What data does Cloudflare log about end-users?

What data does Cloudflare see or keep when end-users access sites using Cloudflare?

For example, if someone accesses a site using Cloudflare CDN, does Cloudflare keep track of the IP address and what content they are accessing? Does Cloudflare discard this information or keep indefinitely, and does Cloudflare give this information to Cloudflare customers? Is it the user or the Cloudflare site that interacts with Cloudflare’s servers?

For bot detection, does Cloudflare keep track of or log a computer’s interactions with a site on the Cloudflare network?

Hi there,

You can review the our Privacy Policy, and more details under the developer document: Zone Analytics, where you can check that’s plan related.

Take Care!

Thanks. I read the privacy policy, but there’s something that I don’t understand exactly. Cloudflare claims that data will be retained depending on volume and sensitivity, as well as the risks involved with retaining it.

I’m wonder if this only applies to customers and registrants of Cloudflare. For example, if an end-user were to access a site using Cloudflare CDN and DDoS Protection, and the content they retrieved and time spent authorized on that website was on Cloudflare’s servers, how long do you think this may be retained? (How long would this information be available to site owners?)

As a CDN, what logs do Cloudflare store about content requests made by end-users of sites using Cloudflare? Is an end-user’s information such as IP address and device tracked? Can site owners download this information in the form of logs to keep indefinitely?
How long is this information kept in Cloudflare edge servers and how long are Cloudflare customers allowed to access it? How often is this information deleted by Cloudflare?

Also, does Cloudflare keep track of HTTP requests from verified non-bot users? Can Cloudflare see the details of HTTP requests / are these requests logged? If so, for how long are logs kept and what details about the end-user are kept?
How long are Cloudflare customers allowed to access these logs? How long is this information kept in Cloudflare edge servers and / when is this type of information deleted?

Can Cloudflare’s DDoS protection services track statistics about how someone uses a website?

Sorry if this isn’t the place for these questions. I’ve searched through Cloudflare’s articles on privacy and their GDPR compliance, but I can’t find anything that answers these questions specifically.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.