GDPR compliance and requirements are a top Dropbox priority built into all of its services.
The General Data Protection Regulation (GDPR) is all about protecting personal data. The GDPR introduced several important principles that previously underpinned data protection law, such as the 'accountability principle' and 'privacy by design', which encourage organisations to take more responsibility for the data they protect.
The GDPR (General Data Protection Regulation) is a 2018 European Union regulation that establishes a comprehensive framework for handling and protecting personal data.
It’s essential that people have control and clarity over how their data is used and protected by organisations they interact with, and that organisations are given clear guidelines to protect that data.
One of the goals of the GDPR is to reconcile disparate data privacy laws across Europe, keeping in mind the rapid technological changes within the past two decades.
At Dropbox, trust is the foundation of our relationship with millions of people and businesses around the world and we take the continued responsibility of protecting your information seriously. To supplement our GDPR compliance efforts, Dropbox also adheres to the Cloud Security Alliance (CSA) Code of Conduct for GDPR Compliance.
Respect for privacy and security was built into our business and our focus on handling and protecting the data our customers' trust has remained a top priority. Dropbox was one of the first cloud service providers to achieve ISO 27018 – the internationally recognised standard for leading practices in cloud privacy and data protection.
Every organisation’s journey to GDPR compliance is different. Organisations should consider several factors such as company size, types and amount of data it processes and current security and privacy measures.