Great, all your data is stored for 24 hours and then collected in "anonymised" form for further processing and "internal research"! Also no mention of penalties, either for Cloudflare as a company or the responsible employees (starting with the CEO) in case of a violation. And no notice period of any time should Cloudflare decide to change those terms and have thousands of browsers still pointed at its resolvers.
Why would this make Cloudflare appear remotely trustworthy?
It's a legally binding contract between Cloudflare and Mozilla. If Cloudflare were to violate it, Mozilla could sue and a judge would determine the penalties for Cloudflare. There should be some rough guidelines written into law as well.
And we're definitely not talking about small amounts.
Cloudflare violating it would result in Mozilla violating the privacy of millions, which can be interpreted as significant damages to the citizens. They're also both situated in California, so privacy will be valued by a judge. Given Mozilla's public image as a privacy-friendly organization, they could also push charges for damaging that image.
That penalty + the damage to Cloudflare's own reputation, I cannot imagine they would survive.
Data from temporary logs will be moved (anonymized) to permanent logs. For me this reads as: once it is there, it is not your data anymore, not from Cloudflare Resolver for Firefox and not PII, so we can do ~whatever we wish.
IANAL but it looks like extreme weasel wording (and not even remotely GDPR compliant), there is nothing to violate.
Why would this make Cloudflare appear remotely trustworthy?