Cloudflare Earns New Landmark Global Privacy Certifications, Building Trust Worldwide

Cloudflare announced it is among the inaugural group of organizations officially certified under two new global privacy standards, the Global Cross-Border Privacy Rules and the Global Privacy Recognition for Processors systems. These brand new certifications, launched by a forum of nine governments, allow organizations like Cloudflare to voluntarily demonstrate their commitment to data protection and privacy standards when moving personal data across borders. With these new certifications, organizations can trust that Cloudflare has audited controls and protections in place around customer data.

“Running a global business is getting more and more complex,” said Matthew Prince, co-founder and CEO at Cloudflare. “Global standards like the CBPR and PRP are important because they can establish clear, consistent guidelines around data privacy, and make it easier for organizations to scale and do business across borders. Cloudflare has a long history of putting privacy first – helping build new industry protocols, building it into our products by default, and now we’re one of the first organizations to achieve these new global certifications.”

The Global CBPR and Global PRP certifications were established by nine governments in the following locations: Australia, Canada, Japan, Mexico, the Republic of Korea, the Philippines, Singapore, Chinese Taipei, and the United States. The United Kingdom, Bermuda, Mauritius, and the Dubai International Financial Centre (DIFC) are CBPR Associate Members.

These two new certifications help to bridge varying data protection laws from around the world, and allow companies to demonstrate their compliance to an internationally-recognized standard. The Global CBPR and Global PRP are a set of data protection and privacy standards to support the safe and secure movement of personal data across borders and build trust with consumers and businesses alike. The certifications cover 50 requirements on how organizations should collect, manage, and safeguard personal information in their custody, based on nine guiding principles, including:

Cloudflare is also currently certified under ISO 27701 and ISO 27018, which establish guidelines for how organizations process personally identifiable information (PII) in public cloud environments; as well as being verified compliant to the EU Cloud Code of Conduct. The EU Cloud Code of Conduct is recognised under the GDPR in the 30 EEA countries (Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lichtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden).

Source: Cloudflare media announcement