Cloudflare DPA Acknowledgement
Status: ACCEPTED VIA TERMS OF SERVICE (no separate execution required) Last updated: 2026-05-19 UTC
Vendor Details
| Field | Value |
|---|---|
| Vendor | Cloudflare, Inc. |
| Vendor address | 101 Townsend St, San Francisco, CA 94107, USA |
| Role | Network-layer sub-processor: CDN, WAF, DDoS mitigation, DNS, CF Access (authentication gateway) |
| DPA URL | https://www.cloudflare.com/cloudflare-customer-dpa/ |
| Execution method | Click-through acceptance — DPA is incorporated into Cloudflare's Terms of Service. No separate signing required. |
| SCC mechanism | Yes — Cloudflare DPA includes 2021 EU Commission SCCs and UK Addendum |
How Acceptance Works
Cloudflare's DPA is incorporated into their Terms of Service. By creating and using a Cloudflare account, the account holder (Raxx/MooseQuest LLC) has accepted the DPA. No separate form execution is needed.
To confirm acceptance:
1. Log in to the Cloudflare dashboard at https://dash.cloudflare.com/
2. Navigate to Account → Legal (if available) to see the current ToS acceptance record.
3. The current Cloudflare Customer DPA (with SCCs) is at: https://www.cloudflare.com/cloudflare-customer-dpa/
No further action is required for Cloudflare. This document is informational — recording that Cloudflare DPA acceptance is handled by ToS.
What This Covers
Cloudflare processes request metadata for all Raxx web traffic: - IP addresses (WAF/bot-fight screening) - Request headers and URLs (WAF rules evaluation) - CF Access authentication tokens (for console.raxx.app and vault.raxx.app) - CDN-cached assets (no personal data in static assets)
Cloudflare's sub-processor list: https://www.cloudflare.com/cloudflare-sub-processor-list/
Version History
| Date | Change | By |
|---|---|---|
| 2026-05-19 UTC | Document created | raxx-dev-bot (feature/vendor-dpa-acknowledgements) |