Cloudflare

US·cloudflare.com

View Policy

— Privacy score

Poor

GRADE D

Grade Spectrum

Updated 9 days ago

FDCBA

Data Collection20% wt

35/100

7 / 20 pts contributed

Data Sharing25% wt

10/100

3 / 25 pts contributed

Tracking20% wt

50/100

10 / 20 pts contributed

Transparency20% wt

55/100

11 / 20 pts contributed

User Rights15% wt

85/100

13 / 15 pts contributed

AI Risk

86/100

Analysis Findings

Data Collection

25 Types

Data Sharing

8 Issues

Tracking

21 Trackers

Transparency

Fair

User Rights

Comprehensive

AI Practices

86/100

Top Subprocessors

APNIC

apnic.net · Research Cooperative Agreement, sharing anonymous DNS resolver logs.

Infrastructure—

ICANN (The Internet Corporation for Assigned Names and Numbers)

icann.org · Domain registration, WHOIS protocol, overseeing domain's top-level domain.

Other—

Relevant registry operators

Overseeing the domain’s top-level domain, domain registration, WHOIS protocol.

Other—

Collected Data Types

Name

identity

Email Address

identity

Phone Number

identity

Physical Address

identity

Image

identity

View 20 more

Cookies & Tracking

Essential

Required for basic functionality

Low risk

Functional

Preferences and settings

1Low risk

Analytics

Usage tracking & product insights

4Medium risk

Marketing

Marketing & remarketing

High risk

Doing Well

Data inventory with purpose mapping documented
Subprocessor list published
Privacy policy published
Comprehensive policy sections
Data processing purposes stated
6 user rights listed

Concerns

Collects biometric data
Tracks behavioral data
Collects browsing history
Collects location data
Collects financial data
Collects 25 data types

Privacy Summary

Cloudflare collects personal data including your name, email, contact information, IP addresses, and website activity when you use their services or visit their sites. They share this data with service providers to run their business and with marketing partners (with an opt-out option), but state they do not sell or rent your personal information. To request access, correction, or deletion of your data, you can email sar@cloudflare.com.

AI-generated summary based on policy analysis dated Apr 18, 2026

Quick Facts

Legal NameCloudflare, Inc.

HeadquartersUS

Data DeletionModerate (6/10)

Vendors3 third parties

Data Types25 types collected

Last AnalyzedApr 18, 2026

Compliance

GDPRYes

CCPANo

Data Request FormYes

Recent BreachNo

Data BrokerYes

Policy Documents

AI Risk

Medium user impact from AI usage