• Information and Communications Technology


EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 11/9/2016
Next Certification Due Date: 11/16/2018
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 11/16/2017
Next Certification Due Date: 11/16/2018
Data Collected: NON-HR

Purpose of Data Collection

We collect personal data of our customers for account management, billing, internal marketing (not third party marketing), fraud prevention purposes and provision of our internet security services. Information we collect includes customer name, email address, IP address, billing information, and phone number. We may share such data with third parties who provide us with billing, marketing, and account management tools. Personal data from visitors to our customers' sites may be processed if our customers include such information in the data they insert into our network. For example, we may temporarily log such visitors' interactions with a website, such as IP address, country of origin, domain name and device type, to provide security services to our customers. We never request or intentionally process sensitive personal data, and deliberately limit our exposure to personal data.

Privacy Policy

HR Data

Employee Privacy Policy

Privacy Policy concerning how we process the personal data of our employees located in the EU, all of whom are in the United Kingdom. Copies of this policy have been provided to all employees in the EU, and will be provided to all new employees prior to their acceptance of employment. Employees may also request additional copies of this policy at any time from either their manager or the legal team.

Effective Date: 9/30/2016

HR and Non-HR Data


An updated version of our Privacy Policy, including updated references to the Swiss-U.S. Privacy Shield.

Effective Date: 11/9/2017

Non-HR Data


A privacy and security policy setting-out our commitments to the privacy and security of personal data processed by the company. It is live and publicly-facing on our home site, at the URL below.

Effective Date: 9/30/2016

Verification Method


Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Cloudflare, Inc. at:

Alex Krivit
Legal Counsel
Cloudflare, Inc.
101 Townsend Street
San Francisco, California 94107

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Cloudflare, Inc. to your question or complaint, please contact the independent recourse mechanism listed below


Appropriate statutory body with jurisdiction to investigate any claims against Cloudflare, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission