We recognize that data protection in Europe presents unique challenges. Some of these challenges
stem from the European Union’s General Data Protection Regulation (GDPR) and the Court of
Justice of the European Union’s decision in the “Schrems II” case (Case C-311/18, Data Protection
Commissioner v Facebook Ireland and Maximillian Schrems) — the latter of which resulted in further
requirements for companies that transfer personal data outside the EU. In addition, a number of
highly regulated industries require that specific types of personal data stay within the EU’s borders.
As such, Cloudflare’s Internet platform is built to support Europe’s most privacy-conscious and
regulated industries, including financial services, the public sector, energy, utilities, retail, gaming,
and healthcare. At Cloudflare, we build our products to meet the highest standards of security
and user privacy, and we partner closely with each of our European customers to help them meet
data protection obligations associated with their specific location and industry segment. We
accomplish this through a variety of avenues, including:
- Our overarching corporate commitment to privacy
- Maintaining global and European security certifications
- Maintaining GDPR-compliant data transfer mechanisms
- Offering product features which support data localisation