GDPR compliance and requirements are a top Dropbox priority built into all of its services.
The General Data Protection Regulation (GDPR) is all about protecting personal data. The GDPR introduced several important principles that previously underpinned data protection law, such as the "accountability principle" and "privacy by design," which encourage organizations to take more responsibility for the data they protect.
The GDPR (General Data Protection Regulation) is a 2018 European Union regulation that establishes a comprehensive framework for handling and protecting personal data.
It’s essential that people have control and clarity over how their data is used and protected by organizations they interact with, and that organizations are given clear guidelines to protect that data.
One of the goals of the GDPR is to reconcile disparate data privacy laws across Europe, keeping in mind the rapid technological changes within the past two decades.
At Dropbox, trust is the foundation of our relationship with millions of people and businesses around the world and we take the continued responsibility of protecting your information seriously. To supplement our GDPR compliance efforts, Dropbox also adheres to the Cloud Security Alliance (CSA) Code of Conduct for GDPR Compliance.
Respect for privacy and security was built into our business and our focus on handling and protecting the data our customers entrust to us has remained a top priority. Dropbox was one of the first cloud service providers to achieve ISO 27018—the internationally recognized standard for leading practices in cloud privacy and data protection.
Every organization’s journey to GDPR compliance is different. Organizations should consider several factors such as company size, types and amount of data it processes, and current security and privacy measures.