15 May

EU General Data Protection Regulation (GDPR)

Welcome to the Fortress GDPR guidance center

References:

GDRP Ebook Custom Newsletter featuring Gartner Research GDPR

 

This guidance center hopes to offer some helpful insight and practical steps for organizations as they prepare for compliance with the General Data Protection Regulation, otherwise known as the GDPR, by May 25, 2018.

Of course, every organization’s journey to GDPR compliance is different. It depends on, among other factors, company size, the types and amount of data it processes, and its current security and privacy measures.

Getting ready for the GDPR

Organizations established in the EU and processing personal data of EU-based individuals will, in almost all cases, be required to comply with the GDPR by May 25, 2018. The GDPR updates and harmonizes the framework for processing personal data in the European Union, and brings with it new obligations for organizations and new rights for individuals. Many organizations, large and small, are now preparing for the new regulation.

Dropbox has many years experience earning our users’ trust. Dropbox Business is certified compliant with the most widely-accepted security and privacy standards and regulations in the world, such as ISO 27001/2, ISO27018/17 and SOC 2. Our cross-functional team of data protection specialists has put together a series of insights and resources to help you on your road to GDPR compliance.

What is the GDPR?

The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It comes into effect on May 25, 2018.

Personal data plays a huge part in society and the economy. It is essential that people have—and know they have—control and clarity over how their data is used and protected by any organization they interact with, and that organizations are given clear guidelines to protect their personal data.

One of the aims of the GDPR is to harmonize and bring data privacy laws across Europe up to speed with the rapid technological change in the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.