CA-C-003380
Cloudflare — Cloudflare Privacy Policy
Entity
Date detected
July 1, 2026
Effective date
July 1, 2026
Severity
Low
Direction
Neutral
Affected users
all users
Changes
2 sentences modified
Share 𝕏 Share in Share 🔒 PDF
Watch Cloudflare Get alerts when this policy changes.
Watch — Free

Event Summary

Cloudflare's privacy policy was updated on July 1, 2026 to remove two items from the footer navigation: 'Community forum' was deleted from the support section, and 'Cloudflare for Campaigns' was removed from the public interest projects list. These are navigation and organizational changes with no material impact on stated data practices, user rights, or privacy obligations.

LOW

Consumer Impact

This change is a navigation and footer update with no material impact on Cloudflare's stated data collection, processing, or user privacy rights. The privacy policy's operative terms remain unchanged; only two footer links were removed from the document layout.

Governance Analysis

This change has no operational significance for privacy or data governance. It is a formatting and navigation update to the policy document footer with no impact on Cloudflare's stated data practices, user rights, or privacy obligations.

These clauses may change again. Get alerted when they do. Watch Cloudflare — Free

This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology

Evidence Verification

✓ Verified
Previous Version
11345595e27ea9423cbed8c6821f4134b453229474987c5b21b3afaf0d42d79c
May 5, 2026 05:58 UTC
✓ Verified
Current Version
d85fd48a640b74c160c9060049b8880cbc4bc79539b02480b3de2a514c527d93
July 1, 2026 00:39 UTC
✓ Verified
Change Detected
July 1, 2026 00:39 UTC
Analysis Methodology
✓ Verified
Source Document
https://www.cloudflare.com/privacypolicy/
Citation Record
Entity: Cloudflare
Document: Cloudflare Privacy Policy
Record ID: CA-C-003380
Captured: 2026-07-01 00:39:56 UTC
URL: https://conductatlas.com/change/2026-07-01-cloudflare-cloudflare-privacy-policy-3380/
Accessed: July 1, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
For legal and compliance teams

Institutional Analysis

Assessment

This is a formatting and navigation change to the privacy policy footer. No material changes to data handling practices, user rights, consent mechanisms, or privacy obligations are introduced. This does not create compliance obligations for organizations using Cloudflare's services.

Full compliance analysis

Obligation analysis, escalation trigger, board language, and recommended action.

Monitor $19/mo Compliance $249/mo

Monitor: regulatory citations + obligations. Compliance: full compliance memo.

ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-003380.

Clause-Level Changes

New Provisions Added
Passive Network Data Collection
Medium

Provision was consolidated into 'Automatic Data Collection and Log Data' rather than added as new content.

Full clause text available with Compliance. See Compliance →
Provisions Removed
Passive Network Data Collection
Medium

Specific enumeration of passive data collection (ISP, clickstream data, exit pages) was removed in favor of more generic language, reducing transparency about specific tracking categories.

Removed clause text available with Compliance. See Compliance →
Third-Party Service Provider Data Sharing
Medium

Removal of contractual requirements for third-party data protection and purpose limitation weakens binding obligations on service providers handling personal data.

Removed clause text available with Compliance. See Compliance →
Cookie and Tracking Technology Use
Medium

Specific distinction between session and persistent cookies and detailed enumeration of cookie purposes was removed, reducing granularity of cookie disclosure.

Removed clause text available with Compliance. See Compliance →
Provisions Modified
Controller vs. Processor Dual Role
High

Definition expanded from generic contractual language to explicitly enumerate End User categories and clarify the direct contract requirement for Customers.

Before/after clause text available with Compliance. See Compliance →
Automatic Data Collection and Log Data
Medium

Language simplified from detailed enumeration (ISP, referring/exit pages, clickstream data) to broader categories, with clearer delineation of data collection on behalf of Customers.

Before/after clause text available with Compliance. See Compliance →
Cookies and Tracking Technologies
Medium

Added explicit examples of tracking technologies (web beacons, pixels), categorized cookies by necessity, and added disclosure of third-party partner cookie usage.

Before/after clause text available with Compliance. See Compliance →
International Data Transfers
Medium

Removed specific Data Privacy Framework certifications in favor of broader consent-based language emphasizing U.S. governance and reduced local protections, with vaguer reference to transfer mechanisms.

Before/after clause text available with Compliance. See Compliance →
California Consumer Privacy Rights
Medium

Added explicit mention of CPRA (new California law) and included additional rights (opt-out of sale/sharing, non-discrimination, correct inaccurate information) previously only partially addressed.

Before/after clause text available with Compliance. See Compliance →
Legal Process and Law Enforcement Disclosure
Medium

Changed from "sole discretion" standard to "reasonably necessary" standard, narrowed scope by removing vague "prevent illegal or unethical activity" clause, and reframed categories with specific examples (death/bodily injury instead of general safety).

Before/after clause text available with Compliance. See Compliance →
Data Retention
Medium

Added specific trigger (account active status), enumerated purposes more explicitly (resolve disputes, enforce agreements), and added commitment to limited retention for log data.

Before/after clause text available with Compliance. See Compliance →
Third-Party Data Sharing
Medium

Removed contractual restrictions on third-party use and protection requirements, and added new category of disclosure for corporate transactions (M&A, asset sales, etc.).

Before/after clause text available with Compliance. See Compliance →

Cross-platform context

See how other platforms handle similar provisions across the ConductAtlas archive.

Compare across platforms → Browse regulations →

Full Changes

See the full side-by-side comparison of every sentence added, removed, and modified.

🔒 Full diff — Monitor

Document Context

Version history → Policy drift analysis → Document page →
Document
Cloudflare Privacy Policy
Entity
Cloudflare
Captured
July 1, 2026
Source URL
https://www.cloudflare.com/privacypolicy/
Other changes to Cloudflare Privacy Policy
Previous change May 5, 2026
Cloudflare's privacy policy was updated on May 5, 2026, but the detected change is a minor navigation and service listing …
Low Neutral
View full version history →
More from Cloudflare
Jun 21, 2026 Low
Cloudflare Terms of Use

Cloudflare updated its Self-Serve Subscription Agreement on June 21, 2026, removing several sentences and modifying others. The changes include removal …

May 5, 2026 Low
Cloudflare Privacy Policy

Cloudflare's privacy policy was updated on May 5, 2026, but the detected change is a minor navigation and service listing …

May 5, 2026 Low
Cloudflare Terms of Use

Cloudflare's website navigation and service menu was reorganized on May 5, 2026. The change involved restructuring how support and success …

Related Analysis
Platform Analysis · June 12, 2026
OpenAI Changed Its Privacy Policy 4 Times in One Week. Here Is What Actually Changed.

Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.

Track Cloudflare policy changes

Get alerted when this policy changes again — including what changed and why it matters.

Prefer a weekly summary instead?

Get the biggest policy changes across 320+ platforms every Sunday.