Box Trust Center
Putting our customers and their content first
![Trust](http://cdn03.boxcdn.net/sites/default/files/styles/288xauto/public/2022-03/1-hero-fg-box-trust_2643x1800.png?itok=-eixAOqH)
A longstanding commitment to security and compliance
At Box, security and compliance are part of our DNA. We're dedicated to earning and keeping our customers' trust — every day. The Box Trust Center connects you to the latest information on how we prioritize security, compliance, data privacy, and reliability for our products.
Our approach to reliability
You've put your trust in Box as a valued service provider and partner. To keep your trust, we’re committed to updating you on what's happening with and within the Box Services, whether it’s planned maintenance or an unexpected service disruption.
Enabling the responsible and secure use of enterprise-grade AI
With the adoption of AI, enterprises face unique security, privacy and compliance challenges that must be carefully addressed as regulations continue to evolve. We are committed to being transparent about our AI practices, technology, vendors, and data usage.
Exceed global compliance requirements
The Content Cloud enables advanced privacy and compliance in today’s global, digital-first world. We’re committed to delivering a secure content platform that helps you meet and exceed your regulatory and compliance needs and obligations.
Protecting US government agencies critical information
Digitize your agency services and drive government cloud security while maintaining industry compliance. Within the United States Federal and Department of Defense community, Box has achieved a number of certifications that demonstrate our capabilities and commitment to security.
Values that build trust (and a better world)
Environmental, social, and governance (ESG) priorities are woven into the fabric of our culture at Box. Our ESG website and ESG data sheet outline our commitments to protect our planet, invest in people and communities, and acting with integrity. We expect the same commitment from our suppliers, as set forth in our Supplier Code of Conduct.
How we approach security and compliance
![Compliance Catalogue C5](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-C5.jpg?itok=cd9Mhro1)
Cloud Computing Controls Compliance Catalogue (C5)
Provided under NDA — please contact your account team
![CAIQ](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-CAIQ.jpg?itok=IOmF8Rxy)
Consensus Answer Initiative Questionnaire (CAIQ)
![FedRAMP](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-fedramp.jpg?itok=Si2K2u-E)
FedRAMP Moderate Authorization
![Finra](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-finra.jpg?itok=aFIePqfr)
FINRA Report
Provided under NDA — please contact your account team
![gxp validation](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-gxp-validation.jpg?itok=gdVloXuo)
GxP Validation
![Bureau Veritas Certification HDS logo](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2023-05/5-card-HDS.jpg?itok=V26Z_uhv)
HDS
![HECVAT Full](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-05/5-card-HECVAT.jpg?itok=pBlsqAsI)
HECVAT Full
Provided under NDA — please contact your account team
![HIPAA assessment letter](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-us-hipaa-letter.jpg?itok=p6T2cwnl)
HIPAA Assessment Letter
Provided under NDA — please contact your account team
![HIPAA compliance](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-gxp-hipaa-compliance.jpg?itok=u9r-3j9X)
HIPAA Compliance
![ISMAP Certification](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-ismap.jpg?itok=QLqc5G2M)
ISMAP Certification
![ISO thumbnail](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2024-05/5-card-iso-updated.jpg?itok=dcBcuNA8)
ISO Certification
![ITAR](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-itar.jpg?itok=_NjZ0Ndx)
ITAR
Provided under NDA — please contact your account team
![PCI DSS](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-PCI-DSS.jpg?itok=YRknprTj)
Payment Card Industry Data Security Standard (PCI DSS)
Provided under NDA — please contact your account team
![SIG](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-sig-lite.jpg?itok=SxY36t7J)
SIG
Provided under NDA — please contact your account team
![SOC 1 & 2 - Type II](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-soc.jpg?itok=UV5nTECz)
SOC 1 & 2 - Type II
Provided under NDA — please contact your account team
![StateRAMP](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-stateramp.jpg?itok=SNDQSsgY)
StateRAMP
![Trusted Partner Network Gold Shield](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2024-06/5-card-TPN.jpg?itok=bFYQfoxv)
Trusted Partner Network Gold Shield
![WCAG](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-03/5-card-WCAG.jpg?itok=nrs1brq1)
Web Content Accessibility Guidelines (WCAG) 2.0 Level AA
VPAT provided under NDA — please contact your account team
How we prioritize data privacy
CCPA
Find out how to steer clear of risk and keep your reputation intact as you meet obligations for the California Consumer Privacy Act (CCPA).
Cookie notice
GDPR
Read about our GDPR compliance, our Data Processing Addendum (DPA), and our product offerings for data protection obligations.
Privacy notice
See what information is collected, retained, used, disclosed, and transferred by Box and how to exercise your data subject rights.
Schrems II and Brexit
How to report to Box
Explore our resources
![supplier code of conduct](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-12/8-card-supplier-code-of-conduct-min.jpg?itok=QtKyXVMp)
Our supplier code of conduct
Learn how we engage with suppliers, and find out about ethical and compliance requirements.
![accessibility improvements](http://cdn03.boxcdn.net/sites/default/files/styles/module_119_new_standard/public/2022-04/8-card-accessibility-improvements.jpg?itok=amBc_8-j)
Accessibility Improvements to the Box Web Application
FAQ
Find answers to frequently asked questions on security, reliability, compliance, and privacy.