidential numbers — or your own proprietary methodology — gating on an NDA is cheap insurance, and yes, you can put one in front of the link. The pattern is: the viewer clicks your tracked link, acknowledges or signs an NDA before anything renders, and only then does the live dashboard load. On Peony, a Simple NDA (acknowledge-to-enter) is on the Business plan at $30 per admin per month and an Advanced NDA that captures a signed PDF is on the Data Room plan at $52 per admin per month, so you can match the gate to how sensitive the engagement is.

My dashboard was built by Claude or GPT as an HTML file — can I share that live with a client?

Yes, as long as the viewer runs the HTML instead of converting it. AI tools increasingly output a self-contained .html app — a dashboard, a calculator, a scenario tool — that runs in the browser, and the whole point is that it's interactive. A viewer that renders .html natively with the JavaScript executing keeps that app alive for your client; a viewer that converts to PDF kills it. Peony renders AI-built .html live and additionally offers a publicly available MCP server, so you can build the dashboard in Claude, install the Peony MCP, and push the artifact straight into a watermarked, revocable room without leaving the chat.

What's the difference between sharing a dashboard on a public link and sharing it in a secure data room?

A public link optimizes for speed and zero friction: no login, anyone with the URL is in, which is perfect for something you'd be happy to see reshared. A secure data room optimizes for control on confidential material: identified access, per-viewer watermark, NDA gate, open-tracking, and instant revoke. The honest split is that a public link wins the quick, non-sensitive share and a data room wins the moment the dashboard carries a client's private numbers. Peony sits on the controlled side and still renders the live HTML, so you don't have to trade interactivity for control.

What does it cost to securely share a live client dashboard, and do I need an enterprise plan?

You don't need an enterprise plan. Rendering an .html dashboard live with dynamic per-viewer watermarks sits on Peony's Data Room plan at $52 per admin per month, alongside mobile screenshot blocking, an Advanced (signed-PDF) NDA, granular permissions, a custom domain, and unlimited rooms. If you only need a Simple acknowledge-to-enter NDA, desktop screenshot protection, download prevention, and page-level analytics, the Business plan at $30 per admin per month covers it. Enterprise exists for a different need — connecting your own GPT, Claude, and Gemini under audited, zero-retention access — which a solo consultant sharing a dashboard with one client doesn't require.

Related resources

Sources

  1. Peony product documentation — supported file formats, dynamic watermarks, NDA gating, page-level analytics, instant revoke, and MCP server. peony.ink
  2. ShareDuo — public/unguessable-link sharing with password and expiry. shareduo.com
  3. Stacktree — public-link sharing with MCP publish flow and update-in-place. stacktr.ee

Disclaimer: This article is for general informational purposes and is not legal advice; confirm NDA, confidentiality, and data-handling requirements for your specific engagement with qualified counsel.

You might also like

Jun 29, 2026

How to Share an Interactive Board Report With Your Directors (Securely)

Document SecurityData Rooms

Jun 16, 2026

How to Securely Share a Claude Artifact (HTML, App, or Doc) in 2026

Document SecurityArtificial Intelligence

Jun 29, 2026

How to Share an Interactive ROI Calculator With a Prospect (Securely)

SalesDocument Security