Privacy Policy
1. Introduction
Our website address is: https://trendxtra.co.uk.
We are committed to protecting and respecting your privacy. This policy explains how we collect, use, disclose and safeguard your personal data, and your rights under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU GDPR.
2. Data Controller
The data controller responsible for your personal data is:
TrendXtra Ltd
Email: admin@trendxtra.co.uk
Please direct enquiries to the general contact above.
3. Personal Data We Collect and Process
Comments and User Content
When you leave a comment or interact with content, we collect:
- The content of your comment.
- Your name, email address and website (if provided).
- IP address and browser user agent string (for spam detection and security).
- An anonymised hash of your email for Gravatar (to check if you use it).
Account Registration (if applicable)
If you register on the site we collect:
- Username (which cannot be changed by you once set).
- Email address.
- Any other profile information you choose to provide.
Media Uploads
If you upload images, you should ensure they do not contain embedded location data (EXIF GPS), as anyone viewing or downloading them may extract such data.
Cookies and Tracking
We use cookies and similar technologies to:
- Remember your preferences (e.g., screen display options).
- Authenticate login sessions.
- Save comment form fields if you choose to.
- Detect whether your browser accepts cookies.
Full details of the cookies we set and their purposes are in the “Cookies” section below.
Embedded Content
Pages may include embedded content (e.g., videos, social media posts). These behave as if you visited the source website directly; such third parties may collect data about you, set cookies, track usage, and associate it with any account you have with them.
4. Lawful Bases for Processing
We process your personal data under the following lawful bases:
| Purpose | Lawful Basis |
|---|---|
| Publishing and managing your comment (including spam detection) | Legitimate interest (maintaining site quality and security) and/or consent (where applicable) |
| Account management and authentication | Performance of a contract (your account terms) |
| Remembering preferences (e.g., “Remember Me”, screen options) | Legitimate interest (usability) |
| Responding to enquiries and communications | Legitimate interest or consent, depending on context |
| Security monitoring (e.g., IP logging for abuse) | Legitimate interest (protecting the site and users) |
| Password reset including IP in email | Legitimate interest (account security) |
Where we rely on consent (e.g., certain non-essential cookies or optional communications), you have the unrestricted right to withdraw that consent at any time.
5. Cookies
We use the following types of cookies:
- Essential cookies: Necessary for core site functionality (login persistence, comment submission workflow).
- Functional cookies: Remember your screen options or preferences.
- Optional cookies: Such as those saving your name/email when leaving a comment. These require your consent before activation.
You can manage or withdraw cookie consent via the cookie preference banner/mechanism on the site or by clearing cookies in your browser settings.
6. Third-party Services and Data Sharing
We may share personal data with third-party processors who perform services on our behalf, such as:
- Spam detection services.
- Gravatar (for profile images).
- Hosting providers and security services.
All third-party processors are contractually bound to protect your data in line with GDPR requirements. We do not sell your personal data.
If you request a password reset, your IP address may be included in the reset email for security verification.
7. International Transfers
Personal data may be transferred to and processed in countries outside the UK or European Economic Area (EEA). Such transfers only occur where:
- The destination country benefits from an adequacy decision by the UK (or EU, if applicable); or
- Appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other approved mechanisms; or
- A specific exception under applicable data protection law applies.
You may request details of the specific transfer mechanism used.
8. Data Retention
We retain personal data as follows:
- Comments and associated metadata: Retained indefinitely so we can recognise and approve follow-up comments automatically.
- User account data: Retained for as long as the account exists, unless you request deletion.
- Cookies: Duration varies; essential session cookies expire on logout or after a short time, preference cookies may persist up to one year.
We periodically review retention to ensure we do not keep data longer than necessary for the purposes collected.
9. Your Rights
Under the UK GDPR / EU GDPR you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data (the “right to be forgotten”) where we have no lawful reason to retain it.
- Restrict processing in certain circumstances.
- Object to processing based on legitimate interests or direct marketing.
- Data portability – receive your data in a structured, commonly used format.
- Withdraw consent at any time where processing is based on consent.
- Lodge a complaint with a supervisory authority (in the UK: the Information Commissioner’s Office (ICO); in the EU: the relevant national authority) if you believe your rights have been infringed.
To exercise any of these rights, contact us at admin@trendxtra.co.uk. We may need to verify your identity before fulfilling requests.
10. Automated Decision-Making
We do not engage in any automated decision-making, including profiling, that produces legal or similarly significant effects concerning you.
11. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption where appropriate, access controls, regular software updates, and limiting access to those who need it.
12. Data Breach Notification
If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority (e.g., the ICO) within 72 hours of becoming aware of it, where required. If the breach poses a high risk to you, we will also inform you directly without undue delay.
13. Children’s Data
The site is not intended for children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal data from children without parental consent. If we become aware we have collected data from a child unlawfully, we will take steps to delete it.
14. Changes to This Policy
We may update this policy from time to time. The version published on the site will carry a “last updated” date. Significant changes will be highlighted where appropriate.
15. Contact & Complaints
For any questions, requests, or complaints about this policy or our data practices, contact:
Email: admin@trendxtra.co.uk
If you remain dissatisfied after contacting us, you may lodge a complaint with the Information Commissioner’s Office (ICO) in the UK.
Last updated: 03/08/2025