Cloudflare is a privacy-first company. As such, the Act on the Protection of Personal Information (“APPI”) represents many steps we were already taking. We do not sell personal data we process, or use it for any purpose other than delivering our services. In addition, we let people access, correct, and delete their personal information, and give our customers control over the information passing through our network.
Cloudflare’s network can encrypt data throughout its journey from origin servers to end-users, using the very latest protocols.
Cloudflare’s Web Analytics does not use any client-side state, such as cookies or localStorage, to collect usage metrics — and never ‘fingerprints’ individual users.
In many regions — including Japan — Cloudflare lets organizations control which regional data centers their traffic is inspected in and where logs are sent.
Cloudflare Zero Trust lets organizations enforce country-specific access rules, block risky sites and content, and log access events for internal applications and data.
Cloudflare Logs gives granular insights into every HTTP request, helping you investigate potential breaches and other security incidents.
Cloudflare complies with many industry-standard security certifications, including several focusing on privacy and personal data protection.