CloudFlare will not sell, rent, or give away any of your personal information without your consent. It is our overriding privacy principle that any personal information you provide to us is just that: personal and private. We do not presume that you are granting us permission to share your personal information with third parties wanting to sell you products or services that you have not requested. In order for us to provide some of the services we do we may on occasion need to provide information you supply us to external parties. When this is necessary we will provide you explicit notice and the ability to opt-out. CloudFlare may need to purge information from its system from time to time, and does not promise to keep any information beyond what is required by applicable law or regulation.
CloudFlare’s website and services are not intended for, or designed to attract, individuals under the age of 18. CloudFlare does not knowingly collect personally identifiable information from any person under the age of 18.
INFORMATION DESIGNATED AS PUBLIC
As part of our service, our users may decide to provide information specifically to be shared with third parties. For example, they may allow us to build statistical reports based on what malicious visitors have visited your site. In cases such at these, we will try to make it clear whenever any information our users provide us will be made public. Even when our users give us permission to make certain information public, we will still protect the information designated private (such as name, email address, IP address, and other information specifically tagged to the user’s identity) from being disclosed.
CloudFlare is the owner of the information collected on this site and through any CloudFlare service. As visitors browse our web site, or our user’s websites if they are protected by CloudFlare, we sometimes log these visitors’ interactions in order to provide a better service (e.g., using visitor log data in order to detect new threats). For some examples of the types of information we collect, please see our blog post here.
CloudFlare collects and maintains certain information from our users for the purposes of billing. We may report this information to third party processors for the limited purpose of receiving payment. CloudFlare does not store full credit card numbers or personal account numbers (PANs).
CORRECTIONS TO PERSONAL INFORMATION
This web site makes it easy to correct any mistakes in your personal information at any time. Whenever possible, we will give you an opportunity to review and change any information you provide to us. If you notice a mistake in the information you provide us, you can always revise it. This can be done either online or contacting us directly.
As part of our service, CloudFlare may place cookies on the browsers of your visitors to your CloudFlare-protected sites. We do this to in order to track malicious visitors, to reduce the chance of blocking legitimate users, and to provide customized services.
CloudFlare may aggregate data we acquire about our users and the visitors to their sites. For example, we may assemble data to determine how spiders crawl the Internet and whether they are engaged in malicious activity. If we assemble this sort of data and provide it to external parties, our user’s personal information (such as their name, email address, IP address, and other information specifically tagged to your identity) will never be attached to or included in the aggregated data. Please note, public data our users provide us, such as log files of their site’s visitors, may be included in the aggregate data, reports and statistics.
PROMOTIONAL PARTNERS AND THIRD PARTY APPS
From time to time, CloudFlare may notify you about an offer from one of our promotional partners (e.g., Apps Marketplace partners) via our website or email. While we may target particular types of users for these offers, we will do all of the targeting within our system. Our business partners will not have any access to the targeting information, including the names of the people who may be interested in a particular product or service. Until you affirmatively respond to a promotional offer, we will not reveal any identifying information about you to any of these partners.
If you install an App from one of our third party partners, CloudFlare may provide your email address to that partner for account creation and communication with that partner.
Note that in both cases, these partners may have their own Privacy Policies and may not be covered by CloudFlare’s policy.
THIRD PARTY WEBSITES
The CloudFlare website and the other websites contain links to the sites of third parties. Please be aware that we are not responsible for the privacy practices of these external sites. We encourage users to be aware when they leave our website, and to read the privacy statements of other websites. We cannot guarantee that these third parties abide by the privacy principles outlined here.
It is possible that CloudFlare may be required by court order to provide information about our customers. CloudFlare may also be required to provide information pursuant to law, applicable regulation, subpoena or other legal process. It is CloudFlare’s corporate policy to ensure adherence to the due process of law in all such legal requests. If we are ever required to provide information under these circumstances, we will, whenever possible, attempt to inform users whose information we are compelled to reveal.
DATA SECURITY, DATA INTEGRITY, AND ACCESS
CloudFlare takes all reasonable steps to protect our users’ information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have put in place appropriate physical, electronic and managerial procedures to safeguard and secure such information. CloudFlare only processes personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. CloudFlare allows our users and website visitors access to their personal information and allows them to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
SAFE HARBOR FRAMEWORK
CloudFlare participates in the U.S.-E.U. Safe Harbor framework and the U.S.-Swiss Safe Harbor as set forth by the United States Department of Commerce. This applies to all personal information received by CloudFlare whether in electronic, paper, or verbal format. As part of our participation in the Safe Harbor, we have agreed to TRUSTe dispute resolution for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have any complaints regarding our compliance with the Safe Harbor you should first contact us (as provided below). If contacting us does not resolve your complaint, you may raise your complaint with TRUSTe by Internet here, fax to 415-520-3420, or mail to TRUSTe Safe Harbor Compliance Dept., click here for mailing address. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe’s dispute resolution process, click here or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English.
NOTIFICATION OF CHANGES
We will always maintain the overriding principle that we will not sell, rent, or give away any personal information you share with us without your consent. We do not believe we will need to change that principle going forward. However, if we do need to change any other aspect of the policy, we will post changes on this website along with the effective date of those changes.