Privacy Policy

1. Introduction

Crontify ("we", "us", "our") operates the cron job monitoring service available at crontify.com (the "Service"). This Privacy Policy explains what data we collect, how we use it, and the rights you have over it. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. What We Collect

We collect the minimum data necessary to operate the Service:

• Account data: email address, name (optional), hashed password, account creation date.
• Monitor configuration: names, cron schedules, grace periods, timezones, alert rules, and tags you define.
• Run metadata: timestamps, duration, status codes, error messages, and numeric metadata sent via the SDK or API.
• Log output: plain-text log data you explicitly attach to fail pings via the SDK or API. This data is provided voluntarily and stored as-is. You are solely responsible for ensuring it does not contain sensitive, personal, or regulated information.
• Usage data: API key usage, billing history, plan tier.
• Technical data: IP addresses for rate limiting and security purposes, browser type for support purposes.

We do not collect the source code, database contents, or infrastructure details of your systems. We only receive data that you explicitly send to our API.

3. How We Use Your Data

• Providing, maintaining, and improving the monitoring and alerting service
• Sending transactional communications (email verification, alerts, billing receipts)
• Diagnosing technical issues and ensuring service stability
• Enforcing plan limits and preventing abuse
• Complying with applicable legal obligations

We do not use your data for advertising purposes, sell it to third parties, or use it to train machine learning or AI models.

4. Data Sharing

We share data only with the following service providers, strictly for operating the Service:

• Payment processor — payment processing. Your payment data is handled directly by our payment processor and subject to their privacy policy. We do not store full payment card details.
• Brevo / Resend — transactional email delivery. Only your email address and message content are shared as necessary for delivery.
• Infrastructure providers — cloud hosting and database services operating under data processing agreements.

We do not sell, rent, or trade your personal data. We may disclose data if required to do so by law, court order, or governmental authority, or where necessary to protect the rights, property, or safety of Crontify, our users, or others.

5. Data Retention

Run history is retained according to your plan tier: 14 days on Free, 90 days on Standard, 365 days on Pro, and indefinitely on Premium. Account data is retained while your account is active. Upon account deletion, all personal data is permanently purged within 30 days, except where retention is required by law. Billing records may be retained for up to 7 years in compliance with applicable financial regulations.

6. Security

We implement industry-standard technical and organisational measures to protect your data: passwords are hashed using bcrypt, API keys are stored only as SHA-256 hashes and never in plaintext, all data is transmitted over TLS, and authentication refresh tokens are rotated on every use. Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and accept no liability for unauthorised access beyond what is required by applicable law.

7. Cookies

We use a single HttpOnly, Secure cookie strictly for authentication session management (refresh token rotation). This cookie is technically necessary for the Service to function. We do not use tracking cookies, advertising cookies, analytics cookies, or any third-party cookies of any kind.

8. Your Responsibilities

You are responsible for the data you choose to send to the Service, including error messages, log output, metadata, and monitor names. You must not submit data to the Service that contains sensitive personal information (such as passwords, financial data, health records, or government ID numbers), regulated data subject to sector-specific laws, or data you do not have the right to process or share. We process all data you send in good faith. We accept no liability for data you submit in violation of this section.

9. Disclaimer of Warranties

The Service is provided on an "as is" and "as available" basis without warranties of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not warrant that the Service will be uninterrupted, error-free, or that data will never be lost. Your use of the Service is at your own risk.

10. Limitation of Liability

To the fullest extent permitted by applicable law, Crontify and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, loss of data, business interruption, or loss of goodwill, arising out of or in connection with your use of or inability to use the Service, even if we have been advised of the possibility of such damages. Our total aggregate liability to you for any claims arising under or related to this policy or the Service shall not exceed the greater of (a) the amount you paid to us in the 12 months preceding the claim, or (b) USD $50. Some jurisdictions do not allow the exclusion or limitation of certain damages; in such cases, our liability is limited to the maximum extent permitted by law.

11. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your personal data
• Export your data in a machine-readable format
• Object to or restrict certain processing of your data
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@crontify.com. We will respond within 30 days. We may need to verify your identity before acting on a request.

12. Children's Privacy

The Service is intended for use by developers and businesses and is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

13. Governing Law

This Privacy Policy is governed by applicable law. Any disputes arising in connection with this policy shall be resolved in accordance with the laws of the jurisdiction in which Crontify operates, without regard to conflict of law principles. If you are located in the European Union or United Kingdom, you may have additional rights under applicable data protection law, including GDPR. To exercise any such rights, contact privacy@crontify.com. If any provision of this policy is found to be unenforceable, the remaining provisions shall continue in full force and effect.

14. Changes to This Policy

We will notify you of material changes to this policy via email at least 14 days before they take effect. Continued use of the Service after changes take effect constitutes acceptance of the revised policy. Minor clarifications that do not affect your rights may be made without notice. The date at the top of this page always reflects the most recent update.

15. Contact

For privacy questions, data requests, or concerns: privacy@crontify.com