GDPR Compliance for Personal / Free Accounts

I'm really confused about all that GDPR stuff...Dropbox said they comply, but for any other big site I have a full cookie consent - not just telling me that if I continue using the site I agree with everything! I have specifically to agree - for example I may choose I don't want to be tracked by pixels, analytics and so on, but to accept only cookies, needed for site functionality.

Then, when I login my account I don't have any GDPR agreement to accept, nothing!

I can't see where to manage what information I allow to be shared?

Could you someone explain this, maybe from Dropbox stuff....

Thanks!

Yes it is confusing, but cookies is a seperate issue from what is discussed here. Yes Dropbox should warn you if they use them but if they don't, that is their responsibility.

But if you run a business and you store personal data on a platform such as Dropbox, you need a Data Processing Agreement. Dropbox apprently likes its large customers better than the small ones, as they only offer it if you take a Business Account with a minimum of 3 users. So everybody else should move the personal data away from Dropbox, else your company does not comply with de GDPR. 

Yes, Dropbox states that they comply to the regulations, what they mean is that if you are a private customer they comply. But if you are a small business users and you can't afford to buy a Business Account with 3 users for 30 euro a month, then Dropbox free and Personal accounts don't comply.

I am a DB Business user.

I've been asking DB if DB Business is GDPR compliant and so far I've received no answer - which, as a lawyer, I take as a NO, it isn't, but we won't confess.

Amazon clearly states this with regard to theair cloud services:

https://aws.amazon.com/compliance/gdpr-center/?nc1=h_ls

Why can't DB do the same? 

I'm really, really worried.

Please, DB, it's really that simple: just tell us DROPBOX (BUSINESS) IS GDPR COMPLIANT (if it is...).

We need nothing more.

They have stated it also on this forum. Here is the DPA that applies to Business accounts:

https://assets.dropbox.com/documents/en/legal/data-processing-agreement-dfb-013118.pdf

Hi aukevn and thank you for your prompt reply.

First of all it's a shame that DB staff in Italy haven't been able to provide me with a definitive answer in a week... (I'm still waiting for a simple answer YES DB BUSINESS IS OKAY, RED HERE... (url with a clear statement).

This being said, could you please tell me where actually DB states (just) that DB Business service is GDPR compliant?

The only resource I've found is this:

https://help.dropbox.com/security/standards-regulations

which is lost in a webpage no regular italian user could ever find...

Thank you again, cheers

Here on the forum they state it and I got an email (after askin about 5 times I finally got a clear answer)

Haven't found it anywhere else.

This is really unfortunate and upsetting. Let's hope they state it clearly soon. Cheers

So, all these stuff, cookies, GDPR, they will make life harder for small sites, the big ones - Facebook, Twitter, Dropbox - all they ignorantly simply don't give a [profanity removed by Moderator]....Take a look for Dropbox - even the cookie consent is not by the rules - by the law before dropping a cookie on your computer, you should aggree specifically (not passive, by simply move on site) and to have an option to continue using a site without any restrictions. Also you must have an option to turn off tracking for non-esential cookies and etc....As can see - noone of this has been implemented and I doubt it will be...