Privacy Policy

Effective date: May 23, 2026

This Privacy Policy explains how Eigenspace Vectors Incorporated, a Delaware corporation, collects, uses, and shares information when you use CronCoco.

CronCoco is a hosted API service for scheduling recurring HTTP webhook calls.

Information We Collect

We collect information you provide directly, information generated by your use of the service, and limited technical information needed to operate the service.

Account Information

We collect your email address for registration, email verification, API key rotation, account deletion, billing association, support, and failure notification emails.

We store a hash of your API key, not the raw API key.

Job Configuration

When you create or update jobs, we store job configuration such as:

• Job name.
• Cron expression.
• Webhook URL.
• HTTP headers.
• JSON payload.
• Enabled or disabled state.
• Failure webhook URL, if configured.

You should not put sensitive regulated data, payment card data, passwords, private keys, access tokens, or unnecessary secrets in job configuration.

Execution and Usage Information

We store execution data such as triggered and completed timestamps, status, HTTP response code, duration, and error text.

We also store usage data such as plan, active job count, stored job count, monthly execution usage, plan limits, and related account settings.

Billing Information

Payments and subscriptions are processed by Stripe. CronCoco stores Stripe customer and subscription identifiers so we can associate billing status with your account. We do not store full payment card numbers.

Technical and Security Information

We may process IP addresses, request metadata, logs, rate-limit data, Redis tokens, and similar technical information to operate, secure, debug, and protect the service.

Email verification, key rotation, and account deletion tokens are stored temporarily and expire after 15 minutes.

How We Use Information

We use information to:

• Provide the CronCoco API and webhook scheduling service.
• Create and manage accounts.
• Authenticate API requests.
• Send verification, key rotation, account deletion, and failure notification emails.
• Execute webhook jobs according to your configuration.
• Maintain execution history and usage metering.
• Process billing and subscription changes.
• Enforce plan limits, rate limits, security controls, and abuse prevention.
• Debug, monitor, improve, and support the service.
• Comply with legal obligations.

How We Share Information

We do not sell personal information.

We may share information with service providers that help us operate CronCoco, including:

• Railway for application hosting, database, Redis, and infrastructure.
• Stripe for payments, subscriptions, checkout, invoices, and billing portal.
• Brevo for transactional emails.
• Cloudflare for DNS, site delivery, routing, and related network services.

We may also disclose information if required by law, to protect rights and safety, to investigate abuse or security incidents, or in connection with a merger, acquisition, financing, reorganization, or sale of assets.

Webhook Data

CronCoco processes webhook URLs, headers, payloads, and failure webhook URLs only as needed to provide the service.

Because webhook headers and payloads are stored in job configuration and sent to your configured endpoints, you are responsible for deciding what information to include.

Do not use CronCoco to store, transmit, or process Protected Health Information under HIPAA, PCI/cardholder data, government IDs, passwords, private keys, access tokens, or unnecessary secrets unless we have signed a separate written agreement that explicitly allows it.

Data Retention

We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, and maintain business records.

Current retention practices include:

• Email verification, key rotation, and account deletion tokens expire after 15 minutes.
• Execution history is available and pruned according to your plan history window: Free 7 days, Pro 30 days, Business 30 days.
• Account and job data are retained while your account remains active.
• Account deletion removes the customer account and associated jobs and execution history from the application database, subject to legal, security, backup, billing, or fraud-prevention retention obligations.
• Billing records may be retained by Stripe and by us as needed for tax, accounting, dispute, fraud-prevention, and legal purposes.

Security

We use reasonable technical and organizational measures designed to protect CronCoco, including API key hashing, TLS, SSRF protections for webhook URLs, rate limits, plan limits, execution timeouts, and restricted access to production systems.

No system is perfectly secure. You are responsible for protecting your API keys and for configuring safe webhook destinations and payloads.

Your Choices

You can:

• Rotate your API key by email.
• Disable failure notification emails through the account API.
• Delete individual jobs through the jobs API.
• Request account deletion through the account deletion API.
• Contact us at hello@croncoco.io for privacy or support requests.

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of certain personal information, or to object to certain processing. Contact us to exercise those rights.

International Processing

CronCoco is operated from the United States. If you use CronCoco from outside the United States, your information may be processed in the United States and other locations where our service providers operate.

Children's Privacy

CronCoco is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify users, such as updating the effective date or posting a notice on the site.

Your continued use of CronCoco after changes become effective means you accept the updated Privacy Policy.

Contact

Questions about this Privacy Policy can be sent to hello@croncoco.io.