The GDPR deadline is one month away...are you ready?

At Box, we’re pretty big fans of security and compliance. Now, before you ask why, hear me out.

Over the last decade, companies across every industry have been undergoing a massive transition to the cloud. The world is changing how it works on a near daily basis. Business is moving faster than ever, the rate of creation of data is growing quicker than it was even a year ago, and the security and data privacy challenges are enormous. Businesses today are managing more data than ever before, meaning an effective data protection program needs to be implemented and managed.

By now, you've probably seen the headlines about the General Data Protection Regulation (GDPR) deadline on May 25, 2018. But just in case you aren't familiar –GDPR is the new EU legislation for collecting and processing personal data in the European Union, and is the most significant data protection development in decades. The impact is far reaching -- all companies that work with European personal identifiable information will need to comply with the regulation. At Box we've been preparing for GDPR for a while, and we have invested significant resources toward meeting and maintaining GDPR compliance, and are committed to practicing transparency in how we handle personal data.

Just a Few Clicks Away from GDPR Readiness

The growth of cloud adoption, increase in amount of data, and the exponential growth of compliance and privacy complexity– are why Box is excited to announce a simple solution for global data privacy preparedness ahead of GDPR coming into effect.

We make it easy for our customers to formalize and share the data they use in a controlled and managed environment, which can be used to demonstrate their data is being processed in a way that meets the GDPR obligations. We have recently released a self-serve, easy-to-execute Data Processing  Addendum (DPA) which requires only a simple electronic signature from the customers. The DPA is available at no cost for all current Box service agreements, is signed by both Box and the customer, and comprehensively lists all the approved legal mechanisms for data processing.

Box Data Protection Services

As part of its  global data protection services,  Box Consulting is rolling out a new compliance-focused  engagement  aimed at  assisting customers  as they prepare for, understand, and address  evolving compliance requirements such as  GDPR, PCI DSS, FedRamp, and HIPAA from a cloud content management perspective. The engagement team is comprised of senior members of the Box Compliance team in conjunction with Box Consulting personnel.

For GDPR preparedness specifically, Box will engage with customers to develop a formalized data protection framework leveraging and centering on the Box application. This service includes:

  • Assisting customers in developing a strategy for categorizing their data and running the corresponding risk profile analysis
  • Assisting customers to develop a data protection framework that is based on the customers own unique data protection risk profile.
  • Providing implementation services to  assist  customers  with implementing Box in  accordance with their own derived implementation framework.
  • Cross-industry perspectives on Compliance/Data Protection Obligations

Watch this on-demand webinar to learn how Box streamlines your GDPR readiness journey. For more information or to download the data protection addendum, please visit

To learn more on Box Consulting services for data protection, please download our datasheet.

Free 14-day trial.
No risk.

Box free trial includes native e‑signatures, let's you securely manage, share and access your content from anywhere.

Try for free