Aller au contenu
Vérifié indépendamment · Ré-audit trimestriel
EU VETTED

Cronofy

VéRIFIé
Réservation de créneaux · United Kingdom
Fondé en 2013 · cronofy.com ↗

Nottingham UK developer-API-first calendar / scheduling platform (Cronofy, founded 2013), ISO 27001 + SOC 2; Wise / GoCardless / Indeed customers.

En bref

Cronofy, dans la catégorie Réservation de créneaux, propose un hébergement dans l’UE avec United Kingdom comme lieu d’hébergement, mais une maison mère ou un sous-traitant américain laisse une exposition matérielle au CLOUD Act.

Notes d’évaluation

Cronofy (Nottingham, UK; founded 2013 by Adam Bird and Garry Shutler) is a developer-API-first scheduling-automation platform with ISO 27001 + SOC 2 + GDPR + HIPAA attested and 180,000+ companies on the platform handling 1B+ events; flagship customers Wise, GoCardless, Criteo, Teamtailor, Indeed, Squarespace. UK post-Brexit jurisdiction (other ownership tier) with an EU adequacy decision keeping transfers SCC-free. Three procurement-relevant gaps: (1) public reporting indicates the company has been acquired (acquirer not directly disclosed at audit); (2) ~60% of revenue is US-based, suggesting an AWS-EU + AWS-US dual-region backend that the directory''s strict CLOUD Act stance flags as material exposure for at-rest customer data; (3) Cronofy does not publish a publicly accessible DPA; a data-processing agreement is available only on request via compliance@cronofy.com. Signal mix: ISO 27001 + SOC 2 + GDPR + HIPAA certified, EU adequacy for cross-border transfers, but no public DPA, undisclosed post-acquisition ownership, and material CLOUD Act flag.

CLOUD ACT
OWNERSHIP
SUB-PROCS
non divulgué
Signaux vérifiés
Juridiction
  • Hébergement UE / adéquation
  • Opérateur UE / adéquation
  • Aucune exposition au CLOUD Act
Transparence
  • DPA public
  • Sous-traitants divulgués
  • Clients open source
  • Certification tierce
JUMP TO
OVERVIEW

À propos de Cronofy

Cronofy is a Nottingham-headquartered British developer-API-first calendar and scheduling-automation platform, founded in 2013 by Adam Bird (CEO) and Garry Shutler (CTO). The product is positioned for two audiences: SaaS product builders who need to integrate scheduling features (calendar availability, multi-person + multi-room coordination, video-conferencing integration) into their own applications via a unified API; and enterprise process-automation teams who need to coordinate scheduling across HR / sales / recruiting workflows. The flagship customer roster (Wise, GoCardless, Criteo, Teamtailor, Indeed, Squarespace) is unusually high-quality for a 29-employee API company, with 180,000+ end-companies on the platform handling 1B+ events.

Compliance posture is enterprise-grade: ISO 27001, SOC 2, GDPR-aligned, HIPAA-aligned, the standard stack required to serve the regulated-industry portion of the customer base. UK post-Brexit jurisdiction places Cronofy in the directory's other ownership tier; the UK holds an EU adequacy decision so cross-border EU↔GB transfers require no SCCs. Two procurement-relevant gaps weaken the EU signal picture: public reporting indicates Cronofy has been acquired (the acquirer is not directly disclosed at audit and the operating brand persists in the market), and approximately 60% of Cronofy's revenue is US-based, which strongly suggests an AWS-EU + AWS-US dual-region backend that the directory's strict-ownership CLOUD Act stance treats as material exposure for at-rest customer data. A public DPA is not available; the data-processing agreement must be requested directly.

Pricing is API-tier-based with per-event usage scaling; specific EUR tier figures were not captured at audit. Best fit: product builders integrating scheduling into B2B SaaS (HR-tech, recruiting, sales, customer-success), where Cronofy's ISO 27001 + SOC 2 + HIPAA stack and stable client roster reduce procurement friction. UK + EU customers should request the DPA, the underlying hosting region map, and post-acquisition ownership disclosure directly before signing.

SUB-PROCESSORS

Carte des sous-traitants · non divulgué

L'éditeur ne publie pas de liste de sous-traitants. La conformité Schrems II et l'exposition au CLOUD Act ne peuvent pas être vérifiées indépendamment sans elle.
CERTIFICATIONS

Référentiels & certifications

ISO/IEC 27001
ACTIVE
SOC 2
ACTIVE
Information · cadre US
FEATURES

Matrice de fonctionnalités

Marque blanche Oui
Synchro agenda Oui
Round-robin / équipe Oui
Réservations de groupe Oui
Intégration vidéo Oui
Rappels automatiques Oui
Offre gratuite Non
INTéGRATION & ACCèS
REST API Yes
SSO (SAML / OIDC) Yes
CONFORMITé & GOUVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Tarifs & paliers

PAYANT
Tarifs sur mesure

Contactez l’éditeur pour les tarifs par palier ou volume.

Voir la page tarifs ↗
PUBLIC DOCUMENTS

Documents publics

L'éditeur ne publie pas de DPA public. Sans contrat de sous-traitance accessible publiquement, les petits clients européens ne peuvent pas signer eux-mêmes l'accord : cela est consigné comme absence de DPA publique (voir Notre méthode).
L'éditeur ne publie pas de liste de sous-traitants. La conformité Schrems II et l'exposition au CLOUD Act ne peuvent pas être vérifiées indépendamment sans elle.
  • Contrat de sous-traitance (DPA)
    — manquant
    manquant
  • Liste des sous-traitants
    — manquant
    manquant
  • Conditions d'utilisation
    www.cronofy.com/legal…
    Ouvrir ↗
ALTERNATIVES

Alternatives dans cette catégorie

Cal.com
United States · Fondé en 2021
LIé AUX US

US-incorporated open-source Calendly alternative (Cal.com Inc, SF) founded by EU developers; production code moving closed-source in 2026.

DPA public Sous-traitants Open source
FROM
CLOUD ACT
DIRECT
Doodle
Switzerland · Fondé en 2007
BASé UE

Swiss group-scheduling pioneer (Doodle AG, Zurich, 2007), owned by TX Group (SIX-listed Swiss media holding); SOC 2 + GDPR + HIPAA.

DPA public Sous-traitants Open source
FROM
CLOUD ACT
MINOR
Reservio
Czechia · Fondé en 2012
BASé UE

Brno-based Czech booking platform (Reservio s.r.o., ABUGO Group), 500k+ businesses, freemium with branded customer apps.

DPA public Sous-traitants Open source
FROM
CLOUD ACT
MINOR