Upstream vendor · § Who relies on it
● Updated 06 June 2026Who relies on Cloudflare
10 of the 18 SaaS providers Registora monitors disclose Cloudflare as a sub-processor on their own page, including Anthropic, Cloudflare, GitHub, as of 06 June 2026. Under GDPR Article 28(2), if you build on any of them, Cloudflare is part of your sub-processor chain too.
Providers that disclose Cloudflare
- ai
- infrastructure
- dev_tools
- support
- productivity
- ai
- email
- monitoring
- database
- support
Names found across provider pages, collapsed to one entry: Cloudflare; Cloudflare Ltd.; Cloudflare, Inc; Cloudflare, Inc.; Cloudflare, Ltd..
Source: each provider's own public subprocessor page, scraped daily by Registora. We report observed facts only - we make no claim that any company is or is not compliant.
Questions
- How many SaaS providers disclose Cloudflare as a subprocessor?
- 10 of the 18 providers Registora monitors list Cloudflare as one of their own sub-processors, as of 06 June 2026. The full list is on this page and is refreshed daily.
- Does this mean every company uses Cloudflare?
- No. It means 10 of the specific 18 providers we monitor disclose Cloudflare on their public subprocessor page. We report only what each provider publishes; we make no claim about any company's compliance.
- Why does Cloudflare matter for GDPR Article 28(2)?
- If you build on a provider that uses Cloudflare, then Cloudflare is part of your own sub-processor chain, and your customers can ask you to disclose it and to notify them when it changes. Registora monitors these upstream lists daily and drafts the Article 28(2) notice when one changes.
Your chain
Cloudflare is probably in your subprocessor chain.
Registora hosts your public subprocessor register, monitors every upstream provider for changes daily, and drafts the Article 28(2) customer notice when one updates.