Shoeboxed and GDPR

At Shoeboxed we understand that our user’s privacy is paramount. This means we strive to provide top-level security while being transparent about our data practices. It is important to us that our users understand the steps we take to protect their valuable information. Below, you will find information about GDPR, how Shoeboxed complies with it, and how Shoeboxed protects user data.

What is GDPR?

General Data Protection Regulation (GDPR) is a European Union regulation which provides guidelines for collection and processing of personal data of individuals within the European Union. The GDPR went into effect on May 25th, 2018.

How does it impact Shoeboxed?

Since Shoeboxed provides service to users in the European Union, we are required to comply with the guidelines provided by GDPR, and we do. We have worked hard to ensure that our practices around data storage and processing not only protect our users but also comply with GDPR guidelines. 

What data does Shoeboxed collect from you?

We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.Information we collect directly from you: We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:Information we receive from third-party sources: Some third parties such as our business partners and service providers provide us with Personal Data about you, such as the following: Information we automatically collect when you use our Services: Some Personal Data is automatically collected when you use our Services, such as the following: Shoeboxed uses Personal Data to:We will only process your Personal Data if we have a lawful basis for doing so. Lawful basis for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below. 

What has Shoeboxed changed in order to comply?

Luckily for us, we haven’t had to change a lot as almost all of our practices are already GDPR compliant. We have reviewed our data systems and security to ensure complete compliance, and updated our privacy policy and terms of service to further explain how we handle data. The added explanations are:


Not sure about something or have a question? Shoot us an email to 

Eliminate paper clutter today: