Dropbox · Dropbox Privacy Policy

Cross-Border Data Transfers

Medium severity
Share 𝕏 Share in Share

Why it matters

Your data may be stored and processed in countries with different privacy laws than your own, and the legal protections Dropbox relies on for these transfers have faced regulatory scrutiny.

Consumer impact

Dropbox collects extensive personal data including file contents, usage patterns, device identifiers, and contacts, and may use this data to train and improve AI and machine learning features. Business account administrators have significant control over employee accounts, including the ability to access, restrict, or delete content stored in those accounts. You can review and adjust your privacy settings, request data deletion, or opt out of certain data uses by visiting the Dropbox Privacy Settings page at dropbox.com/account/security.

Applicable agencies

  • State AG
    State Attorneys General may have jurisdiction over cross-border data transfer practices affecting state residents, particularly under state-level privacy laws.
    File a complaint →

Provision details

Document information
Document
Dropbox Privacy Policy
Entity
Dropbox
Document last updated
March 24, 2026
Tracking information
First tracked
March 20, 2026
Last verified
March 20, 2026
Record ID
CA-P-001037
Document ID
CA-D-00196
Evidence Provenance
Source URL
https://www.dropbox.com/privacy
Wayback Machine
View archived versions →
SHA-256
e79e0028df779e64383b66ccc3c4c5747677bf6476de9303c1206de45ecc82cc
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Dropbox | Document: Dropbox Privacy Policy | Record: CA-P-001037
Captured: 2026-03-20 04:47:54 UTC | SHA-256: e79e0028df779e64…
URL: https://conductatlas.com/platform/dropbox/dropbox-privacy-policy/cross-border-data-transfers/
Accessed: April 4, 2026
Classification
Severity
Medium
Categories
Data sharing

Other provisions in this document