Privacy Policy

Last updated: 2025-08-07

Welcome to TrendsHunt (operated by Dmitrii Zhiganov). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, why we collect it, how we use it, and the choices you have. It reflects our obligations under the EU General Data Protection Regulation (GDPR) and, where applicable, the California Consumer Privacy Act (CCPA).

1 Information We Collect

Account Data

E‑mail address, chosen username and authentication tokens.

Comment Data (Public)

Public YouTube™ usernames, avatars, comment text, timestamps, and video IDs that you instruct TrendsHunt to analyse.

Derived Insights

Aggregated metrics (e.g. trend labels, sentiment scores) that may include short excerpts of comments for context.

Usage & Log Data

Device type, browser pages viewed, and interactions. We use these logs for security and performance monitoring.

Cookies

Session cookies to keep you logged in and CSRF protection tokens. No third‑party marketing or tracking cookies.

2 How We Use Your Information

  • Provide, operate, and maintain the TrendsHunt service
  • Analyse comments to surface insights you request
  • Respond to enquiries and provide customer support
  • Improve, personalise, and expand our platform's functionality
  • Monitor and secure our infrastructure
  • Comply with legal obligations and enforce our Terms

3 Legal Bases for Processing (GDPR)

  • Contract – Processing necessary to deliver the service you requested
  • Legitimate Interest – Product improvement, fraud prevention, and network security
  • Consent – Optional e‑mail updates and marketing (you can withdraw anytime)
  • Legal Obligation – Compliance with accounting or regulatory duties

4 Who We Share Your Data With

We never sell your data. We only share it with trusted Sub‑processors that help us deliver the service:

  • Vercel Inc. – Web hosting & edge network
  • MongoDB Atlas (EU) – Database storage
  • OpenAI Ireland Ltd. – LLM processing for comment analysis
  • Resend Inc. – Transactional e‑mail delivery

All Sub‑processors are bound by written DPAs and located in the European Economic Area; data stays within the EEA.

5 Data Security

We employ industry‑standard safeguards:

  • TLS 1.3 encryption in transit & AES‑256 at rest
  • MFA for admin access & role‑based permissions

6 Data Retention

We keep your data for as long as your account is active. Accounts with no activity for 12 months are deemed dormant; associated personal data is deleted or anonymised within 30 days, unless we must keep it longer to meet legal obligations.

7 Your Rights

  • Access – request a copy of the personal data we hold
  • Rectification – correct inaccurate or incomplete data
  • Erasure – request deletion ("right to be forgotten")
  • Restriction & objection to certain processing
  • Data portability
  • Withdraw consent at any time (for marketing etc.)
  • Lodge a complaint with your local data‑protection authority

8 Changes to This Policy

We may revise this Privacy Policy periodically. Material changes will enter into force 30 days after we notify you via e‑mail or in‑app banner.

9 Contact Us

For privacy enquiries, exercise of GDPR/CCPA rights, or DPO contact, reach us at hey@dimazhiganov.dev or by post: Seestraße 39, 13355 Berlin, Germany.