Granular access controls
Group permissions, 2FA, NDA processing before access, customisable watermarks, View As mode, full audit logs with time-per-page tracking. The rigour banks expect, by default.
A platform you can trust
Entropia protects your M&A documentation with enterprise-grade controls across every layer: security, data privacy, and European sovereignty.
Encryption at every layer
Files encrypted at rest and in transit. Downloads encrypted with revocable access. Physical USB archives encrypted by default. State-of-the-art cryptography across the stack.
No model training
Your data is never used to train AI models. Our agreements with sub-processors contractually exclude any use of client content for training. The terms are auditable on request.
Zero Trust architecture
No user, device, or request is trusted by default. Every access is continuously authenticated, authorised, and monitored. SOC 2 Type II is our floor. Zero Trust is our ceiling.
Independently audited
SOC 2 Type II attestation, ISO 27001 certified infrastructure via Scaleway, GDPR-compliant by design. Continuously verified, not certified once and forgotten.
European data sovereignty
French company, French cloud, immune to U.S. extraterritorial laws. Your M&A documentation cannot be reached by FISA 702 or the CLOUD Act. The only sovereign VDR for European customers.
Built on the standards that matter
We meet the certifications and frameworks that M&A advisors, law firms, and corporates require.
The only sovereign VDR for European customers
European Sovereignty requires both European company ownership and European cloud infrastructure.
Sovereignty is about ownership, not server location. Under the U.S. CLOUD Act and FISA Section 702, American authorities can compel U.S.-owned companies to surrender data regardless of where it is physically stored. The laws follow ownership, not only geography.
Entropia is a European company. Our infrastructure runs on Scaleway, a European cloud provider controlled by Iliad Group. No CLOUD Act exposure.
European sovereignty's true test: ownership| Data room | Company | Cloud infrastructure | EU Sovereignty |
|---|---|---|---|
| Entropia | ๐ซ๐ท | ๐ซ๐ท Scaleway (Iliad) | โ |
| Datasite | ๐บ๐ธ | ๐บ๐ธ Azure / Google | โ |
| Intralinks | ๐บ๐ธ | ๐บ๐ธ AWS | โ |
| iDeals | ๐ฌ๐ง | ๐บ๐ธ AWS | โ |
| Ansarada | ๐บ๐ธ | ๐บ๐ธ Azure / AWS / Oracle | โ |
| Drooms | ๐ฉ๐ช | ๐บ๐ธ AWS, ๐ฉ๐ช Local | โ๏ธ |
| DFIN | ๐บ๐ธ | ๐บ๐ธ Azure | โ |
| Closd | ๐บ๐ธ | ๐บ๐ธ AWS | โ |
Always-on transparency
Every control documented. Every incident published.
Trust Center
Every control we operate, documented and continuously monitored. Access management, encryption, vulnerability management, incident response, business continuity, and more.
Explore the Trust CenterService status
Real-time uptime, incident history, and ongoing maintenance.
View status pageFrequently asked questions
Security at Entropia is built into every layer of the platform: how users authenticate, how data is stored and transmitted, how access is controlled, how incidents are handled. The answers below cover the questions clients and prospects raise most often during vendor assessments.
Read more from our security team
security
Entropia is now SOC 2 Type II certified
Entropia achieves SOC 2 Type II certification. What it means for the security of our dataroom.
Read more
sovereignty
European sovereigntyโs true test: ownership
Extraterritorial laws override server location. True sovereignty requires European ownership, not only hosting.
Read more
security
Our Zero Trust security architecture
Zero Trust explained: learn how Entropia elevates data room security beyond compliance frameworks.
Read more