I am setting up a privacy-focused website and am impressed by Cloudflare’s stance… but I’m confused about a few details.
I read this article: https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies
…What I think I understand from this article is that ALL data collected by the Cloudflare cookies will be completely anonymous. Including the Ray-ID. …Is this correct?
…ALSO, Is there any way that a person’s IP address or browser settings would be logged by Cloudflare, or am I safe (in GDPR terms) to tell my visitors that their visit to my privacy-tool-selling website will be completely anonymous. I’m hoping to work with journalists and human-rights folks so this is EXTREMELY important.
This older article from 2013 made me doubt this second point: https://blog.cloudflare.com/what-cloudflare-logs/
…It says “most clients” have logs that only last for 4 hours and alludes to enterprise clients as the clients that don’t meet this guideline. But it isn’t explicit, which I know can be problematic. It’s a very old article so I’m not sure it’s up-to-date.
Are there logs of my customer’s IP and browser settings, or not?
If there are, how long do they last, and will my customers remain 100% anonymous?
Thanks a million for the help on this!