Manage PII

Cloudflare Gateway gives you multiple ways to safely handle your employees' personally identifiable information (PII) in activity logs:

• Redact PII (default) — PII is stored in logs but hidden from view. Only the Super Administrator and users with the Cloudflare Zero Trust PII role can view redacted PII. The underlying data is preserved — redaction only controls who can see it.
• Exclude PII — PII is not stored in logs at all. No user, including the Super Administrator, can retrieve it.

Only the Super Administrator can assign roles and determine who has permission to view PII. To add or remove the Cloudflare Zero Trust PII role for a user in your organization, refer to Roles.

Types of PII

Cloudflare Gateway can log the following types of PII:

• Source IP
• User email
• User ID
• Device ID
• URL
• Referer
• User agent

Exclude PII

When you exclude PII, Gateway logs activity without storing any employee PII. This differs from the default redaction behavior — excluded PII is not stored and cannot be retrieved by any role, including the Super Administrator.

Warning

Excluding PII is irreversible for the period it is active. If you turn on this setting and later turn it off, logs captured while the setting was on will permanently lack PII data.

Changes to this setting do not affect PII already stored in previous logs.

To turn on the setting to exclude PII:

1. In Cloudflare One ↗, go to Traffic policies > Traffic settings.
2. In Traffic logging, turn on Exclude personally identifiable information (PII) from logs.