Last updated September 27, 2023 (note that the "Supplemental Terms" have been renamed to the "Service-Specific Terms" as of May 10, 2023)
The following Service-Specific Terms (“Service-Specific Terms”), are an integral part of the Self-Serve Subscription Agreement, Enterprise Subscription Agreement, or any other agreement governing your use and access to Cloudflare's Service(s), as applicable (“Subscription Terms”). Unless defined below, all capitalized terms will have the definitions given to such terms in the Subscription Terms. For Enterprise customers, all references to “you” and “your” in the Service-Specific Terms below refer to the Customer named in the applicable Order Form or other ordering document.
Please click on the following links to navigate to the Service-Specific Terms applicable to your specific Cloudflare Services.
In order to use the BYOIP Service, Customer must provide Cloudflare with a letter of authorization signed by an authorized representative of Customer sufficient to permit Cloudflare to announce the Customer’s IP addresses. Customer shall maintain accurate whois information for its IP addresses at all times. Customer represents and warrants that the Customer has obtained all rights, licenses, consents, and permissions necessary to convey the rights set forth in the letter of authorization. In the event that the Customer is not the legal owner of the IP addresses, Customer must also supply a letter of authorization from the legal owner, authorizing Cloudflare to announce the IP addresses. Cloudflare may stop advertising IP addresses without any liability to Customer if the legal owner of such IP addresses withdraws its authorization. In such a circumstance, Cloudflare will use reasonable efforts to provide Customer with advanced notice.
The IP addresses that the Customer brings to Cloudflare must be used solely in connection with the Customer’s domains that are receiving Cloudflare's Enterprise Services.
By connecting your infrastructure to the Cloudflare network via a private network interconnection (physical or virtual) or over an Internet Exchange, you understand and agree that Cloudflare has no responsibility for the performance or reliability of your interconnection, and that all requests for interconnection support should be submitted to the applicable colocation service provider. You shall ensure that at all times your infrastructure has multiple connections to the public Internet that are unrelated and not dependent on your interconnection to the Cloudflare network.
IN NO EVENT WILL CLOUDFLARE BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING OUT OF OR RELATING TO YOUR INABILITY TO ACCESS OR USE CLOUDFLARE NETWORK INTERCONNECT, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STATUTE, OR ANY OTHER LEGAL THEORY, WHETHER OR NOT CLOUDFLARE HAS BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGE.
Any limits on data transfer related to non-HTTP/S products (e.g., Cloudflare Spectrum) will be separate from and in addition to any other data transfer caps related to HTTP/S traffic that Customer has under the Agreement. Cloudflare will determine Customer’s Spectrum traffic for the billing period by calculating the sum of both the ingress and egress traffic to and from Customer's internet clients as measured by Cloudflare during each billing period.
Cloudflare’s Magic Transit utilizes border gateway protocol to direct traffic from Customer’s set of ingress and egress termination points, including, but not limited to, individual IP addresses, protected subnets, IP networks and border routers under Customer’s control (the “Customer Network”). Magic Transit provides layer 3 DDoS mitigation, Magic Firewall provides a network firewall, and Magic WAN provides traffic management solutions to the Customer Network traffic directed to the number of Customer’s IP Prefixes listed on Customer’s Order Form or Insertion Order, as provided by Customer to Cloudflare for the Customer Network.
Magic Transit and Magic WAN will be provided to Customer subject to the Bandwidth Limits listed on Customer’s Order Form or Insertion Order, as measured by Cloudflare at the 95th percentile.
To establish Customer’s bandwidth at the 95th percentile, Cloudflare will measure and record Customer’s bandwidth usage at five (5) minute intervals from 00:00 on the first day of each month until 24:00:00 on the same date of the next month (as based on the UTC+8 time zone). Customer’s bandwidth usage records (all clean bandwidth valued for all of the Customer’s Internet Properties) for the entire month will then be sorted by Cloudflare in descending order and the top 5% of the recorded bandwidth values will be discarded. The highest bandwidth value in the remaining records will be deemed the billable bandwidth for that month.
By way of example, in a month with 30 days, Cloudflare would measure Customer’s bandwidth 8,640 times (i.e. 12 x 24 x 30). After sorting all of the bandwidth measurements from highest to lowest, and discarding the top 5% of such measurements, Customer would be charged at the 433rd highest value (i.e. 8,640 x 5%).
Magic Transit On-Demand Limits.
Customer’s use of Cloudflare’s Magic Transit On-demand Service is limited to a maximum of 240 hours per month.
a. General. Customer shall administer Layer 3 DDoS mitigation, traffic filtering and traffic management configurations for Magic Transit directly or through Cloudflare as described in this Section 4.
b. Procedure. Configuration changes for Customer’s use of Magic Transit may be completed by Cloudflare. To initiate a configuration change, Customer will issue Cloudflare a support ticket through Cloudflare’s ticketing system indicating the requested configuration change (a “Configuration Ticket”). Cloudflare will implement the requested configuration change on behalf of Customer based on the information provided in the Configuration Ticket. Customer acknowledges and agrees that it is responsible for all such requested configuration changes. Cloudflare will have no liability for any harm or damage arising out of or in connection with any configuration change requested by Customer unless such harm or damage is the result of Cloudflare’s failure to follow Customer’s instructions provided in the Configuration Ticket or unless Cloudflare has carried out the configuration changes in an imprudent or defective manner.
c. Emergency Configurations. Customer pre-authorizes Cloudflare to implement emergency configuration changes without following the configuration change process set forth in Section 4(b) in order to mitigate adverse effects on the Customer Network in the event of a DDoS attack. Cloudflare will have no liability for any harm or damage arising out of or in connection with any emergency configuration changes unless such changes have been carried out in an imprudent or defective manner.
Customer will comply with the following requirements:
a. Registry Information. Customer will maintain accurate and up to date WHOIS and Internet routing registry information for all IP Prefixes.
b. Letter of Authorization. Customer will provide Cloudflare with a letter of authorization signed by an authorized representative of Customer sufficient to permit Cloudflare to announce the IP Prefixes.
By participating in Project Pangea, you represent and warrant that you meet the Project Pangea eligibility requirements available here (“Project Pangea Requirements”). You understand that should you fail to meet the Project Pangea Requirements at any time, Cloudflare may suspend, limit, or terminate your access to the Cloudflare Services. You represent that to the best of your knowledge, the information you provide to Cloudflare including, but not limited to, your expected bandwidth usage and geographic location of users is truthful, accurate, and complete. To the extent applicable to your use of the Cloudflare Services, you agree to the Cloudflare Service-Specific Terms for Magic Transit and Cloudflare Network Interconnect.