US-incorporated open-source Calendly alternative (Cal.com Inc, SF) founded by EU developers; production code moving closed-source in 2026.
- FROM
- —
- CLOUD ACT
- DIRECT
Synthèse de la propriété et de l’exposition au CLOUD Act.
Nottingham UK developer-API-first calendar / scheduling platform (Cronofy, founded 2013), ISO 27001 + SOC 2; Wise / GoCardless / Indeed customers.
Cronofy, dans la catégorie Réservation de créneaux, propose un hébergement dans l’UE avec United Kingdom comme lieu d’hébergement, mais une maison mère ou un sous-traitant américain laisse une exposition matérielle au CLOUD Act.
Cronofy (Nottingham, UK; founded 2013 by Adam Bird and Garry Shutler) is a developer-API-first scheduling-automation platform with ISO 27001 + SOC 2 + GDPR + HIPAA attested and 180,000+ companies on the platform handling 1B+ events; flagship customers Wise, GoCardless, Criteo, Teamtailor, Indeed, Squarespace. UK post-Brexit jurisdiction (other ownership tier) with an EU adequacy decision keeping transfers SCC-free. Three procurement-relevant gaps: (1) public reporting indicates the company has been acquired (acquirer not directly disclosed at audit); (2) ~60% of revenue is US-based, suggesting an AWS-EU + AWS-US dual-region backend that the directory''s strict CLOUD Act stance flags as material exposure for at-rest customer data; (3) Cronofy does not publish a publicly accessible DPA; a data-processing agreement is available only on request via compliance@cronofy.com. Signal mix: ISO 27001 + SOC 2 + GDPR + HIPAA certified, EU adequacy for cross-border transfers, but no public DPA, undisclosed post-acquisition ownership, and material CLOUD Act flag.
Le degré d'exposition des données clients aux autorités américaines au titre du CLOUD Act (Clarifying Lawful Overseas Use of Data Act).
Où se situe le contrôle ultime de la société exploitante.
Cronofy is a Nottingham-headquartered British developer-API-first calendar and scheduling-automation platform, founded in 2013 by Adam Bird (CEO) and Garry Shutler (CTO). The product is positioned for two audiences: SaaS product builders who need to integrate scheduling features (calendar availability, multi-person + multi-room coordination, video-conferencing integration) into their own applications via a unified API; and enterprise process-automation teams who need to coordinate scheduling across HR / sales / recruiting workflows. The flagship customer roster (Wise, GoCardless, Criteo, Teamtailor, Indeed, Squarespace) is unusually high-quality for a 29-employee API company, with 180,000+ end-companies on the platform handling 1B+ events.
Compliance posture is enterprise-grade: ISO 27001, SOC 2, GDPR-aligned, HIPAA-aligned, the standard stack required to serve the regulated-industry portion of the customer base. UK post-Brexit jurisdiction places Cronofy in the directory's other ownership tier; the UK holds an EU adequacy decision so cross-border EU↔GB transfers require no SCCs. Two procurement-relevant gaps weaken the EU signal picture: public reporting indicates Cronofy has been acquired (the acquirer is not directly disclosed at audit and the operating brand persists in the market), and approximately 60% of Cronofy's revenue is US-based, which strongly suggests an AWS-EU + AWS-US dual-region backend that the directory's strict-ownership CLOUD Act stance treats as material exposure for at-rest customer data. A public DPA is not available; the data-processing agreement must be requested directly.
Pricing is API-tier-based with per-event usage scaling; specific EUR tier figures were not captured at audit. Best fit: product builders integrating scheduling into B2B SaaS (HR-tech, recruiting, sales, customer-success), where Cronofy's ISO 27001 + SOC 2 + HIPAA stack and stable client roster reduce procurement friction. UK + EU customers should request the DPA, the underlying hosting region map, and post-acquisition ownership disclosure directly before signing.
Contactez l’éditeur pour les tarifs par palier ou volume.
Voir la page tarifs ↗US-incorporated open-source Calendly alternative (Cal.com Inc, SF) founded by EU developers; production code moving closed-source in 2026.
Swiss group-scheduling pioneer (Doodle AG, Zurich, 2007), owned by TX Group (SIX-listed Swiss media holding); SOC 2 + GDPR + HIPAA.
Brno-based Czech booking platform (Reservio s.r.o., ABUGO Group), 500k+ businesses, freemium with branded customer apps.