We’re committed to protecting your personal data

Data plays a huge role in every aspect of our daily lives—from the way we work, to how we travel and communicate with family and friends. People are increasingly looking for clarity and transparency about how their personal data is used and protected by the organizations they interact with.

Read more

Where does the GDPR apply?

The GDPR makes a number of important changes to the existing data protection framework. One of the most important is its expanded territorial scope. Under the GDPR, the location of the individual whose data is being processed is a key factor, whereas the existing EU Data Protection Directive is more concerned with the location of the processing.

Read more

The GDPR: An opportunity to rethink your approach to data security

When it comes to the General Data Protection Regulation (GDPR) and its implications for data security, there is a lot to consider. Significant emphasis has been placed on the penalties for non-compliance and the new rules companies must follow in the event of a data breach. While this is understandable, at its heart the GDPR is about understanding your data and designing your approach to security around it. In this sense, the GDPR presents an opportunity for forward-thinking chief security officers and their teams.

Read more

Understanding your data

Organizations established in the EU and processing personal data of EU-based individuals will, in almost all cases, be required to comply with the General Data Protection Regulation (GDPR) by May 25, 2018. In addition, the GDPR will now apply to organizations based outside the EU that offer goods and services to, or monitor the behavior of, EU-based individuals. If your organization falls into these categories, one of the essential first steps in your journey to compliance is understanding your data.

Read more

Working with your suppliers towards GDPR compliance

The General Data Protection Regulation (GDPR) goes into effect on May 25, 2018 and organizations (large and small) are currently preparing for the new directive. As an evolution of the current data protection legal framework, the GDPR will also apply with extraterritorial effect to organizations based outside the EU that offer goods and services to, or monitor individuals in, the EU.

Read more

Announcing CSA STAR, ISO 27017, and ISO 22301 certifications

We’re dedicated to building trust with our customers across the globe, and helping them fit Dropbox into their compliance strategies. And with the compliance landscape regularly shifting, we strive to stay ahead of the curve as new standards and certifications are introduced. So today, we’re excited to announce three new certifications—CSA STAR Level 2, ISO 27017, and ISO 22301—and updates to our existing compliance measures.

Read more