Cloudflare Data Localization Suite

Localizing often forces businesses to restrict their application to one data center or one cloud provider’s region. This creates a trade-off between compliance and fast, secure experiences for end users.

The Cloudflare Data Localization Suite takes a rigorous and granular approach to data localization, making it easy for businesses to set rules and controls at the Internet edge, adhere to compliance regulations, and keep data locally stored and protected.

Visit the Trust Hub to learn more about supported locales, or view a list of supported products.

Decide where your data is inspected

Choose the location of the data centers where your traffic is inspected. As local data collection and privacy regulations change, you can adjust local controls to remain compliant.

Deploy serverless code with regional control

Build applications that allow your developers to combine global performance with local compliance regulations. You decide where your data is stored — with no performance penalties.

How the Cloudflare Data Localization Suite works

Preserving end-user privacy is core to Cloudflare’s mission of helping to build a better Internet. There are several ways Cloudflare ensures that your data stays as private as you want it to, and only goes where you want it to go:

DDoS attacks are detected and mitigated at the data center closest to the end user.
Data centers inside the preferred region decrypt TLS and apply HTTP services like WAF, CDN, and Cloudflare Workers.
Keyless SSL and Geo Key Manager store private SSL keys in a user-specified region.
Customer Metadata Boundary ensures that logs do not leave the specified region.

Effortlessly encrypt your data.

Data privacy requires airtight encryption. Cloudflare uses the highest level of encryption possible for data in transit and at rest, ensuring that all communication between our edge and core data centers is always protected.

Control access to SSL private keys.

Security regulations can make it impossible to share private keys with third-party providers. Geo Key Manager and Keyless SSL allow you to store and manage your own SSL private keys, while still routing encrypted traffic through Cloudflare’s global network.

Choose where your traffic is handled.

To meet your compliance obligations, you may need control over where your data is inspected. Cloudflare Regional Services helps you decide where your data should be handled, without losing the security and performance benefits our network provides.

Decide where data is sent.

The Customer Metadata Boundary allows you to comply with local laws by ensuring that data containing sensitive information does not leave your specified region.

Build location-aware applications.

Traditional cloud systems aren’t always equipped to meet data compliance standards. Jurisdiction Restrictions for Workers Durable Objects makes it easy to build serverless applications that are confined to a specific region — so you can control where your applications store and run data.

Resources

BLOG

Introducing the Cloudflare Data Localization Suite

Learn how Cloudflare Data Localization enables businesses around the globe to meet data compliance regulations while remaining performant.

Learn more

Whitepaper

How Cloudflare helps address data protection and locality obligations in Europe

This paper covers Cloudflare's global and European security certifications, GDPR-compliant data transfer mechanisms, and product features which support data localisation.

Learn more