IPO
IPO Overview IPO Readiness IPO Checklist IPO Timeline S-1 Section by Section IPO Lock-Up Agreements The IPO Bookbuild IPO Pricing Night The Greenshoe Option IPO FAQs
SPAC
SPAC Overview SPAC vs IPO
Direct Listing
Direct Listing Overview
Pre-IPO Capital
Going Public vs. Staying Private SAFE Notes Convertible Notes Preferred Stock & VC Terms Venture Debt Cap Table Guide 409A Valuations What Is an EGC?
Financial Reporting
Non-GAAP Metrics Revenue Recognition (ASC 606) SOX 404 Guide Stock Compensation (ASC 718) Lease Accounting (ASC 842) Business Combinations (ASC 805) The First 10-K
Sector IPO Guides
SaaS IPO Guide Biotech IPO Guide Marketplace IPO Guide Fintech IPO Guide
Resources
All Resources Glossary About Get IPO Checklist →
Home IPO Team Selecting a VDR Provider
👥 IPO Team Track

Selecting a Virtual Data Room — Security and Workflow Over Brand Name

The VDR is where your most sensitive pre-IPO materials live during due diligence. Security, permission controls, and access audit trails matter more than which bank your underwriters prefer.

Last updated: June 2026
Full Team Guide Financial Printer Guide

At a Glance

Engage 3–4 months pre-S-1
Typical document count 500–1,500 files
Users Underwriters, lawyers, auditors
Pricing model Per-page or flat fee
Security standard SOC 2 Type II minimum
Often bundled with Financial printer

A virtual data room (VDR) is the secure online repository where all due diligence materials — financial statements, contracts, board minutes, cap table details, and legal documents — are shared with the underwriters, their counsel, and the auditors during the S-1 process. Choosing the right VDR affects how efficiently due diligence proceeds and how securely your most sensitive materials are protected.

What a VDR Is Used For in an IPO

  • Underwriter due diligence: Lead bookrunner and co-managers review the full document package — typically 500–1,500 documents — as part of their 10b-5 due diligence obligation before signing the underwriting agreement.
  • Legal due diligence: Underwriters' counsel and company counsel use the VDR to review material contracts, litigation, IP, employment agreements, and corporate records.
  • Auditor access: The PCAOB auditor accesses financial records, contracts relevant to accounting treatment, and support for audit sampling through the VDR.
  • Comfort letter process: The financial printer and auditor use the VDR during the comfort letter process in the days before pricing.

VDR Providers

Market Leader

Datasite (formerly Merrill DataSite)

The largest standalone VDR provider by deal volume. Strong AI-powered document organization and redaction tools. Deep integrations with legal workflow tools. Used on the majority of large-cap M&A and IPO transactions. Per-page or per-user pricing model. Frequently bundled with Toppan Merrill financial printing services.

Strong Alternative

Intralinks

Intralinks is the second-largest standalone VDR provider, historically strong in leveraged finance and M&A transactions. Solid security infrastructure and compliance certifications. Often preferred by financial institutions. Pricing is competitive with Datasite.

Cost-Competitive

Ideals · Ansarada · CapLinked

Modern, cost-competitive VDR platforms with strong UX and reasonable pricing for mid-market IPOs. Ideals in particular has won significant market share on $200M–$2B transactions with flat-fee pricing that is significantly below Datasite and Intralinks per-page models.

Bundled With Financial Printer

DFIN ActiveDisclosure · Toppan Merrill DataSite

If you use DFIN or Toppan Merrill as your financial printer, VDR is often bundled or available at a discount. Evaluate whether the bundled VDR meets your needs before paying for a standalone product — but do not let the bundled price anchor your decision if a specialist VDR offers materially better security or workflow tools.

What to Evaluate

  • What are your security certifications — SOC 2 Type II, ISO 27001, and GDPR compliance?
  • What is your pricing model — per-page, per-user, or flat fee? What is the total estimated cost for a typical IPO due diligence process?
  • How do you handle permission controls — can we set granular access by party (underwriters vs. underwriters' counsel vs. auditors)?
  • What is your document upload and indexing process — do you provide indexing assistance or AI-powered document categorization?
  • What activity reporting is available — who accessed which documents and when?
  • What happens to the data room contents after the IPO closes — how long are documents retained and how are they deleted?
📚

IPO Due Diligence Resources

Guidance on the IPO due diligence process and documentation requirements

⚖️
Latham & Watkins · Free PDF

US IPO Guide — Due Diligence Sections

Covers the underwriter due diligence process, the 10b-5 due diligence standard, and what the VDR is expected to contain.
🔢
Deloitte · Sept 2025

IPO Roadmap — Documentation

Covers the financial documentation requirements that flow into the VDR for auditor and underwriter review.

VDR Use Cases in the IPO Process

A virtual data room (VDR) is used throughout the IPO process for multiple distinct workstreams, each with different access requirements:

  • Legal diligence: IPO counsel and underwriter counsel conduct comprehensive legal due diligence — reviewing all material contracts, IP assignments, litigation records, equity documents, and regulatory filings. The VDR provides controlled access to these materials for the diligence teams.
  • Financial diligence: The underwriters' financial diligence team (separate from their legal team) reviews the company's financial records, management accounts, customer contracts, and revenue recognition documentation.
  • Auditor access: The PCAOB auditor may use the VDR to access support documents for the audit — invoices, contracts, board minutes, and other evidentiary materials.
  • Underwriter coordination: Managing the flow of information from the company to the multiple underwriting banks — the lead, co-managers, and selling group members — during the IPO process.

Major VDR Providers

ProviderMarket PositionBest ForApprox. Cost
Datasite (formerly Merrill DataSite)Market leader in M&A and capital markets VDRsLarge, complex transactions; global diligence teams; enterprises that need advanced permissions management$5K–$30K/month
IntralinksEstablished provider; strong in financial servicesBanks, PE firms, large transaction teams familiar with the platform$4K–$25K/month
Donnelley Financial (DFIN) VenueIntegrated with financial printing; bundled with S-1 productionCompanies using DFIN as financial printer who want an integrated solutionOften bundled with printing fees
Box / SharePointGeneral enterprise file sharing; not purpose-built for legal diligenceVery early-stage companies with limited diligence scope; not recommended for full IPO diligenceLow — existing enterprise license

Setting Up the VDR — What Goes In

A well-organized VDR follows a standard folder structure that diligence teams can navigate efficiently. Standard top-level folders:

  • 01 Corporate / Governance (certificate of incorporation, bylaws, board minutes, equity plan documents)
  • 02 Cap Table (all preferred stock agreements, SAFE notes, convertible notes, option grants, warrant agreements)
  • 03 Material Contracts (customer contracts above materiality threshold, vendor contracts, partnership agreements, licensing deals)
  • 04 Intellectual Property (patent filings, trademark registrations, copyright registrations, software licenses, IP assignment agreements from founders and contractors)
  • 05 Financial Statements (historical financial statements, management accounts, audit reports)
  • 06 Tax (filed tax returns for prior years, tax assessments, any IRS correspondence)
  • 07 Litigation (list of all pending and threatened litigation, insurance claims, regulatory investigations)
  • 08 Real Estate (office leases, data center agreements)
  • 09 Employment / Benefits (executive offer letters, equity agreements, benefits plan documents, HR policies)
  • 10 Regulatory / Compliance (regulatory licenses, regulatory correspondence, compliance policies)

What Goes in the IPO VDR

The VDR document package for an IPO typically contains 500–1,500 documents organized into a structured index. Underwriters' counsel and the company's auditors will request specific documents — having them pre-organized in a logical index (rather than uploaded in a flat folder) materially reduces due diligence time and friction.

Standard IPO VDR folder structure:

  • Corporate records: Certificate of incorporation (all versions), bylaws, board and committee minutes (3 years), capitalization documents, stockholder agreements
  • Financial statements: Audited financials (3 years), management accounts, interim financials, budget and forecast models, debt schedules
  • Material contracts: Top customer contracts, significant vendor/supplier agreements, partnership agreements, material licensing agreements
  • Intellectual property: Patent filings and status, trademark registrations, copyright registrations, technology ownership agreements
  • Employment and equity: Employment agreements for senior officers, equity plan documents, option grant schedules, all SAFE and convertible note documents
  • Litigation and regulatory: All pending and threatened litigation, regulatory correspondence, consent decrees, governmental inquiries
  • Real estate: All lease agreements, sublease arrangements, property ownership documents
  • Insurance: All current insurance policies, claims history

Security Standards to Require

The VDR will contain the company's most sensitive commercial, financial, and legal documents. Minimum security certifications to require from any VDR provider:

  • SOC 2 Type II certification: Independent audit confirming the provider's security controls operate effectively over time — not just on a point-in-time basis
  • ISO 27001: International information security management standard; indicates a systematic approach to security management
  • Fence-view and dynamic watermarking: Documents viewed in the VDR should not be downloadable without a visible watermark containing the viewer's name, date, and access log
  • Granular permission controls: Ability to grant read-only access to specific folders to specific user groups (underwriters' counsel sees everything; co-managers see the subset relevant to financial due diligence)
  • Full audit logging: Every document view, download, and search query logged with user, timestamp, and IP address — essential for tracking which investors have accessed which information

VDR Cost and Pricing Models

VDR pricing varies significantly by provider and negotiation leverage:

  • Per-page pricing (Datasite legacy model): $0.50–$2.00 per page viewed, with minimums. Can become expensive for large document packages with many reviewers.
  • Per-user per-month (SaaS model — Ideals, CapLinked): $300–$1,500/month per user group. More predictable for large transactions.
  • Deal-based flat fee (Intralinks, Datasite negotiated): Flat fee for the entire transaction — most common for large deals. Typically $25,000–$100,000 for an IPO-scale transaction.

If the company is using a financial printer (Toppan Merrill/DFIN), the VDR is often bundled into the printing contract at a discount. Evaluate whether the bundled VDR meets the security standards listed above — printing bundles sometimes use a lower-tier VDR product.

Setup and Timing

The VDR should be set up and the initial document package uploaded at least 4–6 weeks before the first due diligence session with underwriters. This gives the company time to organize the index, obtain any missing documents, and redact information that should not be disclosed (trade secrets, customer names in some contracts) before the VDR is opened to external reviewers.

Designate an internal VDR administrator — typically the general counsel or controller — who controls user access, monitors activity logs, and manages document additions throughout the process. VDR access should be terminated immediately when a reviewer's engagement ends to protect confidentiality.

Building Your Full IPO Team

Overview of all eight IPO advisor roles, including financial printer and VDR timing.

View Team Guide

Explore Related Guides

Related

Selecting a Financial Printer

VDR is often bundled with financial printer services — evaluate together.

Read Guide
Related

S-1 Filing Guide

How the S-1 process works and what due diligence documentation is required.

Read Guide
Related

Building Your IPO Team

All eight IPO advisor roles with timing.

View Guide
Related

IPO Checklist

Full readiness checklist.

View Checklist

Preparing for Your IPO?

Full Team Guide Get IPO Checklist