Effective date: 11 November 2025
1. Data Controller
Trend IT OÜ
Registry code: 12637197
VAT number: EE101824907
Address: Tallinn, Estonia
E-mail: info@trendit.ee
Website: https://trendit.ee
We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Estonian law.
2. What Personal Data We Collect and Why
| Purpose | Data we process | Legal basis (GDPR Art. 6) | Retention period |
|---|---|---|---|
| Quotation & contract preparation | Name, company, e-mail, phone, project description | Contract performance / legitimate interest | 3 years after last contact |
| Invoicing & accounting | Name, company, address, e-mail, VAT number | Legal obligation (accounting law) | 7 years from the end of the financial year |
| Project delivery & communication | E-mail, Telegram/Slack/Discord handle, sometimes wallet addresses (non-personal) | Contract performance | Duration of the project + 3 years |
| Technical support & maintenance | Logs, IP addresses, error reports | Legitimate interest | Up to 12 months |
| Marketing & newsletter (only with consent) | E-mail address | Consent (you can withdraw anytime) | Until withdrawal of consent |
| Website analytics | Anonymised IP, browser, pages visited (via Plausible / Umami – no cookies) | Legitimate interest | 24 months (anonymised) |
We do not collect or process sensitive personal data (health, religion, political opinions, etc.).
3. Cryptocurrency & Wallet Addresses
Public blockchain addresses and on-chain transaction data are not considered personal data under GDPR. However, if a wallet address can be linked to an identified individual, we treat it with the same care as other personal data and only process it when strictly necessary for the project.
4. Who We Share Your Data With
- Hosting providers (EU-based: Zone.ee, Hetzner, netcup, DigitalOcean, AWS Frankfurt)
- Our accountants and accounting software (based in Estonia)
- Communication tools (Google Workspace, WhatsApp, Telegram – all with GDPR DPA)
- Freelancers/sub-contractors (only when needed and under strict NDA + DPA)
- Authorities (only if required by law)
We never sell your data and never transfer it outside the EEA without adequate safeguards (EU Standard Contractual Clauses).
5. Your Rights (GDPR Articles 15–22)
You have the right to:
- Access your data
- Rectify inaccurate data
- Erase your data (“right to be forgotten”) where applicable
- Restrict processing
- Data portability
- Object to processing based on legitimate interest
- Withdraw consent at any time
To exercise any right, write to info@trendit.ee. We will respond within 30 days.
6. Security
We use industry-standard measures: encrypted connections (HTTPS/TLS), encrypted backups, access controls, two-factor authentication, and regular security updates.
7. Cookies & Tracking on trendit.ee
We use only strictly necessary session cookies and privacy-friendly analytics (Plausible or Umami) that do not track you across sites and do not use cookies for analytics.
8. Children
Our services are not directed to persons under 18. We do not knowingly collect data from children.
9. Changes to This Policy
We may update this Privacy Policy. The latest version is always published at https://trendit.ee/privacy-policy.
10. Contact & Complaints
Questions or complaints: info@trendit.ee
You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee) or any EU supervisory authority.
—
Trend IT OÜ