Dropbox complies with the U.S.–E.U. Safe Harbor Framework and the U.S.–Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland.
Dropbox's storage is SSAE16/SOC1, SOC2, ISAE 3402, and ISO 27001 certified on Amazon S3 and may provide data mirroring across other secure data centers.
Dropbox does not currently have HIPAA, FERPA, ISO 9001, or PCI certifications. We'll update this page with any new certifications as we receive them.Category: Security and Privacy