HomePrivacy
Privacy

Privacy policy.

crontabsheet.com runs the actual cron parser, builder, and translator entirely in your browser — your expressions never leave your device. We use third-party services for analytics and advertising, which collect some browsing data. This page explains what, why, and how to opt out.

Short version

Your cron expressions stay in your browser — the parser, builder, and translator are all client-side JavaScript. There are no accounts, no signup, and we never see what you paste. We do use three third-party services that collect browsing data: Google Analytics 4 (for traffic stats), Google AdSense (for ads), and Adsterra (also for ads). Each is detailed below, along with how to opt out. If you're in the EU, UK, or California, you have specific rights — see the sections at the end of this page.

On this page

What we don't collect

  • Cron expressions you type or paste. The parsing, building, translation, and next-run calculation all happen in your browser. Nothing is sent to any server.
  • Account or login data. There are no user accounts. No email is required. No login.
  • Server-side logs of personal data. The static site is served by a CDN; the CDN's standard request logs (IP, user agent, referrer) exist for operational and security purposes but we don't store, mine, or sell them.
  • Sensitive personal information. We don't ask for financial, health, biometric, geolocation, or government-ID data, and there's no place to enter it on the site.

What we do collect (via third parties)

  • Aggregate analytics: page views, time on page, country-level location, traffic source, device type, browser. Collected via Google Analytics 4.
  • Ad-serving signals: impression counts and approximate audience interests, used by Google AdSense and Adsterra to choose which ads to show.
  • Functional preferences: a single browser localStorage entry remembering whether you've chosen dark or light theme. This never leaves your device.

Third-party services we use

Google Analytics 4 (GA4)

We use Google Analytics 4 to understand which pages people visit, how long they stay, and where traffic comes from. This helps us prioritize fixes and new content. The tracking ID is G-GBZZN6R7SY.

What GA4 collects: page URLs you visit on this site, time and date of visit, approximate location (country/region — derived from IP, IP itself is anonymized), device type, browser, screen size, and referrer (the previous site you came from). GA4 also assigns a pseudonymous client ID stored in a first-party cookie or local storage so it can recognize a repeat visit without identifying you personally.

What GA4 does not collect (in our configuration): your name, email, account ID, or anything you type into the cron tool. We have not enabled Google Signals or advertising features in GA4.

Data retention: GA4 default retention is set to 2 months for event-level data. Aggregate reports persist longer.

How to opt out:

  • Install the official Google Analytics Opt-out Browser Add-on.
  • Enable "Do Not Track" or "Global Privacy Control" in your browser — we honor these signals where supported.
  • Block googletagmanager.com at the DNS level (e.g. via uBlock Origin or Pi-hole). The site will work identically without analytics.

Google's own privacy policy is at policies.google.com/privacy.

Google AdSense

We use Google AdSense to serve display ads. AdSense is a Google advertising service. It and its third-party partners (which Google calls "ad-technology providers") use cookies and similar technologies to serve ads based on your prior visits to this and other websites.

What AdSense does: places cookies in your browser to deliver and measure ads, including personalized ads based on your browsing history. It may also use Google's broader cross-site advertising identifier (formerly the DoubleClick DART cookie).

How to opt out of personalized ads:

Google's advertising privacy notice is at policies.google.com/technologies/ads.

Adsterra banner ad

We display banner ads served by Adsterra. Adsterra is a third-party advertising network. Like most ad networks, it uses cookies, web beacons, and similar technologies to deliver, measure, and (in some cases) personalize ads.

What Adsterra does: places its own cookies, may share data with its advertiser partners, and may use your IP address and approximate location to choose which ad to display.

How to opt out: use a privacy-respecting browser (Firefox, Brave) with built-in tracking protection, install an ad blocker (uBlock Origin), or use Adsterra's own opt-out mechanisms as described in their policy.

Adsterra's privacy policy is at adsterra.com/privacy-policy/.

Cookies and similar technologies

Here's the complete inventory of what gets stored in your browser when you visit:

  • Theme preference — one localStorage entry called theme. Stays on your device. We can't read it remotely.
  • Google Analytics cookies — standard GA4 cookies (_ga, _ga_<ID>) that store a pseudonymous client ID. Lifetime: up to 2 years.
  • Google AdSense / DoubleClick cookies — used by Google's ad network to serve and measure ads. May include IDE, NID, __gads, and others. See Google's policy for the full list.
  • Adsterra cookies — set by Adsterra's ad-serving infrastructure when ads load.

You can block any of these via your browser settings, an extension like uBlock Origin, or by enabling "Block all cookies" or "Reject all third-party cookies" in your browser. The cron tool itself works without any cookies.

EU users — your rights under GDPR

If you're a resident of the European Union, the European Economic Area, or the United Kingdom, you have specific rights under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This site processes the personal data described above in reliance on these legal bases:

  • Legitimate interest for aggregate analytics (understanding site usage) — Article 6(1)(f) GDPR.
  • Consent for advertising cookies and personalized ads — Article 6(1)(a) GDPR. Where required, our consent banner asks before non-essential cookies are set.

You have the right to:

  • Access — request a copy of any personal data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure ("right to be forgotten") — request deletion of your data.
  • Restriction — limit how we process your data.
  • Portability — receive your data in a machine-readable format.
  • Object — to processing based on legitimate interest, including profiling.
  • Withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Lodge a complaint with your national data protection authority. In the UK that's the ICO. In other EU/EEA countries, see edpb.europa.eu.

To exercise any of these rights, email us via the contact page. Note: because we don't have user accounts and most data we collect is pseudonymized through Google/Adsterra, we may direct you to those providers for some requests (e.g. deletion of advertising profiles must go through Google's Ads Settings).

International data transfers: Google Analytics, AdSense, and Adsterra are operated by companies headquartered in the United States and process data globally. These transfers rely on the EU-US Data Privacy Framework, Standard Contractual Clauses, or equivalent safeguards.

California users — your rights under CCPA / CPRA

If you're a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Categories of personal information we (or our third-party services) collect:

  • Identifiers — IP address, device identifiers, cookie IDs (collected by GA4, AdSense, Adsterra).
  • Internet activity — pages visited, time on site, referring URL.
  • Geolocation data — country and region only, derived from IP address.
  • Inferences — interest categories Google/Adsterra may infer for ad targeting.

We do not collect: precise geolocation, government IDs, financial data, health data, biometric data, racial/ethnic/religious/political data, contents of communications, or anything you type into the cron tool.

Sale and sharing of personal information. Under CPRA, "sharing" includes disclosing personal information to third parties for cross-context behavioral advertising. Our use of Google AdSense and Adsterra for personalized ads may constitute "sharing" under CPRA. We do not knowingly sell personal information in exchange for money.

Your rights:

  • Right to know — request what categories of personal information we've collected, sources, purposes, and which third parties we've shared it with.
  • Right to delete — request deletion of personal information we hold about you.
  • Right to correct — fix inaccurate personal information.
  • Right to opt out of sale or sharing — direct us to stop sharing your personal information for targeted advertising. To exercise this, use the link below or enable "Global Privacy Control" in your browser, which we honor as a valid opt-out signal.
  • Right to limit use of sensitive personal information — though as noted above, we don't collect sensitive PI.
  • Right to non-discrimination — we won't deny you service, charge different prices, or provide a different quality of service if you exercise your CCPA rights.

Do Not Sell or Share My Personal Information →

Alternatively, enable the "Global Privacy Control" signal in your browser (Firefox, Brave, and DuckDuckGo browser support it natively; Chrome and Safari support it via extension).

Other US state privacy laws

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and Montana (MCDPA) have similar rights to those listed for California — including the rights to access, delete, correct, port, and opt out of targeted advertising. To exercise any of these rights, use the same contact channel described above.

Data retention

  • Google Analytics 4: event-level data is retained for 2 months by default; aggregated reports persist longer per Google's policies.
  • Google AdSense / Adsterra: these services retain advertising-related data per their own retention policies, linked above.
  • Server logs (CDN): request logs are retained for up to 30 days for security and operational purposes, then deleted.
  • Theme preference (localStorage): kept until you clear your browser data.

Children's privacy

The site is suitable for all ages but isn't directed at children under 13 (or under 16 in the EU). We don't knowingly collect personal information from children. If you believe a child has provided personal information through any feature of this site, contact us and we'll delete it.

Changes to this policy

If we add a feature or change a third-party service in a way that materially affects data handling (for example, adding user accounts, enabling Google Signals in GA, or switching ad networks), we'll update this page and surface a notice on the homepage for at least 30 days before the change takes effect.

Contact

For any privacy-related question, request, or complaint, use the contact page. We aim to respond within 30 days, as required under GDPR and CCPA.

Not legal advice. This page describes our data practices in plain language. It is not legal advice and may not satisfy every requirement of every jurisdiction. If you operate a similar website, do not copy this policy verbatim — have your own privacy policy reviewed by a qualified attorney familiar with the laws applicable to your users.

Last updated: May 2026