Subscribe to receive notifications of new posts:

Cloudflare Certifies Under the New EU-U.S. Privacy Shield


2 min read

Cloudflare has certified with the U.S. Department of Commerce for the new EU-U.S. Privacy Shield framework.

Beginning this summer, the U.S. Department of Commerce began accepting submissions to certify under the EU-U.S. Privacy Shield framework, a new mechanism by which European companies can transfer personal data to their counterparts in the United States. By certifying under Privacy Shield, Cloudflare is taking a strong and pro-active stance towards further protecting the security and privacy of our customers.

Since 1998, following the European Union’s implementation of EU Data Protection Directive 95/46/EC, companies in Europe wishing to transfer the personal data of Europeans overseas have had to ensure that the recipient of such data practices an adequate level of protection when handling this information. Until last October, American companies were able to certify under the U.S.-EU Safe Harbor Accord, which provided a legal means to accept European personal data, in exchange for assurances of privacy commitments and the enactment of specific internal controls.

However, after having been in effect for roughly fifteen years, in October 2015 the European Court of Justice overturned the Safe Harbor and declared that a new mechanism for transatlantic data transfers would need to be negotiated in light of changes in the way the Internet is used around the world. Authorities in Europe and the U.S. quickly accelerated discussions that had already been in process, with the result being the new Privacy Shield framework. This framework expands significantly upon the former Safe Harbor, improving and bolstering the privacy protections that Europeans can enjoy with respect to the handling of their personal data. While many of the obligations mandated by the Privacy Shield were already covered by the Safe Harbor, Privacy Shield greatly clarifies and builds upon the existing obligations of U.S. companies.

As a security company, the trust and safety of our customers is of paramount importance to Cloudflare. As such, we take our responsibility for, and commitment to, the privacy of our customers extremely seriously, and have strengthened our internal processes and controls to meet the new heightened requirements mandated by the European Commission. This includes updating our Privacy and Security Policy to provide additional details on what personal data we may collect and how it’s used. Although we’re a CDN, in many cases acting merely as a conduit for information inserted into our network by others, Cloudflare was certified under the U.S.-EU Safe Harbor Accord and complies with the new Privacy Shield Framework. In the event that you have any specific questions about the new Privacy Shield, more details can be found at or by reviewing our updated Privacy and Security Policy at

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.

Follow on X


Related posts

December 20, 2023 2:00 PM

Don’t let the cyber grinch ruin your winter break: Project Cybersafe Schools protects small school districts in the US

In August of this year, as part of the White House Back to School Safely: K-12 Cybersecurity Summit, Cloudflare announced Project Cybersafe Schools to help support eligible K-12 public school districts with a package of Zero Trust cybersecurity solutions — for free, and with no time limit...