[{"data":1,"prerenderedAt":1928},["ShallowReactive",2],{"blog-posts-en":3},[4,132,243,363,479,539,693,861,1019,1102,1281,1436,1661],{"id":5,"title":6,"author":7,"body":8,"date":119,"description":120,"extension":121,"image":122,"meta":123,"navigation":124,"path":125,"seo":126,"stem":127,"tags":128,"__hash__":131},"blog\u002Fblog\u002Fen\u002Fproduct-update-2026-06.md","Product Update - March 2026","Pierre-Louis",{"type":9,"value":10,"toc":111},"minimark",[11,16,24,27,30,34,40,43,45,49,55,58,60,64],[12,13,15],"h2",{"id":14},"ai-redaction-agent","AI redaction agent",[17,18,19],"p",{},[20,21],"img",{"alt":22,"src":23},"AI assisted document redaction in Entropia","\u002Fblog\u002Fai-assisted-redaction.png",[17,25,26],{},"Tell our agent what types of information you want to redact, watch it work, and validate each action, staying in control.",[28,29],"hr",{},[12,31,33],{"id":32},"instant-document-translation","Instant document translation",[17,35,36],{},[20,37],{"alt":38,"src":39},"Instant document translation in Entropia","\u002Fblog\u002Fdocument-translation.png",[17,41,42],{},"Translate any document instantly, directly inside the data room. Fourteen languages available: Arabic, Chinese, Dutch, English, French, German, Hebrew, Italian, Japanese, Korean, Polish, Portuguese, Russian, Spanish.",[28,44],{},[12,46,48],{"id":47},"downloaded-document-encryption","Downloaded document encryption",[17,50,51],{},[20,52],{"alt":53,"src":54},"Encrypted files in Entropia — access can be revoked even after they have been downloaded","\u002Fblog\u002Ffile-encryption.png",[17,56,57],{},"Access to documents can be revoked at any time, even after participants have downloaded them.",[28,59],{},[12,61,63],{"id":62},"other-updates","Other updates",[65,66,67,75,81,87,93,99,105],"ul",{},[68,69,70,74],"li",{},[71,72,73],"strong",{},"Permission expiry dates:"," Set an expiry date for a group's access. Group members lose their permissions when the date is reached.",[68,76,77,80],{},[71,78,79],{},"Questions from a document section:"," Users can select a portion of a document from the viewer and submit a question that gets added to the Q&A.",[68,82,83,86],{},[71,84,85],{},"Submit a question on behalf of a buyer:"," Administrators can submit Q&A questions on behalf of a buyer group. Handy when a question comes up mid-call.",[68,88,89,92],{},[71,90,91],{},"Document viewing time added to logs:"," Audit logs now also track the time actually spent per page or per sheet, adding depth to your reporting.",[68,94,95,98],{},[71,96,97],{},"SSO:"," Sign in via your corporate identity provider. Users are provisioned in real time at first login.",[68,100,101,104],{},[71,102,103],{},"Create a data room from an existing one:"," Duplicate the structure, settings, and groups of an existing data room in one click.",[68,106,107,110],{},[71,108,109],{},"AutoCAD files supported:"," DWG files can be viewed inside the data room. A must-have for all our real estate clients!",{"title":112,"searchDepth":113,"depth":113,"links":114},"",2,[115,116,117,118],{"id":14,"depth":113,"text":15},{"id":32,"depth":113,"text":33},{"id":47,"depth":113,"text":48},{"id":62,"depth":113,"text":63},"2026-04-07","AI-assisted redaction, document translation, encryption — major updates this month.","md","\u002Fblog\u002Fscreenshot-2026-04-07-at-10.38.48.png",{},true,"\u002Fblog\u002Fen\u002Fproduct-update-2026-06",{"title":6,"description":120},"blog\u002Fen\u002Fproduct-update-2026-06",[129,130],"product","update","r6qr6d0iZCJBgI89UuzilHa7R1t1MUOGLlrDCNzNlTg",{"id":133,"title":134,"author":7,"body":135,"date":233,"description":234,"extension":121,"image":235,"meta":236,"navigation":124,"path":237,"seo":238,"stem":239,"tags":240,"__hash__":242},"blog\u002Fblog\u002Fen\u002Fla-data-room-comme-avantage-concurrentiel.md","The data room as a competitive advantage",{"type":9,"value":136,"toc":226},[137,141,144,147,150,154,157,160,163,167,170,173,176,180,183,186,190,193,196,201,203],[12,138,140],{"id":139},"when-tool-selection-becomes-a-competitive-edge","When tool selection becomes a competitive edge",[17,142,143],{},"Arcéane is a national investment bank made up exclusively of consultant-negotiators and former company executives. Its positioning is its strength: senior teams who guide business owners from first contact through to closing, embedded in the regions to stay close to their clients.",[17,145,146],{},"Every project is led end-to-end by a pair of senior consultants, acting with sharper judgment and greater speed.",[17,148,149],{},"That positioning has a direct consequence on tool selection. Senior consultants working closely alongside business owners cannot afford to spend their time on low-value tasks. That time is either unbilled, or billed for nothing.",[12,151,153],{"id":152},"choosing-the-best-tools-on-the-market","Choosing the best tools on the market",[17,155,156],{},"Arcéane had long managed its data rooms with an in-house solution.",[17,158,159],{},"When the teams started using Entropia, the difference was immediate. \"There's no comparison with the previous tool. The ease of use, the intuitiveness, the ergonomics, whether internally or on the client side.\"",[17,161,162],{},"The data room is a core part of Arcéane's service offering: it is not rebilled to the client. It functions as a genuine internal work tool, but also as a reflection of the firm's standards and way of working, since it is directly visible to clients and external counterparties.",[12,164,166],{"id":165},"freeing-up-high-value-time","Freeing up high-value time",[17,168,169],{},"The primary benefit is operational. Time-consuming tasks such as setting up the data room, managing access, and organizing documents are now handled in a fraction of the time.",[17,171,172],{},"By streamlining these phases of the process, we free up time for the team to focus on what actually drives the value of our work: origination, proximity to executives, and deal execution.",[17,174,175],{},"At Arcéane, AI is integrated where it enables time savings without compromising on standards. Entropia fits that logic: automating repetitive tasks so teams can concentrate on what genuinely creates value in an M&A transaction — a deep understanding of the shareholder-executive's priorities, anticipating sticking points, structuring options, and driving a rigorous process execution with one goal in mind: a successful outcome.",[12,177,179],{"id":178},"a-recruiting-argument","A recruiting argument",[17,181,182],{},"Arcéane is actively hiring across its regional offices. The tools made available to consultants are part of what makes the model attractive. When a candidate discovers them, they immediately understand they'll be able to work faster, to a higher standard, and with better execution — for example setting up a data room in a few clicks, without relying on a shared Drive or drowning in heavy documentation exchanges.",[17,184,185],{},"Entropia is one of those concrete signals that speaks to how Arcéane works.",[12,187,189],{"id":188},"shared-values-responsiveness-and-agility","Shared values: responsiveness and agility",[17,191,192],{},"Beyond the product itself, what I take away is the combination of responsiveness and agility. Whether migrating old data rooms or handling remote access management while traveling, the Entropia team was there every time. When I had an urgent request on the road, support resolved it in two minutes. That level of service responsiveness is undeniable, and it's valued.",[17,194,195],{},"That responsiveness also made the collaboration feel natural from the start. Agility in decision-making and in execution is a defining trait of Arcéane, one clients recognize. What we found at Entropia, at its core, is that same agility in decision-making, in running the process, and in getting things done that we strive to embody for our own clients.",[17,197,198],{},[71,199,200],{},"Mouna Selmi, Président, Arcéane",[28,202],{},[204,205,206,211,214,217],"blockquote",{},[17,207,208],{},[71,209,210],{},"About Arcéane",[17,212,213],{},"Arcéane is an independent advisory firm specializing in mergers and acquisitions, fundraising, financing advisory, and financial engineering for SMEs. For 20 years, Arcéane has advised family-owned businesses, owner-executives of SMEs and mid-caps, and entrepreneur-acquirers.",[17,215,216],{},"The firm employs 20 professionals across 5 regions in France (Paris, Lille, Lyon, Nantes, and Bordeaux), and is a member of the GCG global network. To date, the teams have completed over 400 transactions.",[17,218,219],{},[220,221,225],"a",{"href":222,"rel":223},"https:\u002F\u002Farceane.com\u002F",[224],"nofollow","arceane.com",{"title":112,"searchDepth":113,"depth":113,"links":227},[228,229,230,231,232],{"id":139,"depth":113,"text":140},{"id":152,"depth":113,"text":153},{"id":165,"depth":113,"text":166},{"id":178,"depth":113,"text":179},{"id":188,"depth":113,"text":189},"2026-03-18","Why Arcéane chose Entropia for every deal. An interview with its president, Mouna Selmi.","\u002Fblog\u002Fscreenshot-2026-03-14-at-18.36.56.png",{},"\u002Fblog\u002Fen\u002Fla-data-room-comme-avantage-concurrentiel",{"title":134,"description":234},"blog\u002Fen\u002Fla-data-room-comme-avantage-concurrentiel",[241],"customer-story","l6AqQLYhkc58BFbloiecjHyttVFA1PJE6YpbhpH593c",{"id":244,"title":245,"author":7,"body":246,"date":354,"description":355,"extension":121,"image":356,"meta":357,"navigation":124,"path":358,"seo":359,"stem":360,"tags":361,"__hash__":362},"blog\u002Fblog\u002Fen\u002Fproduct-update-february-2026.md","Product Update - February 2026",{"type":9,"value":247,"toc":352},[248,254,261,264,266,272,278,281,283,289,295,298,300,306,312,315,317,322,328,334,340,346],[17,249,250],{},[20,251],{"alt":252,"src":253},"Screenshot 2026-03-03 at 19.03.18","\u002Fblog\u002Fscreenshot-2026-03-03-at-19.03.18.png",[255,256,258],"h5",{"id":257},"scout-a-data-room-analysis-agent",[71,259,260],{},"Scout: a data room analysis agent",[17,262,263],{},"Scout is an AI agent that searches through all your dataroom documents to answer your questions in seconds. Contractual clause, financial metric, risk factor: Scout identifies the relevant sources, details its reasoning, and shows you exactly where each answer comes from.",[28,265],{},[17,267,268],{},[20,269],{"alt":270,"src":271},"Screenshot 2026-03-03 at 19.13.24","\u002Fblog\u002Fscreenshot-2026-03-03-at-19.13.24.png",[255,273,275],{"id":274},"scout-in-qa-draft-answers-in-seconds",[71,276,277],{},"Scout in Q&A: draft answers in seconds",[17,279,280],{},"To find the elements of a response to a buyer's question in Q&A, mention @Scout in an internal note. Scout then analyzes the question, searches the data room, and generates a draft answer citing its documentary references. You review, verify, adjust. Your team stays in control.",[28,282],{},[17,284,285],{},[20,286],{"alt":287,"src":288},"Screenshot 2026-03-03 at 15.32.40","\u002Fblog\u002Fscreenshot-2026-03-03-at-15.32.40.png",[255,290,292],{"id":291},"send-files-to-the-dataroom-by-email",[71,293,294],{},"Send files to the dataroom by email",[17,296,297],{},"Send documents directly to the dataroom by email. The system verifies the sender, processes the attachments, and confirms delivery. Useful when an advisor or client wants to push documents without creating an account.",[28,299],{},[17,301,302],{},[20,303],{"alt":304,"src":305},"Storage quota warning","\u002Fblog\u002Fstorage-quota-warning-copy.png",[255,307,309],{"id":308},"storage-threshold-notifications",[71,310,311],{},"Storage threshold notifications",[17,313,314],{},"In the interest of transparency, and to prevent you from inadvertently exceeding your committed thresholds, administrators are now alerted when the data room approaches its initially agreed storage limit.",[28,316],{},[17,318,319],{},[71,320,321],{},"OTHER IMPROVEMENTS",[17,323,324,327],{},[71,325,326],{},"Import questions in bulk:"," Buyers can import an Excel file containing all their questions in one click.",[17,329,330,333],{},[71,331,332],{},"Shareable document sections:"," Select a portion of a page and share a direct link to that passage.",[17,335,336,339],{},[71,337,338],{},"Document mention warnings in Q&A:"," You are warned when mentioning a document to a recipient who does not have access to it.",[17,341,342,345],{},[71,343,344],{},"Zoom in the document viewer:"," Ctrl+scroll and pinch-to-zoom are now available in the document viewer.",[17,347,348,351],{},[71,349,350],{},"Strip index prefixes in bulk:"," Remove numeric reference prefixes from all file and folder names in one action.",{"title":112,"searchDepth":113,"depth":113,"links":353},[],"2026-03-04","Entropia took a new step in February with the deployment of an analysis agent inside the data room: Scout.","\u002Fblog\u002Fscreenshot-2026-03-04-at-15.38.57.png",{},"\u002Fblog\u002Fen\u002Fproduct-update-february-2026",{"title":245,"description":355},"blog\u002Fen\u002Fproduct-update-february-2026",[130,129],"W-Itu4o3UmuP121Na0JTfIVg_jn-G2Y-P6QsaApHMCM",{"id":364,"title":365,"author":7,"body":366,"date":470,"description":471,"extension":121,"image":472,"meta":473,"navigation":124,"path":474,"seo":475,"stem":476,"tags":477,"__hash__":478},"blog\u002Fblog\u002Fen\u002Feiger-cf-runs-on-entropia.md","Data room as an extra credibility signal",{"type":9,"value":367,"toc":463},[368,375,378,381,387,390,404,407,413,416,419,425,439,442,444],[369,370,372],"h3",{"id":371},"context",[71,373,374],{},"Context",[17,376,377],{},"Eiger CF is an independent M&A advisory firm working with senior executives on transactions involving demanding auditors with high standards around security, information structure, and clarity.",[17,379,380],{},"The data room is central to that trust relationship.",[369,382,384],{"id":383},"challenges",[71,385,386],{},"Challenges",[17,388,389],{},"We needed a solution that could:",[65,391,392,395,398,401],{},[68,393,394],{},"project a modern, professional image from the first login",[68,396,397],{},"be easy to use for internal teams and auditors alike",[68,399,400],{},"accelerate transaction preparation without compromising rigor",[68,402,403],{},"offer a clear, predictable pricing model suited to an independent boutique",[17,405,406],{},"Legacy solutions were expensive and forced us to request a new quote for every mandate. The subscription-based solutions we had tested felt overly complex and hard to navigate.",[369,408,410],{"id":409},"solution",[71,411,412],{},"Solution",[17,414,415],{},"Entropia quickly became the obvious choice.",[17,417,418],{},"After a few minutes of testing, we were won over by the modern interface and pragmatic feature set, which let us structure information quickly and work efficiently with auditors, without unnecessary friction.",[369,420,422],{"id":421},"results",[71,423,424],{},"Results",[65,426,427,430,433,436],{},[68,428,429],{},"stronger credibility with auditors and executives",[68,431,432],{},"smoother document exchanges and reviews from the IM phase onward",[68,434,435],{},"significant time savings on data room preparation and management",[68,437,438],{},"cost control with ROI reached from the second or third data room opened",[17,440,441],{},"Entropia has become both an image asset and an efficiency lever for our boutique.",[28,443],{},[204,445,446,453,456],{},[447,448,450],"h6",{"id":449},"about-eiger-cf",[71,451,452],{},"About Eiger CF",[17,454,455],{},"Eiger Corporate Finance is an independent M&A advisory firm based in Geneva and Lyon, helping business owners navigate strategic projects involving growth, succession, and transformation.",[17,457,458],{},[220,459,462],{"href":460,"rel":461},"https:\u002F\u002Fwww.eiger-cf.com\u002F",[224],"eiger-cf.com",{"title":112,"searchDepth":113,"depth":113,"links":464},[465,467,468,469],{"id":371,"depth":466,"text":374},3,{"id":383,"depth":466,"text":386},{"id":409,"depth":466,"text":412},{"id":421,"depth":466,"text":424},"2026-02-28","Jean-Baptiste Baret, Founding Partner at Eiger CF, explains how Entropia became the obvious choice.","\u002Fblog\u002Feigercf-entropia.png",{},"\u002Fblog\u002Fen\u002Feiger-cf-runs-on-entropia",{"title":365,"description":471},"blog\u002Fen\u002Feiger-cf-runs-on-entropia",[241],"BnOWRboCAK0d5jIRRWCj56vbUNqUEAO0fgBcMUP075I",{"id":480,"title":481,"author":7,"body":482,"date":530,"description":531,"extension":121,"image":532,"meta":533,"navigation":124,"path":534,"seo":535,"stem":536,"tags":537,"__hash__":538},"blog\u002Fblog\u002Fen\u002Fcic-conseil-chose-entropia.md","CIC Conseil teams chose Entropia",{"type":9,"value":483,"toc":528},[484,487,490,493,496,499,507,513,516,519,522,525],[17,485,486],{},"CIC Conseil is the M&A advisory arm of one of France's leading banking groups, Crédit Mutuel Alliance Fédérale.",[17,488,489],{},"Their teams advise listed companies, family-owned businesses, and investment funds on French and international mid-cap transactions, covering disposals, acquisitions, and complex financial structures.",[17,491,492],{},"With around 75 professionals and offices across France, they are one of the most established M&A advisory teams in the country. Their clients expect discretion, speed, and execution. So do their tools.",[17,494,495],{},"In January, they opened their first data room with Entropia.\nBy end of February, we had opened the sixth one.",[17,497,498],{},"Antoine Chevreau, Director at CIC Conseil, put it simply:",[204,500,501],{},[17,502,503],{},[504,505,506],"em",{},"\"The platform offers a level of features comparable to global leaders, with a very smooth interface, competitive pricing, and European data sovereignty on top. Our teams and clients adopted it without any difficulty.\"",[17,508,509],{},[20,510],{"alt":511,"src":512},"Screenshot 2026-02-23 at 23.11.16","\u002Fblog\u002Fscreenshot-2026-02-23-at-23.11.16.png",[17,514,515],{},"Three things stand out in that feedback.",[17,517,518],{},"The first is functional parity. CIC Conseil teams know what a data room needs to do under pressure: granular access rights, a Q&A that holds up at any hour, no surprises when a deal is running hot. Hearing that Entropia meets that bar from a team that runs these transactions daily is the most meaningful benchmark we have.",[17,520,521],{},"The second is pricing. M&A teams shouldn't have to negotiate their way through opaque billing mid-transaction. Entropia's pricing is transparent from the start, and stays that way.",[17,523,524],{},"The third is European data sovereignty. M&A data is among the most sensitive that exists: unpublished financials, acquisition strategies, personal data of executives. Keeping that data on European infrastructure is not a marketing point. For an increasing number of firms, it is becoming a requirement.",[17,526,527],{},"We are proud to have earned the trust of CIC Conseil's teams, and we are just getting started.",{"title":112,"searchDepth":113,"depth":113,"links":529},[],"2026-02-23","Smooth interface, competitive pricing, European sovereignty. What else?","\u002Fblog\u002Fentropia-cic-conseil.png",{},"\u002Fblog\u002Fen\u002Fcic-conseil-chose-entropia",{"title":481,"description":531},"blog\u002Fen\u002Fcic-conseil-chose-entropia",[241],"NjUKAAq9cp1ZU7yVbtBjAUOzL7euKjLF9AOfgMAaStM",{"id":540,"title":541,"author":7,"body":542,"date":684,"description":685,"extension":121,"image":686,"meta":687,"navigation":124,"path":688,"seo":689,"stem":690,"tags":691,"__hash__":692},"blog\u002Fblog\u002Fen\u002Fproduct-update-january-2026.md","Product Update - January 2026",{"type":9,"value":543,"toc":678},[544,547,549,554,560,564,567,570,572,578,584,587,589,595,601,604,606,612,618,621,623,628],[17,545,546],{},"Welcome to this monthly product update. This month we released a full-featured yet simple-to-use Q&A module that centralizes all buyer exchanges. We boosted our data room search, now indexing the content of Excel files alongside all other formats. We launched automatic file placement in the Sandbox, so uploaded documents are suggested a location in your index. And we shipped PDF-Only mode, letting admins convert their entire data room to PDF in one click. Here are the highlights.",[28,548],{},[17,550,551],{},[71,552,553],{},"WHAT'S NEW",[17,555,556],{},[20,557],{"alt":558,"src":559},"Screenshot 2026-02-03 at 10.51.12-2","\u002Fblog\u002Fscreenshot-2026-02-03-at-10.51.12-2.png",[369,561,563],{"id":562},"qa-no-more-email-threads","Q&A: no more email threads",[17,565,566],{},"Our new Q&A module centralizes all exchanges with buyers. Bidders ask their questions directly in the data room and can attach @documents.",[17,568,569],{},"On the sell-side, you can collaborate before publishing. Create internal notes, tag @colleagues to validate a sensitive answer, without bidders seeing your exchanges. When you're ready, you decide which version becomes visible.",[28,571],{},[17,573,574],{},[20,575],{"alt":576,"src":577},"deep search","\u002Fblog\u002Fdeep-search.gif",[369,579,581],{"id":580},"search-across-the-content-of-all-documents",[71,582,583],{},"Search across the content of all documents",[17,585,586],{},"Search now indexes the content of Excel files, on top of all other formats (including scanned documents).",[28,588],{},[17,590,591],{},[20,592],{"alt":593,"src":594},"autoplacement","\u002Fblog\u002Fautoplacement.png",[369,596,598],{"id":597},"sandbox-with-automatic-file-placement",[71,599,600],{},"Sandbox with automatic file placement",[17,602,603],{},"Files uploaded to the Sandbox receive automatic placement suggestions in the index folders. The system analyzes your documents and suggests where to classify them. You validate or adjust.",[28,605],{},[17,607,608],{},[20,609],{"alt":610,"src":611},"Screenshot 2026-02-03 at 12.03.33","\u002Fblog\u002Fscreenshot-2026-02-03-at-12.03.33.png",[369,613,615],{"id":614},"pdf-only-mode-convert-your-entire-data-room-in-one-click",[71,616,617],{},"PDF-Only mode: convert your entire data room in one click",[17,619,620],{},"Admins can now force all convertible files (Word, PowerPoint, images) to display as PDF automatically. One click. All applicable files, existing and future, are converted to PDF. Admins retain access to the originals. The action is reversible.",[28,622],{},[17,624,625],{},[71,626,627],{},"IMPROVEMENTS",[65,629,630,636,642,648,654,660,666,672],{},[68,631,632,635],{},[71,633,634],{},"User mentions in Q&A:"," Mention your colleagues with @username in Q&A threads. They receive an instant notification and an email.",[68,637,638,641],{},[71,639,640],{},"Permission exception indicators:"," Warnings appear on folders containing items with different permissions.",[68,643,644,647],{},[71,645,646],{},"Index export options:"," Choose between \"Print Index\" (visual) or \"Work Index\" (for bulk operations in Excel before re-import).",[68,649,650,653],{},[71,651,652],{},"Bulk Tag Management:"," Select multiple files and add or remove tags in a single action via the new bulk tag editor.",[68,655,656,659],{},[71,657,658],{},"Infinite scroll activity logs:"," The activity logs page now loads entries progressively.",[68,661,662,665],{},[71,663,664],{},"Improved download progress indicator:"," Archive exports show a native browser progress bar.",[68,667,668,671],{},[71,669,670],{},"Access Rights:"," New views to see permissions organized by document\u002Ffolder directly on folders and documents.",[68,673,674,677],{},[71,675,676],{},"Refined mobile design:"," Optimizations to the Entropia experience on smartphone.",{"title":112,"searchDepth":113,"depth":113,"links":679},[680,681,682,683],{"id":562,"depth":466,"text":563},{"id":580,"depth":466,"text":583},{"id":597,"depth":466,"text":600},{"id":614,"depth":466,"text":617},"2026-02-05","Q&A module, automatic file placement in Sandbox, PDF-Only mode... major releases last month!","\u002Fblog\u002Fscreenshot-2026-02-06-at-08.35.33.png",{},"\u002Fblog\u002Fen\u002Fproduct-update-january-2026",{"title":541,"description":685},"blog\u002Fen\u002Fproduct-update-january-2026",[130,129],"pyUR4lHx1MZn9GVgY43GQ0U-XqNrDRrWK-YwM6GtEuo",{"id":694,"title":695,"author":7,"body":696,"date":852,"description":853,"extension":121,"image":854,"meta":855,"navigation":124,"path":856,"seo":857,"stem":858,"tags":859,"__hash__":860},"blog\u002Fblog\u002Fen\u002Faesus-advisory-now-runs-on-entropia.md","Aesus Advisory now runs all deals on Entropia",{"type":9,"value":697,"toc":850},[698,707,709,715,718,721,724,727,733,736,739,742,745,751,754,757,760,766,769,772,775,778,781,784,790,793,796,799,802,808,811,814,817,820,823],[17,699,700,701,706],{},"The following article is an interview with ",[220,702,705],{"href":703,"rel":704},"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fgabriel-dagay\u002F",[224],"Gabriel d'Agay",", founding partner of Aesus Advisory.",[28,708],{},[255,710,712],{"id":711},"gabriel-before-entropia-how-did-you-manage-your-data-rooms",[71,713,714],{},"Gabriel, before Entropia, how did you manage your data rooms?",[17,716,717],{},"Before Entropia, we used fairly standard solutions.",[17,719,720],{},"On larger deals, we used traditional providers like Datasite, mainly because counterparties or lawyers requested it.",[17,722,723],{},"On smaller transactions - we do a lot of small cap work - we mostly used SharePoint. But SharePoint for setting up a data room, it's... not satisfactory at all. It's complicated to use, complicated to manage access rights, and above all there's no visibility: no tracking, very few features. Worse: at the end of a deal, when you want to close the file, download the entire data room properly and transfer it, well... it's impossible.",[17,725,726],{},"It can work for very small deals, but it poses real legal risks, and operationally it's really painful.",[255,728,730],{"id":729},"what-triggered-you-to-look-for-an-alternative",[71,731,732],{},"What triggered you to look for an alternative?",[17,734,735],{},"In reality, we were rather passive. Resigned, like much of the market.",[17,737,738],{},"And then, scrolling through LinkedIn, we came across Entropia promising a new world in the data room universe, which hasn't evolved in far too long.",[17,740,741],{},"We reached out, had a meeting within a few days, and saw it was heading in the right direction. We saw a simple, clear interface with features designed to facilitate deals, whereas too often data rooms are sources of friction, even tension, between parties.",[17,743,744],{},"Populating a data room is long, painful for executives, for teams, for everyone, and takes weeks. Having a tool that streamlines this process means tension saved on the deal.",[255,746,748],{"id":747},"what-convinced-you-during-that-first-demo",[71,749,750],{},"What convinced you during that first demo?",[17,752,753],{},"First, there was the overall approach, very focused on simplicity and usage.",[17,755,756],{},"We also saw real effort on the Q&A side, which is often the other nightmare of data rooms. On traditional solutions, it's very poorly managed, to the point where bankers end up exporting Excel spreadsheets to have executives answer questions manually.",[17,758,759],{},"We felt Entropia was taking the opposite approach to traditional data rooms on many fronts, with thinking driven by design and actual usage, and that resonated with us.",[255,761,763],{"id":762},"concretely-what-changed-in-your-daily-work",[71,764,765],{},"Concretely, what changed in your daily work?",[17,767,768],{},"Today, we use Entropia on all our transactions, including multi-target deals with different counterparties and auditors depending on the targets.",[17,770,771],{},"Access management by stakeholder type is a real strength, for example. It's become super simple for us to manage each party's rights to the right documents, without ambiguity.",[17,773,774],{},"In our buy-side work, we often approach executives who have never led a sale process. In that case, we're the ones organizing the data room for them. Having a tool we can provide to our clients whether we're on sell-side or buy-side, that their lawyers and accountants can use immediately, without dragging them through endless quotes or archaic processes with forms to fill out manually... well, it's great.",[17,776,777],{},"Everyone's happy to have a tool that's simple to use, and on our end, it allows us to keep visibility on what's happening across all our data rooms, and ultimately save everyone time and energy.",[17,779,780],{},"Day to day, features like index management or file renaming save time. But not just time, it's especially always those tension points: when you're in a transaction and you receive documents that aren't properly named, it drives you crazy, it's unauditable. So being able to make data more readable, having ultimately a more \"human\" data room, it improves the work of all stakeholders, on both buyer and seller sides.",[17,782,783],{},"On AI too, Entropia's approach seems very sound to us. Making work easier without ever removing control. On topics as sensitive as those we deal with around transactions, no one wants a decision made automatically by an AI. Save time, yes. Lose control, no.",[255,785,787],{"id":786},"and-budget-wise-what-impact",[71,788,789],{},"And budget-wise, what impact?",[17,791,792],{},"The real issue for us isn't so much the price level as clarity and predictability. What's frustrating with legacy players is that we regularly end up with unexpected fees, lines that are hard to understand, and it creates discussions that add friction to our client relationship, for nothing!",[17,794,795],{},"So at Aesus, we chose an annual Entropia license. It becomes an integrated work tool for us. We open data rooms in Sell but also in Buy-side, even pre-LOI, there's no longer an issue.",[17,797,798],{},"The subscription allows us to use the data room very early on, from pre-deal phases, to centralize information, secure exchanges, control access, and gradually get counterparties used to a structured framework. Whereas there are still people doing a \"pre data room\" on SharePoint, and then they'll move everything to a data room later...",[17,800,801],{},"And above all, it allows us to handle the data room cost issue very cleanly with our clients. Costs are anticipated, controlled, and discussed upfront. They go through us, with no nasty surprises at the end of the transaction.",[255,803,805],{"id":804},"if-you-had-to-convince-a-peer-what-would-you-tell-them",[71,806,807],{},"If you had to convince a peer, what would you tell them?",[17,809,810],{},"I'd tell them first to focus on the time and energy saved. To save their juniors' and lawyers' time to spare them administrative work that serves no purpose.",[17,812,813],{},"Today, an investment banker's performance no longer rests solely on their network or negotiating ability, but also on how they work. We're at a time when it's important to improve our productivity with the right tools.",[17,815,816],{},"A slow, complicated, or poorly structured data room penalizes the entire process. Conversely, a fluid tool like Entropia improves overall productivity.",[17,818,819],{},"At Aesus, there are two partners and we'll close about ten transactions this year. That's no accident. We've put in place the right tools - including Entropia as an integral part of our stack - that allow us to be what you might call \"augmented investment bankers.\"",[17,821,822],{},"Using effective tools allows us to have sharper processes, close more deals, and work more intelligently.",[204,824,825,830,833,842],{},[17,826,827],{},[71,828,829],{},"About Aesus Advisory",[17,831,832],{},"Aesus Advisory is an independent M&A boutique advising entrepreneurs, business owners, and investors on acquisitions, fundraisings, and exits. We combine the discipline of investment banking with the agility and pragmatism of entrepreneurship. Our focus is on execution, precision, and trust.",[17,834,835],{},[504,836,837,838],{},"255 rue Saint Honoré, 75001 Paris - ",[220,839,841],{"href":840},"mailto:contact@aesusadvisory.com","contact@aesusadvisory.com",[17,843,844],{},[504,845,846],{},[220,847,848],{"href":848,"rel":849},"https:\u002F\u002Fwww.aesusadvisory.com\u002F",[224],{"title":112,"searchDepth":113,"depth":113,"links":851},[],"2026-01-19","Gabriel d'Agay, founding partner of Aesus Advisory, explains how his boutique found the data room alternative it was looking for.","\u002Fblog\u002Faesus-advisory-entropia.png",{},"\u002Fblog\u002Fen\u002Faesus-advisory-now-runs-on-entropia",{"title":695,"description":853},"blog\u002Fen\u002Faesus-advisory-now-runs-on-entropia",[241],"G8LENj9EAUyDeipcwm8uI37a6wCtsxDO1d-cDNCrnAg",{"id":862,"title":863,"author":7,"body":864,"date":1009,"description":1010,"extension":121,"image":1011,"meta":1012,"navigation":124,"path":1013,"seo":1014,"stem":1015,"tags":1016,"__hash__":1018},"blog\u002Fblog\u002Fen\u002Fcontext-adaptive-file-redaction.md","Context-adaptive document redaction",{"type":9,"value":865,"toc":1007},[866,869,872,875,878,883,886,897,900,903,907,910,913,916,919,922,925,929,932,946,950,953,956,959,962,965,968,971,974,977,981,984,987,990,993,996,999],[17,867,868],{},"A sell-side analyst uploads 847 employment contracts to a data room. Each contains social security numbers, home addresses, salary details. The VDR promises to redact them all automatically. One click, the marketing materials said. Forty-five seconds later, a confirmation appears: \"1,247 redactions complete.\"",[17,870,871],{},"The analyst opens a random file. The CEO's social security number sits there, unmasked. Three more spot checks reveal similar gaps. The automated system missed variations in formatting, struggled with scanned documents, failed to recognize abbreviated names.",[17,873,874],{},"Eight hours of manual review follow. Better than risking a GDPR violation or tanking a deal because confidential client names leaked to a competitor.",[17,876,877],{},"\"I'd rather have my intern spend eight hours on redaction than five minutes with an AI solution and take the risk,\" says Victor, an M&A associate at a major European investment bank. The bank's reputation sits on the line with every document shared. No algorithm gets to make that call unsupervised.",[879,880,882],"h4",{"id":881},"what-redaction-actually-means-in-ma","What redaction actually means in M&A",[17,884,885],{},"Document redaction in mergers and acquisitions isn't about hiding embarrassing details. It serves three precise functions that carry legal and financial consequences when done poorly.",[65,887,888,891,894],{},[68,889,890],{},"First, regulatory compliance. European data protection rules require removing personally identifiable information before sharing employee records with third parties. Social security numbers, home addresses, phone numbers, bank details. Missing a single instance can trigger regulatory investigations. Financial penalties for GDPR violations reach into millions of euros, calculated as percentages of global revenue.",[68,892,893],{},"Second, competitive protection. A target company's client list, pricing structures, supplier contracts, and strategic partnerships constitute valuable intelligence. Buyers conducting due diligence need to verify commercial relationships exist without learning specific terms that could advantage them in negotiations or, worse, leak to competitors if a deal collapses.",[68,895,896],{},"Third, staged disclosure. M&A transactions progress through phases. Early-stage buyers see summary financials and anonymized contracts. Later, as negotiations advance, additional details unlock. The redaction system needs to support this gradual revelation, with precise control over what each party sees and when.",[17,898,899],{},"The consequences of failure are concrete. A leaked client list can trigger contract renegotiations. Exposed pricing data undermines competitive positioning. Personal information breaches generate regulatory scrutiny that delays or kills transactions entirely.",[17,901,902],{},"And then there's the technical requirement: true redaction must destroy the underlying data bytes, not merely overlay black boxes. Some transaction advisory firms openly discuss tools that can \"un-redact\" documents where the original text remains embedded in the file structure. If buyers or their advisors possess such tools, cosmetic redaction becomes disclosure.",[879,904,906],{"id":905},"the-ai-redaction-theater","The AI-redaction theater",[17,908,909],{},"Legacy VDR providers spotted an opportunity. Artificial intelligence was the solution to every enterprise software problem, apparently including document redaction. Marketing materials promised dramatic results: \"Redact 1,000 files in one click.\" \"80% time savings.\" \"AI-powered pattern recognition.\"",[17,911,912],{},"Datasite, one of the established players, promotes its automated redaction feature prominently. But the demo showcased on their website fails spectacularly. When it functions, the system might identify obvious patterns like social security numbers in structured documents, but complexity defeats it quickly. PDFs with unusual layouts confuse the parser. Scanned images remain completely opaque. Tables scramble its logic.",[17,914,915],{},"The system might correctly identify confidential information in some employment agreements while missing others where formatting differs slightly. No uncertainty scores appear. No confidence intervals. Just green checkmarks and buried liabilities.",[17,917,918],{},"What legacy vendors actually sell is autonomous AI. The system makes decisions about what to redact based on pattern matching and training data. It executes those decisions without meaningful human oversight. The human role reduces to clicking \"approve\" on bulk operations affecting hundreds or thousands of documents simultaneously.",[17,920,921],{},"This autonomy becomes the vulnerability. M&A teams don't need software that makes decisions. They need tools that preserve their ability to make decisions while eliminating mechanical friction.",[17,923,924],{},"The pricing model reveals the vendors' actual priorities. Legacy vendors charges up to an additional €2,500 per data room for AI-assisted redaction. And some count redacted pages as separate files, effectively charging twice for the same document. Teams upload a fifty-page contract, redact ten pages, and discover they're being billed for sixty pages of storage. This has side effects: users redact outside the VDR to avoid inflated charges, undermining the entire purpose of a centralized, auditable system.",[879,926,928],{"id":927},"what-users-actually-need","What users actually need",[17,930,931],{},"The conversation about AI-powered redaction typically focuses on speed and automation. That misses what M&A professionals actually want from their tools.",[65,933,934,937,940,943],{},[68,935,936],{},"Control, first. Deal teams need visibility into every redaction decision. Not trust, verification. The system can suggest, flag, and accelerate, but humans must validate before anything executes. This isn't inefficiency, it's risk management in an environment where a single mistake can cost millions.",[68,938,939],{},"Completeness, second. The fear isn't just making errors, it's missing items entirely. An analyst redacting Pierre-Louis Corteel's information needs the system to identify every variation: P.L. Corteel, Corteel PL, Pierre L. Corteel. Across all documents in the data room, not just the one currently open. Manual review might catch variations in the same file. It won't catch them across 847 employment contracts spread through different folders.",[68,941,942],{},"Security comes third, though in practice it underlies everything. True redaction must destroy data at the byte level. Visual overlays aren't sufficient. The underlying text must disappear from the file structure entirely, preventing any attempt at recovery.",[68,944,945],{},"And pricing transparency matters more than vendors acknowledge. Teams need predictable costs that don't penalize thoroughness. If redacting documents becomes expensive, the economic incentive shifts toward doing less redaction, which directly contradicts security objectives.",[879,947,949],{"id":948},"context-aware-redaction-an-innovative-approach","Context-aware redaction: an innovative approach",[17,951,952],{},"Entropia takes a different approach to redaction. Rather than attempting to make AI autonomous, the platform makes it context-aware.",[17,954,955],{},"The system observes what users do, learns patterns from specific environments, and scales individual decisions across bounded contexts. Critically, every suggestion requires human validation before execution.",[17,957,958],{},"The workflow begins with manual redaction, but amplifies it. An analyst redacts a social security number in an employment contract. That single action creates a bounded context the system replicates. The platform searches every document in the data room for that exact pattern and flags each instance. The analyst reviews the results, confirms matches to apply redaction.",[17,960,961],{},"One judgment call, executed fifty times. The human decided what to redact. The software handled pattern matching and execution.",[17,963,964],{},"This extends to more complex scenarios. A team uploads financial statements monthly throughout a deal. They redact specific salary bands and contract values in the first batch. When new statements arrive weeks later, the system identifies analogous fields based on position, formatting, and previous patterns. It flags them for review. The team confirms or adjusts, then applies.",[17,966,967],{},"The system also handles format variations. Redact \"Pierre-Louis Corteel\" once, and the platform flags \"P.L. Corteel,\" \"Corteel PL,\" and similar variations across all documents. Not automatically redacted, automatically flagged. The distinction matters. Users maintain control while the system prevents oversights that would occur during pure manual review.",[17,969,970],{},"Scanned documents or pdf are usually excluded from automations, but in Entropia, they are fully searchable, with the same redaction workflows applying regardless of how documents originated. This removes a major blind spot where legacy systems fail.",[17,972,973],{},"The search functionality integrates directly with redaction. Search for an item in a document, find ten instances, redact them all in one click. Then the system alerts you to other occurrences in different files. The workflow becomes: search, review results in current document, redact confirmed instances, then address flagged items elsewhere in the data room.",[17,975,976],{},"Pricing follows a different logic entirely. Assisted redaction isn't an add-on feature. Redacted documents don't lead to a per-page upcharge. It's included in the platform. No artificial incentives to redact outside the system. No penalties for thorough document protection.",[879,978,980],{"id":979},"the-pattern-recognition-problem","The pattern recognition problem",[17,982,983],{},"Perhaps the more interesting question is whether M&A teams will demand better tools, or simply adapt to elevated risks. Early evidence suggests they're rejecting automation theater in favor of control.",[17,985,986],{},"The vendors marketing \"one-click redaction for 1,000 files\" aren't addressing what M&A professionals actually need. They're selling the idea of productivity gains to budget holders who don't sit in the trenches reviewing documents. The people doing the actual work understand the difference between speed and thoroughness.",[17,988,989],{},"A context-aware system like Entropia's offer a middle path. The AI doesn't make decisions, it scales decisions humans already made. The human expertise remains central. The software eliminates repetitive mechanical tasks while preserving oversight at critical junctures. This matters because document volumes in M&A continue growing. A mid-sized transaction easily involves thousands of files. Pure manual review becomes a nightmare at scale. But autonomous systems that make unsupervised decisions about sensitive data aren't the answer either.",[17,991,992],{},"The solution involves AI, but not the AI that vendors have been marketing. Not systems that replace human judgment with algorithmic confidence. Instead, tools that extend human judgment across larger datasets while maintaining visibility and control at every step. Whether the VDR industry moves in this direction depends on whether buying decisions come from deal teams who understand the requirements, or from procurement departments optimizing for feature checklists and cost reduction.",[17,994,995],{},"The evidence from conversations with M&A professionals suggests the former is winning. When an associate says \"I'd rather have my intern spend eight hours on redaction than take the risk with AI,\" that's not technophobia. That's someone who understands exactly where liability sits when documents leak or regulators investigate.",[17,997,998],{},"Control, it turns out, means knowing when to automate and when to verify. The best redaction system isn't the one that promises to do everything automatically. It's the one that helps humans do their job better without removing them from the process.",[17,1000,1001,1002,1006],{},"-> Read more about our context-aware data room in ",[220,1003,1005],{"href":1004},"\u002Fblog\u002Fdont-let-your-vdrs-ai-tank-your-deal","this article",".",{"title":112,"searchDepth":113,"depth":113,"links":1008},[],"2025-12-29","Legacy VDRs charge extra for AI-redaction that doesn't work. Entropia has a better idea.","\u002Fblog\u002Fscreenshot-2025-12-29-at-18.50.06.png",{},"\u002Fblog\u002Fen\u002Fcontext-adaptive-file-redaction",{"title":863,"description":1010},"blog\u002Fen\u002Fcontext-adaptive-file-redaction",[129,1017],"ai","ZZfBl0C7Lsuwv6E4yqwomfvuwBjmVjAeVFFGhSqqsqg",{"id":1020,"title":1021,"author":7,"body":1022,"date":1091,"description":1092,"extension":121,"image":1093,"meta":1094,"navigation":124,"path":1095,"seo":1096,"stem":1097,"tags":1098,"__hash__":1101},"blog\u002Fblog\u002Fen\u002Fdata-sovereignty-what-european-customers-need-to-know.md","European sovereignty's true test: ownership",{"type":9,"value":1023,"toc":1089},[1024,1027,1031,1034,1037,1041,1044,1047,1050,1054,1057,1060,1064,1067,1070,1073,1076,1079,1081,1086],[17,1025,1026],{},"A Munich law firm uploads due diligence files to a Frankfurt data center. A Paris investment bank stores M&A documents on servers in Amsterdam. Both assume their data remains European. Yet both remain exposed to American surveillance laws.",[879,1028,1030],{"id":1029},"the-geography-trap","The geography trap",[17,1032,1033],{},"The assumption that hosting data within EU borders shields it from foreign access has become one of corporate Europe's most dangerous misconceptions. Under the US CLOUD Act of 2018 and FISA Section 702, American authorities can compel US-owned companies to surrender data regardless of its physical location. The laws follow ownership, not geography. Microsoft acknowledged this reality in testimony before the French Senate earlier this year, unable to guarantee that customer data stored in European data centers would never be transferred to US authorities.",[17,1035,1036],{},"This jurisdictional tension has turned critical for the European M&A market, where document security determines deal outcomes. The continent processed 9,800 M&A transactions in 2023, a 12 percent increase over the prior year according to LSEG Data & Analytics. Each involved thousands of confidential documents cycling through virtual data rooms. A single compliance breach carries penalties reaching 20 million euros or 4 percent of global revenue under GDPR. More damaging still is the reputational cost when sensitive transaction details surface through foreign surveillance channels.",[879,1038,1040],{"id":1039},"sovereignty-washing","Sovereignty washing",[17,1042,1043],{},"The technical response from American hyperscalers has been predictable. Microsoft, Amazon, and Google now market \"sovereign cloud\" solutions featuring European data centers and local partnerships. Critics call this \"sovereignty washing.\" As Cristina Caffarra, a Brussels-based competition economist, explained to The Register: \"A company subject to the extraterritorial laws of the United States cannot be considered sovereign for Europe. That simply doesn't work.\" The parent company's American domicile ensures continued CLOUD Act jurisdiction, regardless of subsidiary structures or contractual promises.",[17,1045,1046],{},"Genuine sovereignty requires European ownership, not merely European hosting. French cloud provider Scaleway operates under this principle, with data centers in Paris, Amsterdam, and Warsaw controlled entirely by French parent company Iliad Group. No American parent company means no CLOUD Act exposure. The distinction matters operationally.",[17,1048,1049],{},"When Entropia, a virtual data room provider built by former Google engineers, evaluated infrastructure partners for its M&A platform, ownership structure determined the shortlist. The company's MCP server integration allows clients to access AI platforms like Claude and ChatGPT while maintaining document access controls, but the underlying infrastructure must remain immune to non-EU legal frameworks. Partnering with Scaleway solved the jurisdictional problem without compromising technical capabilities.",[879,1051,1053],{"id":1052},"the-market-responds","The market responds",[17,1055,1056],{},"The shift is measurable. Germany's Schleswig-Holstein completed migration of 24,000 civil servants from Microsoft products to open-source alternatives in 2024. The International Criminal Court switched to European collaboration tools after chief prosecutor Karim Khan was temporarily locked from his Outlook account. France TV, GENCI, and the French National Center for Scientific Research signed partnerships with Scaleway rather than hyperscalers for infrastructure requiring full sovereign control. Corporate legal departments report similar patterns, with 67 percent experiencing deal delays due to cross-border compliance verification, according to the European Confederation of Directors' Associations.",[17,1058,1059],{},"The FISA Section 702 renewal in April 2024 sharpened these concerns. The law now covers \"any business with internet-linked infrastructure,\" expanding surveillance reach beyond traditional communications providers to encompass cloud services and data centers. The expansion came despite European Data Protection Board warnings that existing US surveillance laws already fell short of GDPR adequacy standards. Privacy advocates expect the EU-US Data Privacy Framework, which replaced the invalidated Privacy Shield agreement, to face judicial challenge within two years.",[879,1061,1063],{"id":1062},"practical-implications-for-ma","Practical implications for M&A",[17,1065,1066],{},"For M&A practitioners, the implications are straightforward. Due diligence materials, financial projections, and transaction structures constitute precisely the sensitive commercial information that foreign intelligence agencies target for economic advantage.",[17,1068,1069],{},"The theoretical risk of CLOUD Act access during a transaction may be small, but the consequences of exposure are catastrophic. European alternatives eliminate the possibility entirely by removing the jurisdictional vulnerability at its source.",[17,1071,1072],{},"This does not mean European companies must abandon all American cloud services. Hybrid strategies work for many organizations, using global platforms for general computing while routing sensitive transactions through sovereign infrastructure. The key is understanding which workloads demand jurisdictional control. M&A documents, intellectual property repositories, and regulated financial data belong in infrastructure that answers exclusively to European law. Generic collaboration tools and development environments can tolerate broader exposure.",[17,1074,1075],{},"The virtual data room market reflects this calculus. European VDR revenue reached 860 million dollars in 2024 and is projected to quadruple by 2033, driven by regulatory compliance and cross-border transaction complexity. Providers emphasizing European ownership and ISO 27001 certification capture premium pricing from clients prioritizing sovereignty over convenience. The market dynamic suggests that compliance-conscious organizations increasingly view ownership as a security feature rather than a procurement detail.",[17,1077,1078],{},"Perhaps inevitably, the American hyperscalers will continue marketing sovereignty solutions. Their scale, innovation velocity, and ecosystem integrations remain formidable competitive advantages. Yet as long as CLOUD Act jurisdiction follows corporate parentage, these offerings cannot deliver true legal independence. The technical capabilities may be identical, but the legal architecture fundamentally differs. For European organizations handling sensitive M&A transactions, that distinction determines where the data lives.",[28,1080],{},[204,1082,1083],{},[17,1084,1085],{},"CLOUD, in CLOUD Act, is capitalized because it means: \"Clarifying Lawful Overseas Use of Data\" Act.",[17,1087,1088],{},"Image credit: Scaleway",{"title":112,"searchDepth":113,"depth":113,"links":1090},[],"2025-12-26","Extraterritorial laws override server location. True sovereignty requires European ownership, not only hosting.","\u002Fblog\u002Fscreenshot-2025-12-26-at-15.46.48.png",{},"\u002Fblog\u002Fen\u002Fdata-sovereignty-what-european-customers-need-to-know",{"title":1021,"description":1092},"blog\u002Fen\u002Fdata-sovereignty-what-european-customers-need-to-know",[1099,1100],"sovereignty","security","MPbC4-8mejC-KPJS4qdt971DX4CeqkNb0aW7OGr2_6E",{"id":1103,"title":1104,"author":7,"body":1105,"date":1273,"description":1112,"extension":121,"image":1274,"meta":1275,"navigation":124,"path":1276,"seo":1277,"stem":1278,"tags":1279,"__hash__":1280},"blog\u002Fblog\u002Fen\u002Fdont-let-your-vdrs-ai-tank-your-deal.md","Don't let the VDR's AI tank your deal",{"type":9,"value":1106,"toc":1266},[1107,1113,1115,1118,1121,1124,1127,1130,1134,1137,1140,1143,1146,1149,1152,1156,1159,1162,1165,1169,1172,1175,1178,1182,1185,1188,1192,1195,1198,1201,1205,1208,1214,1218,1221,1224,1227,1230,1233,1236,1240,1243,1246,1249,1252,1254],[879,1108,1110],{"id":1109},"vdr-vendors-are-racing-to-add-ai-features-most-are-getting-it-wrong-putting-deals-at-risk",[504,1111,1112],{},"VDR vendors are racing to add AI features. Most are getting it wrong, putting deals at risk.",[28,1114],{},[17,1116,1117],{},"A mid-market M&A team uploads 3,000 documents to their virtual data room (VDR). They activate the vendor's flagship AI redaction tool: \"bulk-redact thousands of files in seconds\", the marketing promised. Minutes later, the system reports completion. Yet buried on page 37 of an employment contract, a social security number remains plainly visible. The AI found punctuation marks to redact instead.",[17,1119,1120],{},"This is the reality of what happens in legacy VDRs today. It even appears in the marketing demo from the world's largest VDR provider... Power users know it well.",[17,1122,1123],{},"VDR providers are racing to bolt generative AI onto their platforms, pitching \"due diligence agents\" and \"intelligent redaction\" to M&A teams who need reliability above all else.",[17,1125,1126],{},"The technology isn't ready. The implementations are naive. And the consequences fall on deal teams who discover, sometimes after buyers have already accessed files, that their AI-powered features failed.",[17,1128,1129],{},"The pitch sounds compelling: let algorithms handle repetitive work, answer buyer questions instantly, flag sensitive information automatically. The reality resembles autonomous driving circa 2010: impressive demos that work on a circuit, but frequent accidents in real life, and no one really willing to remove their hands from the wheel, or to take responsibility for crashes.",[369,1131,1133],{"id":1132},"the-demo-breaks-in-production","The demo breaks in production",[17,1135,1136],{},"Consider two examples that illustrate the pattern: document redaction and Q&A automation.",[17,1138,1139],{},"Automated redaction: Some platforms employ large language models to scan documents for personally identifiable information, promising to eliminate manual review. In practice, these systems struggle with many steps, starting with document parsing: PDFs with complex layouts confound them, scanned images defeat them entirely, tables scramble their logic. A model might correctly identify social security numbers in some documents but miss others, etc.",[17,1141,1142],{},"Worse: there are no safeguards. When these systems err, they do so confidently. No warning flags, no uncertainty scores. Just a green checkmark and a latent liability.",[17,1144,1145],{},"The Q&A implementations present different risks. Some vendors now offer chatbots that answer buyer questions by querying uploaded documents through retrieval-augmented generation. The appeal is obvious: accelerate diligence, reduce email volleys, free up deal team time.",[17,1147,1148],{},"But imagine the scenario: a strategic buyer asks about warranty claims history. The chatbot, trained on incomplete document chunks with a context window that can't span the full file set, responds with a figure. The figure is wrong, off by 40%, or citing a superseded version, or hallucinating entirely. The buyer relies on it. The deal reprices or, worse, litigation follows post-close.",[17,1150,1151],{},"No M&A professional would let a junior analyst answer buyer questions without review. Yet they're being asked to trust a system that cannot explain its reasoning, cannot flag its uncertainty, and cannot be held accountable.",[369,1153,1155],{"id":1154},"the-control-problem","The control problem",[17,1157,1158],{},"The fundamental issue isn't that AI performs poorly, it's that autonomous AI removes human oversight at precisely the moments when oversight matters most.",[17,1160,1161],{},"Sell-side teams don't need software that makes decisions. They need tools that preserve their ability to make decisions while reducing mechanical friction.",[17,1163,1164],{},"Not a system that bulk-redacts files, but one that identifies every instance of a pattern and lets humans verify before applying changes. Not a sloppy chatbot inside the data room, but infrastructure that lets deal teams in control, and potentially use their preferred AI platforms while maintaining custody and control of documents.",[369,1166,1168],{"id":1167},"what-smart-controls-should-actually-look-like","What smart controls should actually look like",[17,1170,1171],{},"The alternative approach doesn't try to make AI autonomous. It makes AI context-aware.",[17,1173,1174],{},"Entropia, a VDR built by former Google engineers, is implementing this philosophy. Rather than adding AI that make autonomous decisions, the platform focuses on three principles: grounding AI suggestions in user behaviour, scaling individual decisions across bounded contexts, and replaying those decisions as circumstances change.",[17,1176,1177],{},"Such a context-aware system observes what you're doing, learns from the patterns in your specific environment, and scales your decisions without making new ones.\nCritically, every suggestion requires human validation before execution.",[255,1179,1181],{"id":1180},"ground-suggestions-in-what-users-are-actually-doing","Ground suggestions in what users are actually doing",[17,1183,1184],{},"When a deal team renames a file, the system doesn't just accept the change. It analyzes the document type, examines how similar files have been named, and suggests standardized nomenclature for the next document. The AI isn't deciding on a naming convention, it's inferring the convention the team is already using and offering to apply it consistently.",[17,1186,1187],{},"The context matters. An agreement uploaded to the \"Contracts\u002FSuppliers\" folder gets different naming suggestions than the same agreement uploaded to \"Contracts\u002FCustomers.\" The AI reads the environment, not just the file.",[255,1189,1191],{"id":1190},"scale-individual-actions-across-bounded-contexts","Scale individual actions across bounded contexts",[17,1193,1194],{},"An analyst redacts a social security number in an employment agreement. That single action (hiding this specific nine-digit string) becomes a bounded context the system can replicate. The AI searches every document in the data room for that exact string and flags each instance. The analyst reviews the results, then applies the redaction across all confirmed matches.",[17,1196,1197],{},"One decision, executed fifty times. The human made the judgment call about what to redact. The AI handled the pattern matching and execution.",[17,1199,1200],{},"This extends to recurring tasks. A team uploads financial statements monthly throughout a deal. They redact certain fields in the first upload (specific salary bands, particular contract values). When new statements arrive, the system identifies analogous fields based on position, formatting, and previous redaction patterns, then flags them for review. The team confirms or adjusts, then applies.",[255,1202,1204],{"id":1203},"replay-decisions-when-circumstances-change","Replay decisions when circumstances change",[17,1206,1207],{},"Documents don't arrive all at once. A data room grows throughout diligence as teams locate additional materials or buyers request specific files. Traditional approaches require reviewing each new upload from scratch: checking for sensitive information, verifying naming conventions, confirming version control.",[17,1209,1210,1211,1006],{},"Context-aware systems treat previous decisions as reusable templates. If ten contracts have already been reviewed and redacted following a specific pattern, the eleventh contract gets automatically scanned for similar elements. Not automatically redacted, but automatically ",[504,1212,1213],{},"flagged for the same review process",[369,1215,1217],{"id":1216},"let-users-work-on-the-data-room-from-their-preferred-ai-platforms-while-staying-in-control","Let users work on the data room from their preferred AI platforms while staying in control",[17,1219,1220],{},"M&A teams already have powerful AI tools they trust. Some use general-purpose platforms (Google Gemini, Mistral, ChatGPT, Claude) for analysis or drafting. Others rely on specialized platforms like Harvey, Hebbia, or Legora for diligence.",[17,1222,1223],{},"These platforms outperform the generic chatbots VDR providers bolt onto their products. They have hundreds (or thousands) of engineers refining models and orchestrating them within sophisticated products. VDR providers, by contrast, are just adding chatbots as naïve interface features, with poor back-end orchestration or infrastructure, and often with minimal quality guardrails.",[17,1225,1226],{},"The relevant question becomes whether VDR providers will accommodate the tools teams have chosen, or force them to use inferior alternatives embedded in the platform.",[17,1228,1229],{},"Today, the only alternative is either to use inferior AI features in data rooms (a poor option which often requires extra payment to the VDR provider), or taking all documents out of the data room to upload them on other AI platforms (which creates copies outside the VDR's security perimeter).",[17,1231,1232],{},"There is a third option. Entropia is providing a secure connection between the VDR and the AI platforms, via a protocol named MCP (for \"Model Context Protocol\") *.",[17,1234,1235],{},"An MCP server enables users to work with whichever AI platform they prefer, but those platforms query the data room through controlled APIs rather than receiving file copies. A lawyer using Claude to analyze sale agreements doesn't download fifty contracts. Claude queries the VDR for relevant clauses, receives text snippets within defined parameters, and generates analysis. The documents never leave secure storage. Every query gets logged inside the VDR, providing insights to the seller. Access permissions remain consistent across human and AI users.",[369,1237,1239],{"id":1238},"what-happens-next","What happens next?",[17,1241,1242],{},"The AI gold rush in enterprise software follows a predictable pattern: vendors add language models because competitors are doing it and investors expect it, not because customers need them. Features proliferate faster than quality control. Early adopters become beta testers with real stakes.",[17,1244,1245],{},"VDRs are particularly unsuited to this dynamic. M&A deals involve sensitive information, tight timelines, and legal exposure. They reward reliability over innovation theater. A chatbot that's right, say, 75% of the time sounds impressive until you consider that the 25% of errors could tank a deal or trigger litigation.",[17,1247,1248],{},"Perhaps the more interesting question is whether M&A teams will demand better, or simply adapt to the new risks. The evidence suggests they're choosing a third path: using AI tools they trust and managed to get right. And those tools don't come from VDR providers.",[17,1250,1251],{},"Control, it turns out, means knowing when to build and when to connect.",[28,1253],{},[204,1255,1256,1261],{},[17,1257,1258],{},[71,1259,1260],{},"* MCP Servers Explained",[17,1262,1263],{},[504,1264,1265],{},"An MCP server acts as a secure intermediary between AI platforms and sensitive data. Rather than uploading files to ChatGPT or Claude directly, which creates copies outside your control, the MCP server exposes predefined APIs that let these tools query your data room for specific context. Users choose their preferred AI platform. Those platforms access only what the user has permission to see, and their actions get logged in the data room. Think of it as a read-only interface for language models, with granular access controls and full audit trails. Teams leverage powerful AI analysis without surrendering document custody.",{"title":112,"searchDepth":113,"depth":113,"links":1267},[1268,1269,1270,1271,1272],{"id":1132,"depth":466,"text":1133},{"id":1154,"depth":466,"text":1155},{"id":1167,"depth":466,"text":1168},{"id":1216,"depth":466,"text":1217},{"id":1238,"depth":466,"text":1239},"2025-12-19","\u002Fblog\u002Fscreenshot-2025-12-19-at-10.39.01.png",{},"\u002Fblog\u002Fen\u002Fdont-let-your-vdrs-ai-tank-your-deal",{"title":1104,"description":1112},"blog\u002Fen\u002Fdont-let-your-vdrs-ai-tank-your-deal",[1017,129],"7Kn5rZelTGE9G3x0nojBajaUXF4pcbDuMD1KF1JYGV0",{"id":1282,"title":1283,"author":1284,"body":1285,"date":1427,"description":1428,"extension":121,"image":1429,"meta":1430,"navigation":124,"path":1431,"seo":1432,"stem":1433,"tags":1434,"__hash__":1435},"blog\u002Fblog\u002Fen\u002Fsoc2.md","Entropia is now SOC 2 Type II certified","The Entropia team",{"type":9,"value":1286,"toc":1420},[1287,1290,1294,1308,1315,1329,1332,1336,1339,1356,1359,1363,1366,1369,1380,1384,1391,1394,1397,1400,1403,1407,1410,1413],[17,1288,1289],{},"Many providers will claim that your data is safe with them, but how do you know? At Entropia, we didn't want customers to take our word for it alone. That's why we went through months of independent, rigorous auditing to achieve SOC 2 Type II attestation.",[12,1291,1293],{"id":1292},"what-is-soc-2-type-ii","What is SOC 2 Type II?",[17,1295,1296,1299,1300,1303,1304,1307],{},[71,1297,1298],{},"\"SOC\""," stands for ",[504,1301,1302],{},"System and Organisation Controls",". It is an audit framework designed by the ",[504,1305,1306],{},"American Institute of Certified Public Accountants"," (AICPA).",[17,1309,1310,1311,1314],{},"The ",[71,1312,1313],{},"\"2\""," distinguishes it from other SOC reports:",[65,1316,1317,1323],{},[68,1318,1319,1322],{},[71,1320,1321],{},"Type I"," evaluates design of controls at a point in time.",[68,1324,1325,1328],{},[71,1326,1327],{},"Type II"," evaluates their operating effectiveness over a period (typically 6–12 months).",[17,1330,1331],{},"For customers, that distinction is crucial. Type II requires months of continuous evidence, not just documents. It's a discipline, not a checkbox.",[12,1333,1335],{"id":1334},"what-entropia-is-doing-to-maintain-soc-2-type-ii","What Entropia is doing to maintain SOC 2 Type II",[17,1337,1338],{},"Achieving SOC 2 Type II standards required implementing and documenting controls that span every part of our organisation:",[65,1340,1341,1344,1347,1350,1353],{},[68,1342,1343],{},"Formal access reviews and permission boundaries",[68,1345,1346],{},"Reproducible build processes",[68,1348,1349],{},"Operational logs, monitoring, and alerting",[68,1351,1352],{},"Incident response procedures",[68,1354,1355],{},"Vendor and subprocessor management",[17,1357,1358],{},"Security isn't a side project. It's in every code commit, every access request, every system change. And crucially, we have been independently audited over several months to prove that these controls are enforced in practice, not just documented in theory.",[12,1360,1362],{"id":1361},"why-this-matters-to-our-customers","Why this matters to our customers",[17,1364,1365],{},"For customers, SOC 2 Type II provides third-party assurance. It shows that security at Entropia is not simply promised but independently verified. It is among the most widely recognised and demanding attestations available to software-as-a-service providers, requiring stringent controls that operate consistently over time.",[17,1367,1368],{},"This means your data is handled responsibly, systems are monitored, and risks are actively managed. At the same time, it reflects structured, disciplined engineering practices: formal access reviews, reproducible build processes, and operational logs that withstand scrutiny.",[17,1370,1371,1372,1375,1376,1379],{},"It didn't ",[504,1373,1374],{},"make"," us secure. It made us ",[504,1377,1378],{},"prove"," it.",[12,1381,1383],{"id":1382},"what-about-iso-27001","What about ISO 27001?",[17,1385,1386,1387,1390],{},"We are not the only ones involved in protecting your data. When you use Entropia, your data is processed through our systems, but when it is stored ",[504,1388,1389],{},"at rest",", it lives on the infrastructure of a cloud provider.",[17,1392,1393],{},"Among our subprocessors, this cloud provider is the most important one: it physically hosts your data. That's why, when evaluating the security of any SaaS provider, it's essential to also consider the security standards of the cloud providers they rely on.",[17,1395,1396],{},"Our hosting partner, Scaleway, is certified under ISO\u002FIEC 27001 — the internationally recognised standard for information security management systems. This certification applies to Scaleway's infrastructure and demonstrates that their data centres and cloud environment are governed by strong security and risk management practices.",[17,1398,1399],{},"For Entropia's customers, this provides an additional layer of assurance: our SOC 2 Type II attestation validates the way we manage and operate our own controls over time, while Scaleway's ISO 27001 certification confirms that the underlying infrastructure on which our services run is also independently verified.",[17,1401,1402],{},"Together, these frameworks address different layers of security — from our operational processes to the physical and cloud environment that supports them.",[12,1404,1406],{"id":1405},"our-floor-not-our-ceiling","Our floor, not our ceiling",[17,1408,1409],{},"SOC 2 Type II is one of the most widely recognised and rigorous security attestations for SaaS providers, and we are proud to meet it. But for us it is only the floor, not the ceiling.",[17,1411,1412],{},"We are adopting a Zero Trust security model on top: an approach in which no device, user, or request is trusted by default. Every action is authenticated, authorised, and monitored continuously. This model goes beyond the requirements of SOC 2 and strengthens resilience at the architectural level.",[17,1414,1415,1416],{},"Read more: ",[220,1417,1419],{"href":1418},"\u002Fblog\u002Fzero-trust","Our zero-trust security model →",{"title":112,"searchDepth":113,"depth":113,"links":1421},[1422,1423,1424,1425,1426],{"id":1292,"depth":113,"text":1293},{"id":1334,"depth":113,"text":1335},{"id":1361,"depth":113,"text":1362},{"id":1382,"depth":113,"text":1383},{"id":1405,"depth":113,"text":1406},"2025-08-15","Entropia achieves SOC 2 Type II certification. What it means for the security of our dataroom.","\u002Fblog\u002Fsoc2-type-ii-header-photo-with-controls.png",{},"\u002Fblog\u002Fen\u002Fsoc2",{"title":1283,"description":1428},"blog\u002Fen\u002Fsoc2",[1100],"eWPuDtZXrgUPhvXCoWry__HN6J6PQG3vGxx99Oc8J1o",{"id":1437,"title":1438,"author":7,"body":1439,"date":1652,"description":1653,"extension":121,"image":1654,"meta":1655,"navigation":124,"path":1656,"seo":1657,"stem":1658,"tags":1659,"__hash__":1660},"blog\u002Fblog\u002Fen\u002Fzero-trust.md","Our Zero Trust security architecture",{"type":9,"value":1440,"toc":1644},[1441,1444,1447,1450,1453,1457,1460,1463,1466,1469,1480,1483,1487,1491,1494,1497,1506,1512,1515,1519,1522,1628,1631,1635,1638,1641],[17,1442,1443],{},"Would you leave your front door unlocked simply because your neighbourhood has a low crime rate?",[17,1445,1446],{},"Many companies, even by meeting compliance standards, implicitly do just that.",[17,1448,1449],{},"Entropia has validated the SOC2 Type II level controls, which corresponds to proving that the neighbourhood is under constant surveillance and demonstrably safe.",[17,1451,1452],{},"But we have chosen to go further and raise the bar with a Zero Trust model.",[12,1454,1456],{"id":1455},"what-zero-trust-means","What Zero Trust means",[17,1458,1459],{},"For decades, corporate networks were built like castles, or fortresses: high walls, a deep moat, and the assumption that anyone allowed inside was trustworthy.",[17,1461,1462],{},"Unfortunately, modern attackers might still steal a key or tunnel under the moat. If they ever manage to get inside, they can wander freely.",[17,1464,1465],{},"Zero Trust rejects the castle. Instead, it assumes that no user, device, or network packet is trustworthy by default. Each request to access resources, whether from an employee, contractor, or application, is treated as if it comes from an untrusted network until it has been inspected, authenticated, and verified. Access is granted only for the minimum necessary purpose and only for as long as needed.",[17,1467,1468],{},"This model is implemented by leading companies such as Google where our CTO, Pierre, spent six years as a Solutions Engineer, gaining firsthand experience of how it works in practice. Google frames the model around three core principles:",[65,1470,1471,1474,1477],{},[68,1472,1473],{},"Assume all network traffic is a potential threat at all times. Every user, device, and flow is subject to ongoing authentication, authorisation, and validation, with any request lacking explicit permission automatically denied.",[68,1475,1476],{},"Enforce least-privileged access. Each entity is granted only the minimum rights needed to complete a task, limiting the ability of attackers to move laterally if compromise occurs.",[68,1478,1479],{},"Always monitor. Continuous oversight analyses and manages activity in real time, identifying potential threats, incidents, and anomalies to investigate.",[17,1481,1482],{},"These principles, first articulated by Forrester and formalised by the U.S. National Institute of Standards and Technology (NIST), form the foundation of our own approach.",[12,1484,1486],{"id":1485},"how-zero-trust-raises-the-bar-above-soc-2","How Zero Trust raises the bar above SOC 2",[369,1488,1490],{"id":1489},"what-is-soc-2","What is SOC 2",[17,1492,1493],{},"Customers increasingly demand evidence that their providers handle data responsibly. SOC2, created by the American Institute of CPAs, has become one of the most widely recognised audit frameworks.",[17,1495,1496],{},"The standard evaluates an organisation's controls across five \"Trust Services Criteria\": security, availability, processing integrity, confidentiality, and privacy.",[17,1498,1499,1500,1502,1503,1505],{},"A ",[71,1501,1321],{}," report describes how controls are designed at a single point in time.\nA ",[71,1504,1327],{}," report, which we have achieved, goes further: it validates that those controls operate effectively over months, not merely on paper.",[17,1507,1508],{},[220,1509,1511],{"href":1510},"\u002Fblog\u002Fsoc2","> Read more about our SOC2 Type II certification",[17,1513,1514],{},"But as robust as it is, SOC 2 is still a framework of proof, not an architecture of defence. It tells customers that the right doors are locked and checked regularly. It does not redesign the building itself.\nThat is why we describe SOC 2 Type II as our floor, not our ceiling.",[369,1516,1518],{"id":1517},"where-zero-trust-goes-further","Where Zero Trust goes further",[17,1520,1521],{},"Zero Trust pushes security beyond compliance checklists into systemic resilience. To illustrate the contrast in concrete terms, here are a few key examples where Zero Trust provides stronger protection than SOC 2 expectations. The list is not exhaustive, but it highlights the most important areas where the difference is most tangible.",[65,1523,1524,1537,1550,1563,1576,1589,1602,1615],{},[68,1525,1526,1529],{},[71,1527,1528],{},"Stolen credentials cannot enable long-term access",[65,1530,1531,1534],{},[68,1532,1533],{},"SOC2: Restrict access to authorised users (often with MFA and roles)",[68,1535,1536],{},"Zero Trust: Continuous verification of user identity, device health, and behaviour at every request (that is, every attempt by a user, device, or application to access a resource)",[68,1538,1539,1542],{},[71,1540,1541],{},"Containing breaches, not only detecting them",[65,1543,1544,1547],{},[68,1545,1546],{},"SOC2: Monitor systems for anomalies and respond to incidents",[68,1548,1549],{},"Zero Trust: Real-time enforcement that blocks risky actions before they escalate",[68,1551,1552,1555],{},[71,1553,1554],{},"Stopping data exfiltration at the source",[65,1556,1557,1560],{},[68,1558,1559],{},"SOC2: Encrypt data in storage and transit",[68,1561,1562],{},"Zero Trust: Add context-aware rules (e.g., downloads blocked from non-compliant devices)",[68,1564,1565,1568],{},[71,1566,1567],{},"Eliminating lingering third-party access",[65,1569,1570,1573],{},[68,1571,1572],{},"SOC2: Assess vendor risk and restrict external access",[68,1574,1575],{},"Zero Trust: Just-in-time, least-privilege access for third parties",[68,1577,1578,1581],{},[71,1579,1580],{},"Limiting the blast radius of incidents",[65,1582,1583,1586],{},[68,1584,1585],{},"SOC2: Demonstrate risk assessments and mitigations",[68,1587,1588],{},"Zero Trust: Architect systems to minimise blast radius by design",[68,1590,1591,1594],{},[71,1592,1593],{},"Maintaining service resilience",[65,1595,1596,1599],{},[68,1597,1598],{},"SOC2: Ensure system availability with continuity plans",[68,1600,1601],{},"Zero Trust: Design resilient architectures that isolate failures and keep services running",[68,1603,1604,1607],{},[71,1605,1606],{},"Protecting confidentiality dynamically",[65,1608,1609,1612],{},[68,1610,1611],{},"SOC2: Document confidentiality and privacy policies",[68,1613,1614],{},"Zero Trust: Enforce context-aware restrictions and encryption by design",[68,1616,1617,1620],{},[71,1618,1619],{},"Reducing insider risk",[65,1621,1622,1625],{},[68,1623,1624],{},"SOC2: Apply HR and access review policies",[68,1626,1627],{},"Zero Trust: Limit insider risk with least-privilege and continuous monitoring",[17,1629,1630],{},"And there is more to it: these examples illustrate some of the obvious contrasts, but Zero Trust also changes the way systems are conceived and built, embedding security into the architecture itself rather than treating it as a compliance exercise.",[12,1632,1634],{"id":1633},"why-should-our-customers-care","Why should our customers care?",[17,1636,1637],{},"For dataroom customers, the implications are crucial. SOC2 compliance means your data is handled responsibly, Zero Trust means it is defended relentlessly. Breaches that would spill across a legacy dataroom provider's environment stop cold within ours.",[17,1639,1640],{},"Building on Zero Trust is more demanding for application developers, because security must be engineered directly into the architecture rather than bolted on later. Zero Trust requires grappling with identity-driven policies (deciding who can access which resources and under what conditions), network segmentation (designing the system so that even if one part is compromised, attackers cannot easily move to another), and continuous telemetry (collecting and analysing data about activity in real time to detect and prevent anomalies).",[17,1642,1643],{},"Together, the two frameworks signal Entropia's ambition to raise the bar for dataroom customers: SOC2 Type II proves we meet one of the toughest industry standards, while Zero Trust shows we aim beyond yesterday's definitions of secure.",{"title":112,"searchDepth":113,"depth":113,"links":1645},[1646,1647,1651],{"id":1455,"depth":113,"text":1456},{"id":1485,"depth":113,"text":1486,"children":1648},[1649,1650],{"id":1489,"depth":466,"text":1490},{"id":1517,"depth":466,"text":1518},{"id":1633,"depth":113,"text":1634},"2025-07-28","Zero Trust explained: learn how Entropia elevates data room security beyond compliance frameworks.","\u002Fblog\u002Fzero-trust-header-picture.png",{},"\u002Fblog\u002Fen\u002Fzero-trust",{"title":1438,"description":1653},"blog\u002Fen\u002Fzero-trust",[1100],"QOeL6-Q6pbo7EuDBT_H0OO07kgui3rhmQKniPgVnI2Q",{"id":1662,"title":1663,"author":7,"body":1664,"date":1919,"description":1920,"extension":121,"image":1921,"meta":1922,"navigation":124,"path":1923,"seo":1924,"stem":1925,"tags":1926,"__hash__":1927},"blog\u002Fblog\u002Fen\u002Fnext-generation-data-room.md","Entropia is building the next generation data room",{"type":9,"value":1665,"toc":1908},[1666,1669,1673,1676,1679,1682,1685,1689,1692,1695,1745,1748,1751,1755,1759,1762,1765,1774,1777,1781,1784,1787,1790,1828,1831,1835,1838,1841,1867,1871,1874,1877,1880,1887,1891,1894,1897,1900,1902,1905],[17,1667,1668],{},"Every strategic transaction begins with a mountain of documents. Collecting, classifying, renaming, redacting, and indexing them usually takes months. Virtual Data Rooms (VDRs) were supposed to make this easier. Instead, they often feel like digital relics: slow, clunky, and priced as if servers still charged rent by the page. Entropia is redesigning this experience.",[12,1670,1672],{"id":1671},"our-rd-journey-ai-document-processing","Our R&D journey: AI document processing",[17,1674,1675],{},"Since founding Entropia, we have been exploring how AI can work in conjunction with private data. We focused on unstructured data: the millions of PDFs, PowerPoints, Scans, Word or Excel files, even Autocad drawings that companies store in their clouds but struggle to exploit.",[17,1677,1678],{},"From early 2024, we developed expertise in four areas: automated document understanding, semantic search across vast corpora, information extraction with generative AI, and chat-based agentic applications.",[17,1680,1681],{},"These capabilities were first deployed in projects with clients in legal, finance, consulting, real estate, and even health care. They took the form of a search engine, a document analysis grid, and later an agent-based platform able to answer questions directly from large internal libraries.",[17,1683,1684],{},"Much of this work centred on due-diligence material with strict confidentiality standards. It became clear that what began as tools for research and knowledge management had an obvious home in the due diligence and transactions processes, and that a natural stage for such technology was the data room.",[12,1686,1688],{"id":1687},"leveraging-our-rd-to-reinvent-the-data-room","Leveraging our R&D to reinvent the data room",[17,1690,1691],{},"Ask any Associate preparing a deal. Data rooms remain indispensable but exasperating: interfaces are often slow, pricing opaque, and critical tasks are often managed outside the platform, in Excel and email threads.",[17,1693,1694],{},"Conversations with data room users revealed a catalogue of recurring pain points:",[65,1696,1697,1703,1709,1715,1721,1727,1739],{},[68,1698,1699,1702],{},[71,1700,1701],{},"Time-consuming preparation",": Collecting, verifying, renaming, classifying and redacting thousands of documents is still largely manual and painfully slow. On the sell-side, analysts and associates too often struggle for the basics. Transactions are highly time sensitive, and every week of delay risks stalling the deal.",[68,1704,1705,1708],{},[71,1706,1707],{},"Outdated interfaces",": Platforms remain too often clunky, slow or buggy, forcing reliance on support teams, and generating stress.",[68,1710,1711,1714],{},[71,1712,1713],{},"Lack of smart functionalities truly leveraging AI:"," Users expect smarter features to cut the drudgery of data room preparation. Yet despite grand promises, most providers deliver little beyond incremental tweaks.",[68,1716,1717,1720],{},[71,1718,1719],{},"Stressful access management",": Granular permissions are complex to set up and easy to mishandle. Some users have to call support teams to make sure they are properly setup.",[68,1722,1723,1726],{},[71,1724,1725],{},"Processes outside the platform",": Critical tasks often spill into Excel sheets, email chains, leading to errors, duplication and inefficiency.",[68,1728,1729,1732,1733,1738],{},[71,1730,1731],{},"Opaque pricing",": Bills are unpredictable and frequently exceed initial estimates, producing invoice shock for clients. Legacy page-based billing models punish users with escalating costs. That's also the experience ",[220,1734,1737],{"href":1735,"rel":1736},"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Farnaud-de-terline\u002F",[224],"Arnaud"," had a few years ago when his former company Arcane was acquired.",[68,1740,1741,1744],{},[71,1742,1743],{},"Data sovereignty:"," For European clients, incumbents have yet to provide convincing answers on data sovereignty. Most rely on US-based cloud providers, potentially leaving sensitive files exposed to extraterritorial claims. Amid sharpened geopolitical tensions, a growing number of european customers now declare they would prefer more sovereign alternatives.",[17,1746,1747],{},"Meanwhile, a new generation of bankers, lawyers and real-estate analysts now expect workplace tools to match the sleekness of the apps they use in daily life, and have little patience for sluggish enterprise software.",[17,1749,1750],{},"With deep experience in document processing, we recognised that their frustrations was an opportunity for us, and resolved to reinvent the data room as if it were designed today: fast, modern, AI-native and transparently priced.",[12,1752,1754],{"id":1753},"our-product-priorities","Our product priorities",[369,1756,1758],{"id":1757},"a-blazing-fast-data-room-experience","A blazing-fast data room experience",[17,1760,1761],{},"The first complaint from many users is the sheer slowness of existing data rooms. What should feel like a simple web app too often behaves like a relic from the early 2000s.",[17,1763,1764],{},"This is less about hardware limits than accumulated technical debt: years of bolted-on features have left incumbents with sluggish systems.",[17,1766,1767,1768,1773],{},"By contrast, Entropia is rebuilding from scratch on a lean modern stack and leveraging best practices that ",[220,1769,1772],{"href":1770,"rel":1771},"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fdulacp\u002F",[224],"Pierre",", our CTO, once deployed at Google to handle services at planetary scale.",[17,1775,1776],{},"The goal is straightforward: a data room that feels as fast and smooth as the consumer apps people now take for granted.",[369,1778,1780],{"id":1779},"focus-on-sell-side-pain-points","Focus on Sell-Side pain-points",[17,1782,1783],{},"We are directing our initial design at the sell-side, with the aim of stripping away the grind of document review, facilitating low-value tasks that consume associates' time.",[17,1785,1786],{},"That being said, we will avoid forcing users out of familiar workflows: existing Excel processes, such as Q&A tracking, will be integrated and enhanced rather than replaced.",[17,1788,1789],{},"Here are the first smart features that we are going to put in production:",[65,1791,1792,1798,1804,1810,1816,1822],{},[68,1793,1794,1797],{},[71,1795,1796],{},"Automatic renaming",": Stop wasting nights re-labelling files. Our data room recognises content and applies consistent names across thousands of documents, learning from your naming habits.",[68,1799,1800,1803],{},[71,1801,1802],{},"Duplicates and version detection",": No more confusion over which draft is final. We spot duplicates and versions instantly, reducing errors.",[68,1805,1806,1809],{},[71,1807,1808],{},"Index allocation",": Instead of dragging files endlessly into the right folder, our data room reads the content and suggests the proper slot on the index.",[68,1811,1812,1815],{},[71,1813,1814],{},"Redaction assistance",": Sensitive details (names, addresses, financial figures) can be flagged and removed faster, while remaining under your control.",[68,1817,1818,1821],{},[71,1819,1820],{},"Semantic search",": No more keyword guessing. Ask questions in plain language and retrieve the right files, even if they are buried deep, or written in another language.",[68,1823,1824,1827],{},[71,1825,1826],{},"Smarter Q&A management",": Keep Excel in the loop but make it intelligent. The platform surfaces similar buyer questions, reduces duplication and helps manage responses seamlessly.",[17,1829,1830],{},"Once this is fully live and adopted, a second wave of features will turn to the buy-side. The challenge there is will be digestion rather than organisation. Associates, lawyers and consultants spend weeks combing through contracts and financials to build diligence matrices, flag risky clauses and extract KPIs. Our aim is to make this work faster and more insightful, with AI tools that surface unusual clauses, pull key metrics and generate structured grids.",[369,1832,1834],{"id":1833},"beyond-security-badges-a-zero-trust-architecture","Beyond security badges: a zero-trust architecture",[17,1836,1837],{},"Data security is one of the first reasons why you want to purchase a data room. From day one, we have handled financial, legal and even health records, which left no room for compromise. Pierre, our CTO, brought with him Google's habit of treating security as a first principle and embedded a zero-trust design into our systems early on.",[17,1839,1840],{},"Three pillars underpin that approach today:",[65,1842,1843,1852,1858],{},[68,1844,1845,1848,1849],{},[71,1846,1847],{},"SOC 2 Type II (audited):"," As this article is being written, we are undergoing audit for SOC 2 Type II, which evaluates how effectively we operate controls over time. It covers everything from access management to incident response, ensuring not just policies on paper but proof of execution.\n--> Read more: ",[220,1850,1851],{"href":1510},"Entropia achieves SOC2 Type II compliance",[68,1853,1854,1857],{},[71,1855,1856],{},"ISO 27001 (via our cloud provider):"," The infrastructure that hosts both our data room and our AI models is certified under ISO 27001 (among other standards), meaning it follows globally recognised best practice for information security.",[68,1859,1860,1863,1864],{},[71,1861,1862],{},"Zero Trust (by design):"," We go beyond compliance. Every request is verified, every system is assumed hostile until proven otherwise. This architecture builds systemic resilience rather than relying solely on checklists.\n--> Read more: ",[220,1865,1866],{"href":1418},"Our zero-trust security model",[369,1868,1870],{"id":1869},"beyond-gdpr-compliance-sovereignty-for-european-customers","Beyond GDPR compliance: sovereignty for European customers",[17,1872,1873],{},"Data sovereignty is a growing concern as geopolitical uncertainty mounts.",[17,1875,1876],{},"On the legal side: extra-territorial laws such as America's CLOUD Act or FISA 702 give U.S. authorities the power to compel access to data held by American cloud providers, regardless of where the servers are located.",[17,1878,1879],{},"That makes it impossible for them to guarantee European clients full protection, even when they claim that \"data is hosted on european servers\".",[17,1881,1882,1883,1886],{},"By contrast, hosting exclusively in Europe ",[504,1884,1885],{},"and"," with a European provider allows us to offer something rare in the data room market: genuine insulation from foreign surveillance laws.",[369,1888,1890],{"id":1889},"transparent-and-flexible-pricing","Transparent and flexible pricing",[17,1892,1893],{},"Last but not least comes pricing, where most data rooms remain oddly stuck in the 1990s. Back when rooms were physical and files sat in metal lockers, charging per page made sense: more pages meant more shelves, more space, more rent. Yet the industry has clung to this proxy long after the files went digital. The catch is obvious: no one knows in advance how many pages a deal will generate.",[17,1895,1896],{},"That opacity has proved costly. Many sellers are lured by low initial estimates, only to suffer invoice shock at closing. Arnaud, when selling his previous firm, ended up paying three times the sum initially quoted by the Datasite representative. To make matters worse, critical functions for M&A professionals are often sold as pricey add-ons, slowing the process if they are not purchased.",[17,1898,1899],{},"We see little value in perpetuating that model. While we can match market practice if clients insist, our preference is to offer a fixed monthly price tied to gigabytes, with unlimited access to all features. No surprises, no invoice shock.",[28,1901],{},[17,1903,1904],{},"For transaction professionals weary of outdated tools, Entropia offers a chance to see what a data room looks like when reimagined from scratch. Built on modern infrastructure, equipped with AI where it matters, shielded by European data sovereignty, and priced with clarity, it is designed for the realities of today's transactions rather than the habits of yesterday's vendors.",[17,1906,1907],{},"If you spend your nights chasing versions, managing Q&A in spreadsheets or bracing for invoice shock, we invite you to give Entropia a try and see how much smoother a deal can feel when the data room finally works for you.",{"title":112,"searchDepth":113,"depth":113,"links":1909},[1910,1911,1912],{"id":1671,"depth":113,"text":1672},{"id":1687,"depth":113,"text":1688},{"id":1753,"depth":113,"text":1754,"children":1913},[1914,1915,1916,1917,1918],{"id":1757,"depth":466,"text":1758},{"id":1779,"depth":466,"text":1780},{"id":1833,"depth":466,"text":1834},{"id":1869,"depth":466,"text":1870},{"id":1889,"depth":466,"text":1890},"2025-06-03","Our innovation journey and how we redesign data rooms for today's transaction professionals.","\u002Fblog\u002Fscreenshot-2025-09-04-at-22.13.56.png",{},"\u002Fblog\u002Fen\u002Fnext-generation-data-room",{"title":1663,"description":1920},"blog\u002Fen\u002Fnext-generation-data-room",[129],"1doz-ixCZCU2GQep7zryJ0Et6Oc1ulw5_Llu6Hj57rs",1777637393530]