Last updated: May 8, 2026
Privacy Policy
This Privacy Policy explains how Webhook Scheduler processes account, billing, and webhook scheduling data when you use webhookscheduler.com, the dashboard, and the API.
Data we collect
Account data. Email address, password hash if you use email login, OAuth account identifiers if you use Google login, organization membership, and account timestamps.
Webhook data. Target URL, HTTP method, headers you provide, request payload, scheduled time, delivery status, response code, response body, retry attempts, and timing metadata.
Billing data. Stripe customer ID, subscription ID, price ID, billing status, and tax-related checkout settings. Card numbers are processed by Stripe and are not stored by Webhook Scheduler.
Security data. IP address, user agent, request timestamps, authentication events, and abuse-prevention logs.
Optional analytics. If accepted, Vercel Analytics may process page-view and usage signals to help improve the product.
How we use data
- Provide the dashboard, API, scheduled deliveries, retries, and delivery history.
- Authenticate users and protect accounts, API keys, and infrastructure.
- Process subscriptions, invoices, tax settings, and customer portal sessions through Stripe.
- Send transactional emails such as account, billing, and service notifications.
- Detect abuse, investigate incidents, and maintain service reliability.
Sub-processors
| Provider | Purpose |
|---|---|
| Vercel | Application hosting, edge/network delivery, and optional analytics. |
| Supabase | Postgres database hosting and data storage. |
| Google Cloud | Cloud Tasks queueing and scheduled worker invocation. |
| Stripe | Checkout, subscriptions, invoices, tax settings, and billing portal. |
| Resend or SendGrid | Transactional email, depending on the configured provider. |
| Sentry | Error monitoring if enabled in production configuration. |
Retention
- Account data is retained while your account exists.
- Webhook delivery history is retained according to your plan and operational limits.
- Billing records are retained as needed for accounting, tax, fraud prevention, and legal obligations.
- Security logs are kept only as long as reasonably necessary for abuse prevention and incident response.
Customer responsibility
Webhook payloads and destination URLs are controlled by customers. Do not submit secrets, health data, payment card data, or highly sensitive personal data unless you have a lawful basis and appropriate safeguards.
Your rights
Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to processing of your personal data. Email privacy@webhookscheduler.com to exercise these rights.
Cookies
Optional analytics is consent-based. See the Cookie Policy to manage your preference.
Security
Webhook Scheduler uses HTTPS, hashed passwords, API key hashing, SSRF protections, organization-scoped access controls, and managed cloud infrastructure controls. No online service can be guaranteed completely secure, but we work to reduce risk and respond quickly to incidents.
Contact
Privacy questions: privacy@webhookscheduler.com