Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?
i think you are completely wrong here. big corporations do cost assessments of security vs costs of security breaches. if security is more expensive than data breach, they will accept the breach.