Box Could Help You With Your GDPR Compliance

How Box could help with your GDPR compliance

This month marks 6 months since GDPR came into force. How are you faring in your compliance so far? Did you know that a simple app like Box may be able to help make things every simpler for you. BOX has invested heavily to develop new policies/service processes, as well as to improve on existing ones, to help our customers continue to meet their data privacy obligations. Here are 3 ways Box is already enabling some of our customers to be GDPR compliant.



1. Transparency into information use. 

The GDPR requires organizations provide more information about how individuals’ information is used.

How Box enables transparency? 

At Box, transparency is an important part of their business process. The product is designed to provide customers with full control of their contents and ways to access it.  Box is designed in a way that customer administrators have the ability to grant or rescind access to their Box account through the Admin Console. This means customers are the ones that control who can access the content.


2. Visibility into processing.

Under the GDPR, individuals can access a copy of their data and know where their data is being processed.

How Box enables transparency? 

At Box, their customers can easily exercise these rights with the following product features:

Accessible usage logs. Customers can export logs through the customer’s Admin. Console or APIs.

Effortless downloads. Every file can be easily downloaded for local access.

Third-party integration management. Customers can quick view and manage all of their third-party integrations all in one place.


3. Right to be forgotten. 

Individuals can ask to delete their personal data.

How Box enables transparency? 

At Box, their customers are in control around content retention and deletion.

Trash Retrieval – Customers can enable the “Trash” function, which allows users to have their own Trash folder and enable them to retrieve items they may have deleted.

Content Retention –  Customers can also set the parameters around how long files will be kept in Trashed files before actual deletion process starts. The deletion process will begin at the expiration of this time period.

Trash Permissions –  Customers can also designate who has the ability to permanently delete content in the Trash folder. Options can be set at Everybody, Admin Only, Admins and Co-Admins Only, or Nobody.  If this parameter is set to allow a user to empty their trash, the deletion process will begin.


Want to know more?

Worried about GDPR and if you are compliant? Well our IT services team are on hand to give simple and friendly advice on how you and your company can be GDPR compliant. Call us on 01748 835599 and we will be happy to help.

No comments