Guidelines for responsible use of Dropbox services
Overall Score
Risk by Category
The Dropbox Acceptable Use Policy (AUP) specifies prohibited activities to maintain the safety, reliability, privacy, and security of its services. It covers keeping services safe (no malware, illegal content), respecting users (no spam, harassment), respecting copyrights, protecting privacy and security, enforcement actions including warnings, suspensions, and terminations, reporting mechanisms, and policy changes. Users must comply to avoid account actions.
Dropbox may issue warnings, suspend, or terminate accounts without notice for violations.
Zero tolerance for child sexual abuse material with immediate reporting to authorities.
Explicitly lists prohibited activities in categorized sections for easy understanding.
Dedicated ways to report violations to Dropbox for quick response.
Users can appeal enforcement actions via support.
Spotify collects the following categories of personal data. High Risk categories are used for advertising profiling or involve sensitive personal information.
Automatic scanning for violations like malware or illegal content.
Your data serves the following purposes. Mandatory purposes cannot be disabled without canceling the service. Opt-out available purposes allow some user control.
Dropbox may scan content for safety, security, and compliance with AUP (e.g., malware, CSAM).
Spotify shares data with several categories of third parties. Sharing with advertising partners is extensive and represents the primary commercial use of your behavioral data.
Content may be shared with law enforcement for illegal activities.
The following rights may be available to you depending on your region. EU/EEA users have the broadest protections under GDPR. Non-EU users have more limited guarantees.
Users can appeal suspensions or terminations through Dropbox support.
Primary remedy is account appeal; no guaranteed reinstatement.
Data is retained for different periods depending on category, and security disclosures vary in depth. The policy highlights the following retention and transparency points.
Retention Periods
Data may be retained as needed for legal/compliance after termination.
Activity logs retained to investigate violations.
Security & Transparency
Active scanning and blocking of malicious content.
Mandatory reporting of illegal content like CSAM.
Prohibits activities that violate user privacy.
Source Text
You may not use the Services for any illegal purpose or in violation of any applicable laws.
Interpretation
Broad prohibition covers all illegal activities, giving Dropbox discretion.
Source Text
We do not allow any child sexual abuse material on Dropbox.
Interpretation
Zero tolerance with immediate action and legal reporting; high enforcement risk.
Source Text
You may not upload, post, or transmit any content that infringes copyrights.
Interpretation
Users fully responsible for content; no safe harbor mentioned.
Source Text
We may warn, suspend, or terminate accounts for violations.
Interpretation
Tiered enforcement but broad discretion for termination.
Source Text
Use specific forms or email to report violations.
Interpretation
Transparent process for users to flag issues.
Dropbox may warn you, temporarily suspend your account, or permanently terminate it depending on severity.