Dear Customer,
We’re writing to let you know that, following the adequacy decision adopted by the European Commission regarding transfers of personal data to the United States, Cloudflare has self-certified to the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the United Kingdom (UK) extension to the EU-U.S. Data Privacy Framework (collectively referred to as “the DPF”). As a result, to the extent each framework has been recognized as adequate, Cloudflare will now rely on the DPF as the legal mechanism for data transfers from the EU, Switzerland, and the UK.
As stated in our Data Processing Addendum, we will continue to rely on the EU Standard Contractual Clauses (and UK addendum) for transfers from the EU, Switzerland, and the UK to other third countries that are not subject to an adequacy determination.
We have also updated our Privacy Policy to include detailed information about our self-certification to the DPF, in particular concerning the complaint-handling mechanisms and supervision exercised by the U.S. Federal Trade Commission.
What do I need to do?
If you are a Self-Serve Customer or an Enterprise Customer on our standard contract (meaning no edits to the Data Processing Addendum), then no action is required. We ask that you review our updated DPA, which is incorporated by reference into our Self-Serve Subscription Agreement and Enterprise Subscription Agreement . We have updated our Data Processing Addendum to reflect that any transfers of personal data out of the European Economic Area, UK, or Switzerland will be conducted pursuant to the EU-U.S. Data Privacy Framework, the UK-U.S. extension to the EU-U.S. Data Privacy Framework and the Swiss-US Data Privacy Framework, respectively, as long as these frameworks are recognized by the participating jurisdictions as adequate legal mechanisms for data transfers from the EU, UK, and Switzerland to the United States. For transfers from the EEA, UK, and Switzerland to any other country that does not have an adequacy agreement in place, Cloudflare’s DPA will continue to incorporate the appropriate standard contractual clauses.
If you have a negotiated agreement: Please contact your account executives if you wish to update your agreement with Cloudflare.
Do you need more guidance?
If you have any questions, please refer to the Cloudflare Trust Hub for more information.
The Cloudflare Privacy Team
8. Termination of Use; Discontinuation and Modification of the Service
You will lose your license to use the Service if you violate any provision of this Agreement. Cloudflare reserves the right to investigate violations of this Agreement. We reserve the right to disable or limit your access to or use of the Service ("Suspend") or terminate your user account upon receiving any number of DMCA notifications from content owners regarding your website(s), or upon learning through other means that you are a repeat infringer. We may at our sole discretion terminate your user account or Suspend or terminate your use or access to the Service at any time, with or without notice for any reason or no reason at all. If we determine you have breached Section 2.2, we may immediately Suspend or terminate all or part of your use of the Services, or limit End User access to certain of your resources through the Services. We also reserve the right to modify or discontinue the Service at any time (including, without limitation, by limiting or discontinuing certain features of the Service) without notice to you. We will have no liability whatsoever on account of any change to the Service or any suspension or termination of your access to or use of the Service. You may terminate your account at any time through the Service’s account dashboard.
发邮件, information, certification
