Cookie Preferences

We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Security & Trust

Last updated: June 2026

Trendos is a competitive intelligence platform built for eCommerce brands. We take the security of your account and the integrity of our platform seriously. This page explains, in plain language, how we protect your data and run our service. If you have a question this page does not answer, email us at [email protected].

We work with public data

The intelligence Trendos delivers is built from publicly available data that competitor brands publish on their own eCommerce websites - products, prices, promotions, content, and shipping information. We do not ask you to connect your store, share customer lists, or grant access to private systems. Because we do not ingest your customers' personal data to do our job, your exposure is structurally low.

What account data we hold

The personal data we process about you is limited to what is needed to run your account: your name, work email, the domains you choose to monitor, and billing records. Any payment card details are handled by a third-party payment processor and are never stored on Trendos servers. For the full picture of what we collect and why, see our Privacy Policy.

How we protect it

  • Encryption in transit. All traffic to and from Trendos is served over HTTPS (TLS), with HTTP Strict Transport Security enforced.
  • Restricted data access. Customer account data is held in databases that are not publicly reachable - network access is firewalled to an allow-list, authenticated, and logged.
  • Least-privilege access. Access to production systems is restricted to the people who need it, authenticated, and logged.
  • Edge protection. Our public surfaces sit behind a web application firewall and DDoS protection that filters malicious traffic before it reaches our origin.
  • Monitoring. We log and monitor application activity so we can detect and respond to anomalies.
  • Vetted infrastructure. We host on established cloud providers and rely on a small set of reputable subprocessors. Our current list of subprocessors is available to customers on request.

Data privacy & GDPR

Trendos supports the rights granted to data subjects under the GDPR, the UK GDPR, and the CCPA. Where personal data is transferred internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

Legal & data processing

Our Data Processing Agreement (DPA) and current list of subprocessors are available to customers and prospects on request - we will share them directly, under NDA if you prefer. Email [email protected] and we will send them over.

Compliance & certifications

Trendos is an early-stage company and we are honest about where we are: we follow recognized security practices but we do not currently hold a SOC 2 or ISO 27001 certification. We are happy to complete security questionnaires and share additional detail under NDA for customers evaluating us. Contact [email protected] to start that process.

Reporting a vulnerability

If you believe you have found a security vulnerability in Trendos, we want to hear from you. Please email [email protected] with the details and steps to reproduce. We will acknowledge your report, investigate, and keep you informed. We ask that you give us a reasonable opportunity to address the issue before any public disclosure, and that you avoid accessing or modifying other users' data during your research.

Questions

For anything security- or privacy-related, reach us at [email protected]. For general enquiries, use the contact page.