Email Sales

Email Sales

Need product support? Please visit our Customer Support page.





Merrill DataSiteOne Help Center

Are you new to Merrill DatasiteOne or just getting started with our virtual data room? Get answers to frequently asked questions about our industry-leading information-sharing platform. Your Merrill project manager will also respond to any questions you may have.

  • Background: Datarooms
    • What is a traditional data room?

      A traditional data room is a secure space used to house, organize and exchange data among parties involved in a strategic business transaction. Traditional data rooms are physical locations where paper copies of documents are compiled, stored and managed.

    • What is a virtual data room?

      A virtual dataroom is a secure online repository of documents used for hosting and the distribution of information. Typically, a dataroom is used to facilitate the due diligence process during an M&A transaction or other capital transactions. The dataroom allows administrators to make confidential documents available at will while being able to monitor reviewers’ due diligence actions.

    • What are the risks in using a consumer grade file sharing system vs a purpose built virtual data room?

      Consumer grade file sharing systems such as Box, Dropbox™, and Google Drive™ market themselves as low-cost solutions for the high-stakes challenges of M&A due diligence. However, recent security incidents have shown that they are not a viable solution for the requirements of a secure, purpose built application that targets the challenges of complex M&A due diligence.

    • Why use a data room such as DatasiteOne designed exclusively for the M&A industry?

      The process of participating in a successful M&A transaction is a complex process for both buyers and sellers. The abundance of minute details involved in this multifaceted practice requires the intricate coordination of vast groups of personnel, the sharing of sensitive business information, revealing time-sensitive milestones, and the discovery of hidden costs while maintaining accurate communications to all participating parties. With the importance and size of today’s M&A transactions, enterprises must rely on leading solution providers that can eliminate both the security and legal risks associated with these procedures while facilitating the distribution of critical information during this essential business process.

    • What should I look out for when choosing a data room for M&A?

      While options exist in the market, they are certainly not equal. When evaluating providers, it is best to grade on six criteria:

      1. Speed - Opportunities arise quickly. The top viritual data rooms are built for rapid implementation no matter the size or complexity of the deal and site content.

      2. Simplicity - As the pressure of transaction due diligence rises, you need an application that is intuitive, smart and efficient. One that delivers features and functionality to drive efficiency and unlock productivity for users on both the sell-side and buy-side of corporate events.

      3. Security - Comprehensive M&A due diligence is simply too important to trust to off-the-shelf file sharing services that are vulnerable to malicious intruders. Proper controls not only protect your sensitive content, but also secure your competitive advantage.

      4. Service - Always on, omni-channel support, with fluency in multiple languages.

      5. Innovation - High velocity, foward-thinking, agile product development that continously delivers new features and functionality.

      6. Expertise - Best-in-class providers stay on top of ever-changing regulations and industry trends so you can focus on optimizing deal outcomes. Select a provider that brings deep, industry specific subject matter expertise and will offer best practice guides for data room setup and ongoing support throughout due diligence lifecycle.

  • Background: Due Diligence
    • What is due diligence?

      Due diligence is the phase of a deal in which the acquirer/buyer/investor performs extensive review of the target’s records and information in order to properly formulate a proposed value of the entity and structure for the deal.

    • What happens during due diligence?

      Due diligence is an all too important part of buying a business. This phase of a business transaction allows the buyer access to all the records and contracts of the business, and is the time for the buyer to assess whether or not to proceed with the business purchase and how much they are ultimately ready to pay.

      To accelerate due diligence, most often a virtual data room (VDR) will be used to secure content, automate tasks, simplify processes and streamline workflows.

  • Background: Q&A
    • What happens during Q&A?

      A central element of comprehensive due diligence for potential buyers of any asset is to ask questions of the seller to gain clarity about the asset under consideration. These questions may arise as a result of information contained on documents in a data room, or perhaps are critical questions of which the buyer requires an answer before making a decision on whether or not to move forward with the transaction.

    • What's the best way to manage Q&A?

      Historically Q&A was managed in an off-line process through email and updating of an Excel spreadsheet. Our own statistics demonstrate that nearly 500 questions are asked by prospective buyers on every data room project, meaning that managing Q&A offline introduced additional time and unnecessary risk to an already complex due diligence process.

      After pioneering Q&A functionality to virtual data room technology in 2006, deal professionals using Merrill Datasite, and now DatasiteOne, quickly recognize the efficiencies that could be gained by having a central location, inside the virtual data room, where they could not only establish question and answer teams, but directly manage question and answer workflow. This has nearly eliminated off-line processes.

  • DatasiteOne: Access/Compatibility
  • DatasiteOne: Contact/Policies
  • DatasiteOne: File/Folder Management
    • Can anyone load files to my DatasiteOne project?

      Adding files to your project can be executed by anyone in a Project Administrator role. In addition, DatasiteOne features a Limited Site Administrator role. Users with these permissions have some file management capabilities, including upload, rename, move and delete.

    • How do I start a new project?

      Once an SOW is signed, a Merrill project manager is assigned immediately. In a matter of minutes, they will have your project provisioned and ready for you to begin uploading documents, setting permissions and inviting users.

    • How much space does my team get?

      There are no file storage limitations. DatasiteOne has hosted projects with hundreds of thousands of pages, and hundreds of GB.

    • How long will it take before my project is ready for me to load documents?

      Once we receive a signed statement of work, a Merrill Project Manager is assigned to your project immediately. They begin work right away to have your project ready for initial document upload in a matter of minutes.

    • What is new about setting document and user permissions in Merrill DatasiteOne?

      Merrill DatasiteOne introduces a new, powerful security grid for easily assigning cascading permissions across the entire document collection and multiple roles at one time. Coupled with an intuitive graphical user interface, this means that site administrators can visually compare project, folder and individual file settings while reducing mistakes during the sensitive permission setting process.

    • Is there a limit to the document upload size? How fast do documents load to a project?

      Merrill DatasiteOne product engineers have revolutionized the document upload process. Upload multiple documents simultaneously with up to 400% faster document processing than other solutions in the market. The current maximium upload size for an individual file is 2GB with a 50GB limit for zip files.

  • DatasiteOne: Platform Architecture
    • My IT department has questions about DatasiteOne – what should I tell them?

      DatasiteOne delivers robust capabilities to authorize, control and monitor access – all while enabling efficient internal collaboration and seamless reviewer access that is critical to a deal’s success.

      Merrill’s proactive security posture consists of three elements:

      1. Using advanced security technology across the development, testing and operational stages.
      2. Aligning security functionality with industry best practices.
      3. Rigorous implementation of security protocols.

      DatasiteOne puts the VDR administrator in charge of access controls with an array of authentication and permission options, ensuring the data security chain.

      • Automatic and periodic password reset controls
      • Permission management at the user, group and document levels

      Merrill developed the DatasiteOne architecture and engineering based on best-in-class practices.

      • Presentation layer, application processing and data management functions subject to logical abstraction
      • Coding conducted using SANS and OWASP guidelines
      • Vulnerability scanning and penetration testing of applications conducted at regular intervals.

      Additional information on data, systems, network and infrastructure security as well as global regulatory compliance can be found at this link - DatasiteOne Security Overview

    • What is Merrill DatasiteOne?

      Merrill DatasiteOne virtual data room (VDR) is not only the pioneer in the industry – it’s the future of virtual data room technology. Get up and running smoothly and sooner than anticipated. Exponentially improve collaboration. Find what you need faster. Conduct due diligence for IPOs, mergers or acquisitions, or handle bankruptcy filings with speed, airtight security and 100% accuracy. Create critical document repositories and manage intellectual property and assets with precision and confidence. DatasiteOne is more than a VDR. It is peace of mind.

    • Is the DatasiteOne interface available in different languages?

      Business is global – and so are we. Merrill DatasiteOne is localized in 14 languages (English - US, English - Anglicised, Simplified Chinese, Traditional Chinese, Japanese, Korean, French, German, Spanish, Swedish, Italian, Turkish, Polish, Russian, Brizilian Portuguese)

    • What is content staging?

      Flexible publish and unpublish settings allow DatasiteOne Project Administrators to stage and review content in an unpublished state prior to opening it up to Reviewers (i.e., buyers).

    • What makes the DatasiteOne platform architecture leading edge technology?

      Our new, modern and cutting edge architecture utilizes microservices and APIs allowing us to make updates quickly and easily. Gone are the days of quarterly product releases, weekend or overnight blackout periods – our goal is continuous innovation and continuous delivery (CICD) of new features and functions to our users. We deploy new code daily so users are continuously working with the latest version.

    • What are microservices and APIs?

      Merrill DatasiteOne's microservices architecture enables continuous delivery and deployment of new features by structuring an application as a suite of independently deployable, modular services. This makes the application easier to understand, develop, test and deploy.

      An application program interface (API) is a set of routines, protocols and tools for building software applications that connect and define how software components interact. APIs make it easier for developers to use certain technologies to build applications.

    • How is Merrill utilizing Microsoft technology in Merrill DatasiteOne?

      Merrill DatasiteOne is a secure SaaS application that runs on top of Microsoft’s Azure® Cloud Services, leveraging the power and security of the Azure secure cloud computing platform and infrastructure. It is the foundation of our ability to host the DatasiteOne application in the cloud.

      In addition to Merrill’s security protocols and access controls, Merrill DatasiteOne benefits from Microsoft’s $1B market-leading security investments. Microsoft Azure gives Merrill the agility to grow quickly to meet customer demand and experiment with new features.

    • What makes search so much faster and precise in Merrill DatasiteOne?

      We utilize Elasticsearch, the most powerful enterprise search engine. It is built on modern principles aimed at today's use cases allowing us to handle large document repositories while providing unprecedented search speed.

    • Merrill DatasiteOne introduces a new, modern user interface and enhanced user experience. How will that benefit Project Adminstrators and Users?

      DatasiteOne was built with constant feedback from more than 1,200 acutal users, giving real-world insight to help us deliver a powerful user-friendly experience. 

      The streamlined user interface makes it easier than ever to quickly and easily build your data room for faster dealmaking. Built from the ground up, we have optimized every part of the application from logging in for the first time, to closing your project when the deal closes. You'll discover unparalleled ease of use, faster response times and a more engaging data room experience with DatasiteOne.

  • DatasiteOne: Security
    • Does DatasiteOne offer IRM (Information Rights Management) controls for increased document security?

      Yes. Integrated IRM technology enables Project Administrators to set revoke access to downloaded documents (Microsoft Office and PDF files) by role. Other file types will be downloaded as a watermarked PDF if watermarking is enabled on the project.

    • Can I add a project disclaimer?

      Yes. DatasiteOne Project Administrators can either use the standard project disclaimer or customize the disclaimer to meet specific project requirements. Frequency settings include First Login or Every Login.

    • How can I ensure all confidential documents are secure inside Merrill DatasiteOne?

      As a multi-tenant cloud application, Merrill DatasiteOne uses the latest cloud security best practices.

      • User information, application data and logs are stored and maintained separately
      • Passwords are treated with cryptographic hash algorithms
      • Customer supplied files encrypted at-rest with AES 256-bit encryption and backed up according to a pre-defined schedule
      • In-transit data secured via Transport Socket Layer (TLS) 1.2 protocol
      • Events captured, analyzed and actioned in real time
      • Customer files accessed only upon request and supported by documented access review and change management processes
      • Upon project closure, project files are purged after 30 days


  • DatasiteOne: Service
    • Where can I find an online tutorial?

      While DatasiteOne users tell us that the app is highly intuitive and they are often up and running in a matter of minutes, they also have access to a robust on-line help community where answers to FAQs and tips/hints are posted. For a preview, click here: DatasiteOne Help Community

    • Is training required to use Merrill DatasiteOne?

      One of the benefits of Merrill DatasiteOne is it's immediately familiar and easy to use for a fast start – even for first time users. Our expert Project Management team is always ready to assist, but most customers report that they are up and running in minutes.

    • How do I contact my DatasiteOne project manager?

      Merrill’s dedicated team of proven subject matter experts are well-versed in a wide variety of deal types and deliver always-on, omni-channel support.

      • 24/7/365 (phone, email, chat)
      • 15 languages spoken
      • Online DatasiteOne Help Community
      • Calls answered in 3 rings or less
  • Merrill: Contact/Policies
  • Merrill: General Info
    • What Use Cases does Merrill support?

      Merrill supports clients executing corporate and company actions including acquisition, bankruptcy, divestiture, exchange offer, merger, privativation, reorganization, spin-off and tender offer.

    • How does Merrill price its technologies and services?

      Merrill’s pricing is completely transparent and all-inclusive. There are no surprise add-ons and zero hidden costs. To request a quote for any of our technologies and services including Merrill Bridge and Merrill Connect, contact us.

    • How many servers does Merrill DatasiteOne operate on and how much storage can the application hold?  

      Merrill DatasiteOne is hosted in two regions: North America and Europe. It runs on approximately 1,000 servers. Because DatasiteOne leverages the Microsoft Azure cloud hosting infrastructure, there are no storage capacity constraints.

    • What enables Merrill to release new features on a regular basis?

      Merrill DatasiteOne is built expressly with the flexibility to continuously innovate and deliver new features and functions across the entire application at any time. We employ an agile code development methodology, a microservices architecture and cloud native tooling. With this structure, as new features and functions are created or upgraded, we can deploy those improvements immediately to our customers. There are no mandatory weekend or overnight outages or full-platform code releases.

  • Merrill: Security
    • How does DatasiteOne mitigate risk under the General Data Protection Regulation (GDPR)?

      Merrill is already compliant with the existing Data Protection Directive 95/46/EC and proactively took the steps required to continue compliance as GDPR became effective on May 25, 2018. Merrill has a working group that regularly reviews, maintains and improves Merrill’s data protection policy.

      • Merrill is ISO/IEC 27001 certified – Merrill’s processes are audited against global standards required for maintaining confidentiality, security and integrity for all data that Merrill processes.
      • Merrill’s platforms (Merrill DataSite, Merrill DatasiteOne) provide clients with the opportunity to manage uploaded data, including choosing the level of access for any user. While Merrill can facilitate, the client is ALWAYS in control of its data.
      • Merrill has invested in European client support and hosting facilities to maintain localization of data in the EU.
      • Merrill’s U.S. entity is Privacy Shield certified for clients with cross border requirements.
      • Merrill conducts privacy impact assessments on a regular basis and provides training on data privacy obligations to ensure best practices are met and industry leading solutions are implemented where personal information is concerned.
    • How does Merrill protect project data?

      Our dedicated security organization drives alignment across Merrill for deep risk management and strong governance. Security measures include:

      • All Merrill product offerings have been ISO 27001 certified since 2008
      • Merrill DatasiteOne has received SSAE 16 SOC 2 Type II attestation
      • Merrill is EU-US Privacy Shield certified and GDPR compliant
      • Our infrastructure provider is ISO 27001, SSAE 16 SOC 2 Type II compliant and FedRAMP certified
      • Merrill employees, where legally possible, are subject to background checks that includes screening for drugs, qualifications and previous employment
      • All Merrill staff are subject to mandatory annual security training, including acknowledgment of security and conduct codes and non-disclosure agreements
      • Security incident response plan tested annually and includes external and internal notification, escalation procedures and communication criteria
      • Disaster recovery plan tested at prescribed intervals to ensure compliance with self-imposed timeframes and quality objectives


Need assistance? Our customer service team is accessible at any time, day or night.

Contact us
I agree

This site uses cookies to offer you a better experience. For more information, view our privacy policy.