The General Data Protection Regulation (GDPR)

The General Data Protection Regulation 2016/679, or GDPR, is a European Union regulation that marks a significant change to the existing framework for processing personal data of individuals in the EU. The GDPR introduces a series of new or enhanced requirements that apply to companies like Dropbox which handle personal data. The GDPR replaced the EU Directive 95/46 EC, better known as the Data Protection Directive.

How does Dropbox comply with the GDPR?

Dropbox is committed to the security and the protection of our users' data in line with legal requirements and best practices at all times. In line with our commitment to our users, we have worked hard to ensure that Dropbox is GDPR compliant, including appointing a Data Protection Officer; re-architecting our privacy program to ensure that users can exercise their data subject rights; documenting our data processing activities; and bolstering our internal processes in the event of a security breach.  We continue to make adjustments to ensure that, as further guidance continues to emerge from data protection authorities, our process and practices meet or exceed specific elements of the new rules.