Last Updated: January 4, 2026
TrenchFeed takes data protection seriously. This Privacy Policy explains how and why we collect, use and disclose personal information when you interact with our application programming interface (API), website or related services (collectively, the "Services"). We prepare this notice in light of the major data-protection frameworks – including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) – which require transparency about data collection, lawful bases for processing and user rights.
We collect only the data necessary to provide and secure the Services. This includes basic account details (such as your email address, subscription tier and a hashed API key), usage statistics (like request counts and timestamps) and billing identifiers. When you correspond with us or sign up for an account, you may provide additional information such as a name or payment method. We do not intentionally collect sensitive personal information or information about children under 13, and we will promptly delete such data if we become aware of it.
We process personal data to operate, maintain and improve the Services; enforce rate limits and contractual terms; authenticate your account; communicate important notices; and comply with legal obligations. Our processing is grounded in lawful bases recognised by the GDPR: contractual necessity (when we deliver the API you requested), our legitimate interests in ensuring service integrity and security, or your consent when required (for example, marketing emails). We do not use your information for automated decision‑making that would produce legal or similarly significant effects.
We do not sell or rent personal information. We share it only with trusted processors who help us deliver the Services, such as payment processors (Stripe) and email providers. These partners are contractually bound to use your information solely on our behalf and to implement appropriate security measures. If personal data is transferred outside your jurisdiction, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions to ensure a similar level of protection.
We retain logs and account records only for as long as necessary for legitimate business purposes or to comply with legal requirements. Usage logs are typically kept for no more than thirty days unless longer retention is required to investigate abuse, enforce agreements or comply with court orders. We employ administrative, technical and physical safeguards to protect your information, but no internet‑based service is completely secure; use of the Services is at your own risk.
You may have rights under applicable laws to access, correct, delete, restrict or object to our processing of your personal data, and to receive a copy in a portable format. Where processing is based on your consent, you can withdraw it at any time. To exercise these rights or ask questions about this policy, please contact us at [email protected]. We will respond within the timeframes required by law.
We may update this Privacy Policy from time to time to reflect changes in law or our practices. When we make material changes, we will revise the "Last Updated" date above and, where appropriate, provide additional notice. Your continued use of the Services following the effective date of any update constitutes acceptance of the revised policy.