Cloudflare Joins EU Cloud Code of Conduct, Achieves New Certifications to Accelerate Trust and Compliance Confidence in Cloud Service

New global privacy regulation certifications reinforce Cloudflare’s commitment to cloud security and data protection in Europe

San Francisco, CA, and Brussels, Belgium, May 23, 2022 — Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced it has joined the EU Cloud Code of Conduct (EU Cloud CoC) General Assembly, to help increase the impact of the trusted ecosystem and encourage more organizations to adopt GDPR-compliant cloud services. Cloudflare also announces that it has achieved two new cloud security certifications: ISO/IEC 27018:2019 and C5 – Cloud Computing Compliance Criteria Catalog – introduced by the Federal Office for Information Security in Germany.

The EU Cloud Code of Conduct brings trust and transparency to the European cloud computing market, helping organizations to source cloud services from GDPR-compliant providers. Importantly, following a positive opinion by the European Data Protection Board, the EU Cloud Code of Conduct was fully approved by the Belgium Data Protection Authority and is therefore a legally operational Code of Conduct pursuant to Article 40 of the EU’s General Data Protection Regulation (GDPR). The Code covers all cloud service layers and its compliance is overseen by accredited monitoring body SCOPE Europe. Cloudflare’s global network and strong commitment to upholding the very highest data protection standards will speed up adoption of cloud services across the continent by allaying users’ data protection concerns.

Commenting on the membership, Cloudflare’s Chief Privacy Officer, Emily Hancock, said, “As many businesses are realizing the full flexibility of cloud services, building trust is paramount to addressing any data privacy and security concerns they may have. The EU Cloud CoC is leading the charge so that European companies can grow and innovate with compliance built in. We look forward to enabling more companies to benefit from the power of the cloud with confidence.”

Cloudflare has also obtained two new security and privacy compliance certifications, further reinforcing its commitment to security and data protection in Europe. ISO/IEC 27018:2019 is a global ISO privacy certification, implementing measures to protect the processing of personally identifiable information (PII) in public clouds acting as PII processors. Cloudflare is also certified as a PII Controller and PII Processor to ISO/IEC 27701:2019, which is aligned to various data protection regulations including the GDPR, and ISO 27001:2013. Meanwhile, the C5 attestation is an important validation against a defined baseline security level for cloud computing. Cloudflare received a C5 report in May 2022.

To learn more about Cloudflare and its commitments to data protection in Europe, check out the resources below:

__About Cloudflare __

Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures 2018 list and ranked among the World’s Most Innovative Companies by Fast Company in 2019. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, New York, NY, San Jose, CA, Seattle, WA, Washington, D.C., Toronto, Lisbon, London, Munich, Paris, Beijing, Singapore, Sydney, and Tokyo.

__Forward-Looking Statements __

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern our expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding the benefits to Cloudflare and its customers from Cloudflare joining the EU Cloud CoC and obtaining cloud security certifications, the potential benefits to Cloudflare customers from using Cloudflare’s products, network, and other technology, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by our Chief Privacy Officer and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in our filings with the Securities and Exchange Commission (SEC), including our Quarterly Report on Form 10-Q filed on May 5, 2022, as well as other filings that we may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. We undertake no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. We may not actually achieve the plans, intentions, or expectations disclosed in our forward-looking statements, and you should not place undue reliance on our forward-looking statements.

© 2022 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.

Press Contact Information
Daniella Vallurupalli
+1 650-741-3104