Advancing Privacy Protection with the GDPR

The European General Data Protection Regulation (GDPR), which will replace the current European Data Protection Directive of 1995, aims to address growing concerns over control and use of personal data in the digital age. It is set to come into effect on May 25, 2018, and will have a significant impact on businesses worldwide due to its extra-territorial scope. The GDPR sets out a risk-based approach to privacy protection and codifies important principles such as control and transparency for users, accountability for data processors and controllers, and privacy by design and default. It also strengthens the right to erasure or "right to be forgotten". Cloudflare is working towards full compliance with the GDPR before the May 2018 deadline, introducing added control mechanisms for its users and new features to help businesses with their own GDPR compliance journey.