One of the objectives of the RGPD is to reconcile the different data protection legislation across Europe, taking into account the rapid technological changes that have taken place over the past two decades. At Dropbox, trust is the foundation of our relationship with millions of people and businesses around the world. We value the trust you have placed in us and we take the responsibility for protecting your data seriously. Respect for privacy and security has been integrated into our business from the beginning and, with our growth, our focus on managing and protecting the data our customers entrust to us remains a top priority. For example, we were one of the first cloud service providers to achieve ISO 27018 – an internationally recognized standard for best practices in cloud privacy and privacy. I received an email from a law firm explaining that although my organization is based in London when a staff member from my organization stores information in one of these services, it is made up of international data transmission on which the person concerned must be alerted. The RGPD is the largest revision of EU data protection legislation in the last two decades. It has changed the way companies store, manage and use personal data. And the changes are not just for European companies – they apply to any organisation that has European customers, employees, partners and offices. According to the RGPD, ex-employees, current employees and customers have greater rights to see or have their personal data erased in a company. These rights are exercised in the form of subjective data access requests (DSARs).

Providing data in response to a DSAR, if it is not searchable, will be almost impossible, and if the person concerned knows that it exists, it could lead to an expensive dispute. Ben Mitchell explains how to manage and protect personal data stored in Dropbox Business. Each organization`s path to RGPD compliance is different. Businesses should consider several factors, such as. B the size of the company, the types and quantity of data, as well as current security and data protection measures. If non-searchable files are lost or are eventually deposited in the wrong place in Dropbox Business, they could be part of a privacy breach. If organisations do not use all the necessary protections for personal data and are not in violation, they may be punished with a fine of 4% of global turnover, or 20,000,000 euros, depending on the highest value. Download our Data Protection White Paper Your RGPD obligations depend on whether you are a data manager or a data manager.

If you are a Dropbox Business customer, please note that you are responsible for the processing and that you have specific legal obligations under the RGPD.