Security of decrypted data

I understand that Cloudflare decrypts my data internally, see answer Does CloudFlare proxy servers decrypt my data?

However, it’s not clear to me exactly what happens to my data. I’m a bit worried since passwords and sensible data will be clearly visible to Cloudflare. I know, everyone trusts Cloudflare, but is there a clear policy on data retention, and how is access to unencrypted data from 3rd parties or CF employees prevented? I only found a privacy policy, but it seems to cover only my personal data (name, address, payment info ecc).

Hello,

Cloudflare keeps their logging/data inspection to very, very high level headers such as user agent, accept-encoding, Host header, etc.
form data is NEVER collected nor stored and there is no way for you to filter nor store it on Cloudflare.
They will only collect the information that is required to show statistics or mitigate attacks/detect bots, they have stated multiple times that this is an issue they are extremely careful about.

I completely understand your concern though, if you have built in checkout for example, all personal data is going through Cloudflare datacenters, and while that may be scary sometimes, we have to remind ourselves that Cloudflare is one of the leaders in web security in the entire worldt. All cloud firewalls would have to perform some sort of MITM to inspect traffic, it is not something exclusive to Cloudflare.

1 Like