Subscribe to receive notifications of new posts:

Updating Our Privacy Policy

2013-08-20

2 min read

Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to remain anonymous because you value your privacy. We do, too. 

To that end, one of the first things I have undertaken in my new role is a full review of our privacy policy. I wanted to strengthen it to make sure that the policy is keeping pace with our growing business and the privacy expectations of our users worldwide. So, I am pleased to announce our new privacy policy effective today.

So what is changing in the new policy? Actually, not all that much. The old privacy policy was pretty good to start. Most of the changes were to more clearly explain how we treat specific information, remove ambiguity, and ensure we are complying with privacy standards around the world. Specifically, here are some of the changes we made:

  • We also removed a whole bunch of pronouns and replaced them with nouns. This makes the policy read a good bit more legal and formalistic, but greatly clarifies exactly whom and what we are referring to.

  • We have also changed our privacy policy to appoint TRUSTe for dispute resolution relating to our compliance with the U.S.–EU Safe Harbor framework and the U.S.–Swiss Safe Harbor. This ensures we are in line with EU privacy standards. TRUSTe has reviewed our privacy policy and signed off that it meets these Safe Harbor Privacy Principles for protecting users’ privacy.

  • We created a new, dedicated Trust and Safety email contact for handling your questions and concerns related to privacy and compliance issues. The address is [email protected].

  • Since it is CloudFlare’s existing corporate policy to ensure adherence to due process in all law enforcement requests for our customers’ information, we decided to explicitly incorporate that policy into our privacy policy. By way of background, here’s our CEO’s a recent interview on the subject of law enforcement and privacy.

To ensure you can understand every change to the privacy policy, I have tracked changes from the old to the new privacy policy and embedded a PDF showing the differences below. I’ve also included comments explaining the rationale of every change. We wanted to show you exactly all the moving pieces, how we’ve sought to improve and clarify our policy, and the reasoning behind every change. Finally, for the more technically (and less legally) inclined, we’ve also included our privacy policy in a public GitHub repo where we will track changes to it over time.

Our guiding philosophy has always been and will continue to be that the personal information you provide to us is just that: personal and private. CloudFlare will not sell, rent, or give away any of your personal information without your consent. We will also challenge law enforcement requests that we determine do not meet the standards of due process.

I will continue to return to this blog to keep you informed as we review and strengthen our policies and procedures going forward.

CloudFlare Security and Privacy Policy August 2013 Difffromcloudflare_policies

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
LegalPrivacy

Follow on X

Kenneth R. Carter|@carterkr
Cloudflare|@cloudflare

Related posts

September 25, 2024 1:00 PM

New standards for a faster and more private Internet

Cloudflare's customers can now take advantage of Zstandard (zstd) compression, offering 42% faster compression than Brotli and 11.3% more efficiency than GZIP. We're further optimizing performance for our customers with HTTP/3 prioritization and BBR congestion control, and enhancing privacy through Encrypted Client Hello (ECH)....

September 24, 2024 1:00 PM

Cloudflare helps verify the security of end-to-end encrypted messages by auditing key transparency for WhatsApp

Cloudflare is now verifying WhatsApp’s Key Transparency audit proofs to ensure the security of end-to-end encrypted messaging conversations without having to manually check QR codes. We are publishing the results of the proof verification to https://dash.key-transparency.cloudflare.com for independent researchers and security experts to compare against WhatsApp’s. Cloudflare does not have access to underlying public key material or message metadata as part of this infrastructure....

September 24, 2024 1:00 PM

Cloudflare partners with Internet Service Providers and network equipment providers to deliver a safer browsing experience to millions of homes

Cloudflare is extending the use of our public DNS resolver through partnering with ISPs and network providers to deliver a safer browsing experience directly to families. Join us in protecting every Internet user from unsafe content with the click of a button, powered by 1.1.1.1 for Families....