Privacy | Databases | Exclude functions from CDN

Hello, everybody,

i am new to Cloudlfare and i would like to run the CDN on one of our company pages. So the following questions came up:

  1. We have an order tracking system running on the site, can we exclude this system from the DNS?

  2. Can we also exclude the customer login area and contact forms?

To use these systems, the Cloudflare CDN would need to have access to the corresponding databases, right? This would be negative from a data protection point of view (DSGVO) i guess. Are there any thoughts or even experiences about this on your side?

Best wishes
Robin

Not from DNS, but you could ‘unproxy’ a subdomain, lets say track.domain.com, and just use DNS for it. All traffic is routed directly to the origin server.

Well, you can’t unproxy particilar pages. You can disable several things with page rules.

No. They just proxy web content. Only your app will have access to your DB. However, in theory they could read every thing that is transmitted through your website but not your databases. But why should they do so?

Use GDPR.
Der Begriff Datenschutzgrundverordnung ist eher unbekannt hier :wink:

Cloudflare is fully committed to complying with the requirements of the GDPR by making changes to our products, contracts, and policies.