I’m in a public cafe, can they see my activities if I’m using warp? How safe am I from using warp? Are the data encrypted enough? I had read WARP is not a real vpn from outdated articles, is it any good now?
Edit: I’m still confused if the network engineer/operator can see my activities/site history judging from the comments
No, they cannot see your activities at all. Articles saying that it’s not a “real VPN” are just saying that it wasn’t built to hide your identity or location. You can’t choose what datacenter to connect to, it just connects to the closest one. It was just built for privacy and speed. They used to pass along your IP with requests, but no longer do that.
As far as I know warp uses wireguard under the hood a new and very robust vpn protocol, as someone else says cloudflare doesn’t sell warp as a vpn because it only connects to the nearest egress IP/ (probably data center) of cloudflare, so it doesn’t hide your location or spoofs your country, warp will always connect and make your egress IP one on cloudflare located in your country…
You can read the privacy policy of warp for the data collected, is minimum, like real IP, ASN etc, but not logs your activity, like the real data you consume.
So is secure, and for me the best election.
…
Having said that, Cloudflare warp has 2 versions (kinda)
WARP: the consumer version of the product that works as described above.
And
… WARP (Cloudflare Zero Trust): The team/business version orientated to connect offices together through the cloudflare network, connect remote users to private resources etc.
If you are using the second one yes, all your HTTP/S, DNS… etc traffic can be monitored (but only for your IT department) they can see, and create rules to block you to visit not work related sites on demand.
In resume, CF WARP for me is the most secure VPN like app to use at the moment, so feel free and secure of using it. 
The network engineer would see you are using cloudflare vpn, but can’t see what websites you are visiting
Depends how it was implemented.
Depends on the location of the network engineer.
The network engineer at the Hotspot or of the ISP you use as uplink then only sees you are using Cloudflare WARP. This is why WARP is (and other VPNs like NordVPN are, too) disabled in Countries like Jordan. (Use an SSH tunnel instead - this even works in China and similar countries.)
Network engineers at Cloudflare, however, are able to track what you do. As, thanks to WARP, Cloudflare is a MitM and perhaps even can act as a Middlebox. So with WARP, you exchange various different Network engineers at various locations, with the ones at Cloudflare. That’s basically it.
Network engineers of the page you access can also detect you are using WARP and track you, as web tracking is pretty standard. They probably need a few more tricks, and thanks to WARP, they cannot pinpoint your exact current location that easily, but they still can detect your region, as WARP is not a tool to circumvent region locks.
If you are really concerned with privacy and/or you can/want not to use SSH as SOCKS-Tunnel, rather try ToR or I2P. Then you can choose the exit Relay yourself. (Note that 90% of the Exits might be operated by intelligence agencies, however they are less interested to sell your data than commercial companies like Cloudflare. Note that Cloudflare is US based, which means all data Cloudflare gathers is subject to NSLs, so the NSA probably already has all your metadata anyway). However OpenNETs/Overlaynetworks like ToR/I2P are usually much slower than dedicated VPNs like WARP, but they are still much faster than DarkNETs like Freenetproject (and I think Freenet has no Outproxies like ToR or I2P. Note to the truly paranoid: it should be possible to configure I2P as Proxy for your local ToR node, which should work very slowly but offer a very high degree of anonymity - as nobody can track that you are using ToR this way - they only see you running I2P).
HTH
Yes but only apps that are by default excluded for example on android google photos and youtube i think. Check in the settings. Everything else should be encrypted as per wireguard standards
How true is this? I thought they can only see my requests to cloudfare servers? And since most sites are https nowadays, does that mean they can pretty much see all of my activities/history?
They would be able to see (and potentially block) that you’re connecting to Cloudflare. But should not be able to see the content of the traffic going over WARP.
Metadata collection is still possible without VPN with VPN not so much.