High — provisions that significantly limit your legal rights, authorize broad data collection, or create material financial exposure. Medium — provisions worth knowing about but with partial protections or limited scope. Low — standard terms with minimal consumer impact.
Organizations subject to GDPR, CCPA, or other data protection laws need to ensure they have executed a Data Processing Agreement with Box, as the standard terms alone may not satisfy regulatory requi…
If Box experiences a data breach, extended outage, or service failure that causes significant business harm, users can only recover a limited amount equal to recent subscription fees, which may be fa…
This clause limits your ability to hold Box accountable through the court system or to band together with other affected users in a collective lawsuit, which can reduce leverage in disputes and incre…
The clause creates a conditional compliance framework: HIPAA-regulated data processing is permitted only through an executed BAA. Without this requirement, Box could not legally handle PHI under HIPA…
This provision establishes Box's unilateral authority to discontinue service access and establishes the conditions under which user content may be retained post-termination. The immediate effectivene…
This document establishes the terms governing use of Box's cloud storage and file collaboration platform for individuals and businesses. The agreement requires that disputes between users and Box be resolved …
ConductAtlas tracks 2 Box documents including terms of service, privacy policy, and other governance documents. Every document is captured daily with cryptographic verification.
Box has made 0 policy changes in the past 12 months across the documents ConductAtlas tracks.
ConductAtlas has classified 9 provisions across Box's tracked documents. 3 are rated high severity, 5 medium, and 1 low.
Yes. Monitor subscribers ($19/month) can add Box to their watchlist and receive same-day email alerts whenever any tracked document changes.