GPDR compliance

The General Data Protection Regulation (GDPR) takes effect from 25 May 2018. The GDPR is a standardized user data protection framework which operates across Europe and imposes obligations on organizations, like ThemeintheBox, that handle the personal data of people in the European Economic Area.

This page briefly explains what ThemeintheBox is doing to work towards GDPR compliance.

First, we are improving our transparency by updating our Privacy Policy to identify the information that we collect about our users, how we use that information and keep it safe. If you continue to use ThemeintheBox after we introduce these updates, it means you agree to this new policy.

Second, we recognize that it’s important for you to control your information so we are investing in features that will help you to easily manage and access some of your information within ThemeintheBox. We will provide more information on these features as they become available.

Third, since we use some third-party suppliers (e.g. Amazon Web Services) to make ThemeintheBox available, we are reviewing and negotiating these contracts with a view to ensuring that they comply with applicable laws, including GDPR. Where amendments to these agreements are required we are entering into Data Processing Agreements with our suppliers.

Fourth, we recognize that protection of your data involves us so we are improving our internal controls around employee access to data and data security incidents.

None of these steps are likely to impact the way you use ThemeintheBox day to day – you and all our many users will remain free to design anything and publish anywhere!

For support on anything related to GDPR, including how to access, inspect, update and remove your personal information with respect to ThemeintheBox, please email us at support@themeinthebox.com.