The GDPR and Ebox

A landmark privacy law in the European Union (EU) called the General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. The GDPR unifies data protection rules across the EU and places new obligations on how companies handle personal data of individuals in the EU, including increased requirements for transparency and expanding individuals’ rights with regard to their personal data.

We are committed to complying with the GDPR. As a result, we have been working diligently to update our privacy and security practices so that we can comply with, and support our customers in complying with, the GDPR.

Our GDPR compliance efforts include the following:


Effective May 25, 2018, we will have an updated Ebox Privacy Policy, available on our website, to enhance our transparency to our customers and their users and ensure compliance with GDPR notice requirements.

Data Security

We have reviewed and updated our technical and organizational safeguards to help protect personal data and prevent unauthorized access to personal data.

Processor Obligations

Ebox acts as a “processor” for the services that it provides to its customers. We have reviewed and updated our business processes to comply with GDPR obligations applicable to processors.

Subprocessor Management

We understand the importance of managing sub processors who help us serve our customers and only use industry leaders to support our services. In addition, we have implemented a procedure for assessing vendors before we engage them.

Data Subject Rights

We have developed data subject rights procedures to ensure that we provide timely and appropriate support for our customers’ responses to their users’ requests to exercise their rights under the GDPR.

If you have any questions regarding our privacy practices or GDPR efforts, please reach out to us at

Privacy Policy

You can read our full privacy policy here.