Privacy Policy
Last updated: 8/2/2025
TL;DR: We only collect data necessary to provide monitoring services. We don't sell your data, use minimal tracking, and you can delete your account anytime.
1. Information We Collect
| Data Type |
Purpose |
Retention |
| Email Address |
Account creation, notifications, support |
Until account deletion |
| Password (hashed) |
Account security |
Until account deletion |
| Monitored URLs |
Website monitoring service |
Until you remove them |
| Payment Information |
Subscription billing (processed by Stripe) |
Until subscription ends + 7 years (tax requirements) |
| Monitoring Results |
Service functionality, status history |
90 days rolling |
| IP Address |
Rate limiting, abuse prevention |
7 days |
| Session Data |
Keep you logged in |
7 days or logout |
2. How We Use Your Information
- Service Delivery: Monitor your websites and send alerts
- Communication: Send monitoring alerts and service updates
- Security: Detect and prevent abuse, unauthorized access
- Improvement: Analyze service performance and reliability
3. Information Sharing
We do NOT:
- Sell your personal information to third parties
- Share your monitoring data with other users
- Use your data for advertising or marketing to others
We may share information only when:
- Required by law (court orders, legal process)
- Necessary to prevent fraud or abuse
- With your explicit consent
4. Data Storage and Security
- Storage: Data is stored on Cloudflare's secure infrastructure
- Encryption: Passwords are hashed with PBKDF2 + salt
- Access: Only authorized personnel can access your data
- Transmission: All communication uses HTTPS encryption
5. Cookies and Tracking
We use minimal tracking:
- Session Cookie: Required to keep you logged in (essential)
- No Analytics: We don't use Google Analytics or similar trackers
- No Ads: No advertising cookies or tracking pixels
6. Third-Party Services
We use these trusted services:
- Cloudflare: Hosting, security, edge computing
- Brevo: Email delivery for notifications only
- Stripe: Payment processing for Essential plan subscriptions (PCI DSS compliant)
These services have their own privacy policies and security measures. Stripe handles all payment data according to PCI DSS standards.
7. Your Rights
You have the right to:
- Access: View all data we have about you
- Correction: Update your email or monitored URLs
- Deletion: Delete your account and all associated data
- Portability: Export your monitoring configuration
- Objection: Opt out of non-essential communications
8. Data Retention
- Account data: Until you delete your account
- Monitoring history: 90 days rolling window
- Security logs: 7 days for rate limiting, 30 days for abuse prevention
- Deleted accounts: Immediately purged from all systems
9. Children's Privacy
Our service is not intended for users under 13 years old. We do not knowingly collect personal information from children under 13.
10. International Users
Our service is hosted globally via Cloudflare's edge network. Your data may be processed in various countries with appropriate security measures.
11. Changes to Privacy Policy
We may update this privacy policy. Significant changes will be announced via email or service notifications. Continued use constitutes acceptance of changes.
12. Contact Us
For privacy-related questions or to exercise your rights:
- Email: thibaud.cartry@gmail.com
- Subject Line: "Privacy Request - CronMonitor"
- Response Time: Within 30 days