Data collected by your company
When you enroll a device in Cloudflare Zero Trust, your company has access to certain information about your device and Internet browsing activity. This page provides a non-exhaustive list of the data visible to your company through Cloudflare WARP (Windows/macOS/Linux) and the Cloudflare One Agent app (iOS/Android). For more information, refer to your company’s Acceptable Use Policy.
Always visible
Basic device information is visible for all devices enrolled in Cloudflare Zero Trust.
| Data | Notes |
|---|---|
| Device name | |
| Device manufacturer | |
| Device model | |
| Operating system and version | |
| IP address | Can also see public information associated with your IP address, such as the city, state, and country. |
Always visible on Windows/macOS/Linux
The following device details are always visible on Windows, macOS, and Linux devices. This data is never visible on Android and iOS phones.
- Device serial number
- Installed certificates
- File paths and file names
- Device registry and event logs
- Running processes
Might be visible
The following information may be visible to your company depending on what security policies they have configured.
| Data | Notes | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Browsing history | Can see the IP address, domain, and URL of visited websites. Examples of URLs that may be visible:https://www.google.com/search?q=I+am+searching+for+thishttps://www.google.com/maps/place/Anaheim,+CA/@33.833881,-118.0103029,11zhttps://www.youtube.com/watch?v=xyz123Financial information | Subject to Data Loss Prevention policies. | Social security numbers and national IDs | Subject to Data Loss Prevention policies. | Emails | Can inspect email text for sensitive data. | Contents of files transferred over the Internet | Can inspect uploaded/downloaded files and files stored on cloud services. | Wi-Fi network | Only visible if you send logs to your IT admin. | Pictures and photos | Can see the names of photos sent to cloud services. Cannot see the actual photos. | Installed apps | Windows/macOS/Linux: Can check whether a specific app is installed. Cannot see a list of all apps that are installed.iOS/Android: Cannot see what apps are installed. However, because almost all apps generate Internet traffic, that Internet traffic is visible. | |
Data Loss Prevention
Your company may have Data Loss Prevention (DLP) policies in place which scan your Internet traffic (including emails, Google drive, and more) for certain phrases or proprietary information. If a match is triggered, the matching content is encrypted and only visible to designated administrators at your company. Cloudflare cannot decrypt this data.
Cloudflare currently redacts sensitive numerical data (such as credit card numbers, bank account numbers, and Social Security numbers) – your company will see these numbers as XXXXXXXXX. Cloudflare does not redact any text (such as first name, last name, address, and email address) – this information may be visible to your company. For more information on how your company handles personally identifiable information (PII), refer to your company’s Employee Privacy Policy.
Never visible
The following data is never visible to your company through Cloudflare Zero Trust.
- Passwords
- Phone call history
- Phone contacts
- Text (SMS) messages
- Contents of files stored locally on the device
- Precise GPS coordinates