Turnstile GDPR Privacy statement detail

In order to use Turnsile we need to update our privacy statement and clarify with respect to Turnstile:

  1. What personal data is collected?
  2. if its transfered outside the EU the counties it is transfered to?
  3. How long its retained?

While I’ve seen Turnstile vs GDPR, which data are exchanged - #4 by rmadireddy its not very precise, and is slightly second hand rather than a clear statement from Cloudflare. Is there a clear statement from Cloudflare that enables developers to update their privacuy statements?

You can check out their privacy policy Cloudflare's Privacy Policy which will tell you

The privacy statement covers all of cloudflare products. So it is not clear what is actually belonging to turnstile.