Legal · Privacy

Privacy Notice

We collect the minimum data we need to run WriteTrendy, we don't sell it, and your brand content is never used to train AI models for other customers.

Last updated: June 2026

1

Who we are

This Privacy Notice explains how WriteTrendy ("we", "us", "our") collects, uses, shares, and protects personal data when you visit our website or use the WriteTrendy platform (the "Service").

For the personal data described below, WriteTrendy acts as the data controller. For payment data handled at checkout, our reseller Paddle.com acts as the Merchant of Record and an independent controller.

2

What data we collect

We collect only the data we need to deliver and improve the Service:

  • Account data — name, email address, hashed password, authentication tokens, role, and language preference.
  • Brand & content data — brand profiles, tone-of-voice settings, source material you upload (text, URLs, transcripts), generated outputs, projects, templates, and content calendar entries.
  • Usage & telemetry — features used, generation history, credit consumption, performance metrics, and aggregated error reports.
  • Device & log data — IP address, browser and device identifiers, operating system, referrer, timestamps, and security event logs.
  • Support & communications — messages you send via the contact form, email, or in-app support, and your survey or feedback responses.
  • Billing data — subscription plan, status, invoices, and limited payment metadata returned by Paddle. We do not store full card numbers.
  • Cookies & similar technologies — strictly necessary cookies for sign-in and security; optional analytics cookies only with your consent.
3

Why we use it (legal bases)

  • To provide the Service — creating your account, generating content, saving your work, and operating the platform. Legal basis: performance of a contract.
  • Security & abuse prevention — protecting accounts, infrastructure, and users from fraud, abuse, and unauthorised access. Legal basis: legitimate interests.
  • Customer support — answering your questions and resolving issues. Legal basis: performance of a contract.
  • Product improvement — understanding which features help users, debugging, and improving quality. Legal basis: legitimate interests.
  • Compliance — meeting tax, accounting, and other legal obligations. Legal basis: legal obligation.
  • Marketing — product news and tips, only where you have opted in. You can unsubscribe at any time. Legal basis: consent.
4

How your inputs are used with AI

When you generate content, we send your prompts and the necessary context (such as the brand profile and source material you selected) to third-party AI providers via secure APIs. These providers process the request solely to return the output to you.

We work with providers that contractually commit not to use your inputs or outputs to train their foundation models. Your brand profiles and source material remain in your private workspace and are never used to train models for other customers.

5

Who we share data with

  • Hosting & database providers who run the Service and store your data on our behalf under appropriate data-processing terms.
  • AI providers (e.g. large-language-model APIs) that process your prompts solely to generate the outputs you request.
  • Paddle.com, our Merchant of Record, for checkout, payment processing, subscription management, tax calculation, and invoicing.
  • Email & transactional providers for account, security, and support emails.
  • Analytics & error monitoring tools used to keep the Service reliable; optional analytics only with your consent.
  • Professional advisers (legal, accounting, auditors) and authorities where required by law, court order, or to defend our rights.

We do not sell your personal data, and we do not share it for cross-context behavioural advertising.

6

How long we keep it

We keep personal data only as long as needed for the purposes described above:

  • Account & content — for the life of your account, and up to 30 days after deletion to allow recovery and complete pending operations.
  • Billing records — retained for the period required by tax and accounting laws (typically 6–10 years).
  • Security logs — retained for a limited period sufficient for incident investigation, then deleted or anonymised.
7

International data transfers

Some of our providers are located outside the UK / EEA. Where we transfer personal data across borders, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or adequacy decisions, together with supplementary technical measures (encryption, access controls).

8

Your privacy rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete information.
  • Request deletion of your data ("right to be forgotten").
  • Restrict or object to certain processing.
  • Receive your data in a portable, machine-readable format.
  • Withdraw any consent you previously gave.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us via our contact page. We respond within one month and will not charge you a fee for reasonable requests.

9

How we protect your data

We use industry-standard technical and organisational measures to protect your data, including:

  • TLS encryption in transit and encryption at rest for stored data.
  • Row-level access controls so workspaces and brand profiles stay strictly separated.
  • Hashed passwords, scoped access tokens, and least-privilege internal access.
  • Regular security reviews, dependency scanning, and monitoring.

No internet service can be perfectly secure, but we are committed to acting quickly to mitigate any risk and to notifying you of any incident that materially affects your data, as required by law.

10

Cookies & analytics

We use strictly necessary cookies for sign-in, session management, and security — these cannot be disabled. Optional analytics and product-improvement cookies are used only with your consent and can be withdrawn at any time from your browser or, where available, from our in-app preferences.

11

Children

WriteTrendy is intended for users aged 18 and over and is not directed to children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, please contact us so we can delete it.

12

Changes to this notice

We may update this Privacy Notice as our Service evolves or as regulations change. Material changes will be notified by email or via an in-app announcement before they take effect. The "Last updated" date at the top of this page always reflects the current version.

13

Contact us

For any privacy question, request, or complaint, please reach our team via the contact page. We take privacy seriously and will work with you in good faith to resolve any concern.

Still have questions?

Our team replies to every message — usually within one business day.

Contact our team