How does a user access their information?

In the GDPR section of the privacy philosophy discussion, it is stated, “we give people the ability to access, correct, and delete their personal information”.

How does a person access these capabilities?

Thanks for the info.
Greg

Well that now sound very general, but:

you can:

  • view
  • edit
  • delete

your information where you added them. Log into your dashboard and go you your account settings. Then feel free to edit/delete them as you wish.

1 Like

Unless I’m missing something, going to account settings allows me to edit information that I originally entered. Please correct me if I am mistaken about that.

I took the GDPR statement to indicate that Cloudflare will allow me to access, correct, and delete information created about me by all Cloudflare customers. The statement is on this page Cloudflare and GDPR compliance | Cloudflare.

I’m trying to understand how much capability Cloudflare gives to users to understand what is being saved about them.

If it’s this line:

give our customers control over the information that passes through our network.

Then I don’t know what they mean by that. There’s no way in the world they can control personal information on websites proxied through Cloudflare. Shopify is a huge customer, and I don’t see how Cloudflare can scrub the data of every person who buys something on a Shopify site.

I don’t see anything in the Privacy Policy regarding website data. It only covers logging:

2 Likes

My curiosity was triggered by this statement:

“Cloudflare does not sell personal data we process on customers’ behalf, or use it for any purpose other than to provide our services to our customers. In addition, we give people the ability to access, correct, and delete their personal information”

I did kind of expect it wasn’t possible. It was such a strong statement of capability, that I had to ask if maybe Cloudflare was doing some sort of magic indexing behind the scenes of anything that looked like personal information.

I’m guessing there is no UI for a user to do this operation. If a user calls Cloudflare support and says delete all my personal information, is that possible?

Registered users? Sure, you can request your data to be removed, and it will be kept until it’s no longer needed (billing, legal, or any major reason).

https://developers.cloudflare.com/fundamentals/get-started/cloudflare-cookies

If you have further questions about the details that occur behind the scenes with your website visitors, I doubt you will get much more information than what’s on the cf cookies page; however, I believe cloudflare has a legal team you could reach out to.

1 Like

Thank you all for the replies so far. You’re helping me to clarify my thinking about what I am really curious about.

Since Cloudflare does not control what their customers are putting on the servers, I suspect the best case is that Cloudflare notes anything that could be personal information in what their customers are sending. When a user wishes to access their personal information, Cloudflare could use those notes to show the user a list of potential instances of personal information or perhaps a list of which companies control those bits of personal information. If a user wishes to delete their personal information, Cloudflare would need to direct the user to the companies controlling those bits of information, so Cloudflare could provide a list of whom to contact to the user.

A better version of my question is:
What tools or process flows does Cloudflare provide a user to access, correct, and delete their personal information saved by Cloudflare customers?

Also, to all you fine folks who are reading this contemporaneously with my posting, Happy New Year! Best wishes to you all.

Why the heck are we working on computer stuff rather than celebrating?

The information that Cloudflare saves isn’t identifiable by itself. It might store your IP and location; however, many users near you have had your IP and will have it (in fact, your current IP is likely blacklisted in some databases due to previous owners).
You can’t ask Cloudflare to remove the information they have about you because they can’t even know it’s you in the first place.

However, the aggregation of data of Cloudflare plus what the site owner has might make it identifiable. The site owner is responsible for dealing and informing you of this.

The scene is more complex than how I describe it, and it would be best to discuss this with a lawyer or somebody who is more enlightened on the topic.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.