Privacy Policy

Last updated: April 2026

1. Who we are

CaneCron is operated by Illimar Kahar, Estonia. Contact: legal@canecron.com. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Estonian law.

2. Data we collect

We collect the following data when you use CaneCron:

  • Name and email address (when you register)
  • Payment information (processed by Stripe — we never store card details)
  • URLs and monitor configurations you add to the Service
  • Monitor check results and incident history
  • Basic usage logs (IP address, browser type) for security purposes

3. How we use your data

  • To provide and operate the monitoring Service
  • To send alert emails when your monitors change status
  • To process payments via Stripe
  • To send service-related communications (no marketing without consent)
  • To improve and secure the Service

4. Legal basis for processing

We process your data on the basis of: contract performance (to provide the Service you signed up for), legal obligation (tax and accounting requirements), and legitimate interests (security and fraud prevention).

5. Data sharing

We do not sell your data. We share data only with essential service providers:

  • Stripe — payment processing (stripe.com/privacy)
  • Hetzner — server hosting in the EU
  • Mailgun — email delivery for alerts

6. Data retention

We retain your account data for as long as your account is active. Monitor history is kept for 90 days on paid plans and 30 days on the free plan. After account deletion, data is removed within 30 days. Payment records are kept for 7 years as required by Estonian accounting law.

7. Your rights (GDPR)

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data (data portability)
  • Object to processing
  • Lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee)

To exercise any of these rights, email legal@canecron.com.

8. Cookies

We use only essential session cookies required for login functionality. We do not use tracking or advertising cookies.

9. Security

We use HTTPS encryption, secure password hashing, and follow security best practices. However no system is 100% secure and we cannot guarantee absolute security.

10. Changes

We may update this policy. We will notify you by email for significant changes. Continued use of the Service after changes means you accept the new policy.