How We Collect, Use & Protect Your Information

Account Information. When you create an account or subscribe, we collect: name, email address, billing address, phone number (optional), password (stored as a one-way cryptographic hash), and account preferences.

Payment Information. Payment card details are collected and processed exclusively by our PCI-compliant payment processor (Stripe, Inc. or equivalent). Cronus does not store full payment card numbers; we receive only a tokenized reference, the last four digits, the card brand, and the expiration date.

Usage Data. We automatically collect data about how you interact with the platform: pages viewed, signals queried, AI prompts submitted, time spent, click paths, feature usage, error logs, and session timestamps. This data is associated with your account.

Device & Technical Information. We collect: IP address, browser type and version, operating system, device type, screen resolution, language preference, time zone, and referring URL. Cookies, local storage, and similar technologies are used to maintain sessions and remember preferences.

Approximate Location. We may infer approximate location (country, state/region, city) from your IP address for compliance, analytics, and service-availability purposes. We do not collect precise GPS location.

Communications. If you contact us via email or in-platform messaging, we retain your messages and our responses for support and legal purposes.

We use collected information to:

• Provide, operate, maintain, and improve the platform and its features
• Authenticate your identity and protect against unauthorized access
• Process subscription payments and manage billing
• Communicate with you regarding your account, service updates, and important notices
• Generate aggregate usage analytics to improve product quality (no individual identification)
• Detect, prevent, and respond to fraud, abuse, security incidents, or violations of our Terms
• Comply with legal obligations, respond to lawful requests, and enforce our rights
• Send service-related notices and, where you opt in, occasional product updates

We do not sell your personal information to third parties, share your individual identity or behavior with advertisers, or use your AI prompts to train external AI models.

We share information only with:

Service Providers. Third-party vendors that support platform operation, including: payment processors (Stripe), cloud hosting providers, email-delivery services, analytics providers, customer-support tooling, and AI/LLM API providers (Anthropic, OpenAI, or equivalent) used to generate platform narrative output. These providers are contractually obligated to use your information only for the services they provide to us.

AI/LLM Processing. Subscriber prompts and certain platform context are transmitted to AI/LLM providers to generate narrative responses. These providers' data-handling practices are governed by their own policies and our data-processing agreements with them. Cronus configures these integrations to disable training-data use wherever the provider supports such opt-out.

Legal Compliance. When required by valid legal process (subpoena, court order, regulatory request) or where we believe in good faith that disclosure is necessary to protect our rights, comply with the law, or protect public safety.

Business Transfers. In connection with a merger, acquisition, financing, reorganization, asset sale, or similar transaction, your information may be transferred as part of the transferred assets. Successor will be bound by privacy obligations no less protective than those set forth here.

With Your Consent. Any other sharing only with your specific consent.

We retain account information for the duration of your active subscription and for a reasonable period thereafter to permit account reactivation, comply with legal obligations (typically 7 years for tax/financial records), resolve disputes, and enforce our rights. Usage logs and technical data are typically retained for 12–24 months. Communications and support records are retained for the longer of 3 years or the duration of any active legal matter. Aggregate, de-identified analytics may be retained indefinitely.

Upon account closure or cancellation, we will delete or anonymize personal information in accordance with applicable law and our retention schedule, retaining only what is necessary for legal compliance, dispute resolution, or fraud prevention.

We implement reasonable administrative, technical, and physical safeguards designed to protect your information, including: encrypted transport (TLS), encrypted-at-rest storage, password hashing, access controls, audit logging, and regular security review. Payment card data is handled exclusively by PCI-compliant processors and is never stored on Cronus servers.

No security system is perfect. We cannot guarantee that information transmitted to or stored on our systems will be free from unauthorized access. You are responsible for safeguarding your account credentials and should notify us immediately at info@cronusmarketintelligence.com if you suspect unauthorized access to your account.

Depending on your jurisdiction, you may have the following rights:

• Access. Request a copy of personal information we hold about you.
• Correction. Request correction of inaccurate or incomplete information.
• Deletion. Request deletion of your personal information, subject to legal-retention requirements.
• Portability. Request a structured, machine-readable copy of your information.
• Objection / Restriction. Object to or restrict certain processing.
• Opt-out. Opt out of marketing communications at any time via the unsubscribe link in emails or by contacting us.
• Withdraw Consent. Where we rely on consent, you may withdraw consent at any time.

California Residents (CCPA/CPRA). California residents have the right to know what personal information we collect, the categories of sources and recipients, the right to delete (with exceptions), the right to correct, the right to opt out of any "sale" or "sharing" (we do not sell or share for cross-context behavioral advertising), and the right to non-discrimination for exercising these rights.

EU/UK Residents (GDPR/UK GDPR). Where applicable, our legal bases for processing are: (i) performance of a contract (providing the platform), (ii) legitimate interests (security, analytics, product improvement), (iii) consent (where required), and (iv) legal obligation. EU/UK residents may lodge a complaint with their local data-protection authority.

To exercise any of these rights, contact info@cronusmarketintelligence.com. We will respond within timeframes required by applicable law (typically 30–45 days). We may need to verify your identity before fulfilling certain requests.

We use cookies and similar technologies for: strictly necessary cookies (session management, authentication, security — cannot be disabled); Functional cookies (preferences, language, theme); Analytics cookies (aggregate usage measurement). We do not use third-party advertising cookies, behavioral-targeting cookies, or cross-site tracking cookies.

You can control cookies through your browser settings. Disabling strictly necessary cookies will prevent the platform from functioning correctly. We honor Global Privacy Control (GPC) signals where applicable as an opt-out request for any "sale" or "sharing" under California law (though we do not engage in such sale or sharing).

Cronus is based in the United States and processes information in the United States. If you access the platform from outside the United States, your information will be transferred to, stored in, and processed in the United States, where data-protection laws may differ from those in your jurisdiction. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses or equivalent) for international data transfers.

The platform is not directed to children under 18 and we do not knowingly collect personal information from children. If we learn we have inadvertently collected information from a child, we will delete it promptly. Parents or guardians who believe a child has provided information should contact us at info@cronusmarketintelligence.com.

We may update this Privacy Policy from time to time. Material changes will be communicated by email to the address on file or by prominent in-platform notice at least 30 days before they take effect. Continued use of the platform after the effective date constitutes acceptance of the updated Privacy Policy. The version in effect at the time of any inquiry shall govern.

For questions, concerns, or requests regarding this Privacy Policy or your information, contact: