Data Processing Agreement

Last Updated: December 2025

Back to Home

Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Data Controller") and TrendingTools ("Data Processor"). This DPA reflects the parties' agreement with regard to the processing of personal data in accordance with the requirements of data protection laws, including the GDPR.

Important Notice: TrendingTools is designed as a client-side application. All data processing occurs locally in your browser. We do not collect, store, or process personal data on our servers. This DPA is provided for transparency and compliance purposes.

Definitions

Controller
The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor
A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Personal Data
Any information relating to an identified or identifiable natural person.
Processing
Any operation or set of operations performed on personal data.
Data Subject
The individual to whom personal data relates.
GDPR
General Data Protection Regulation (EU) 2016/679.

Scope and Purpose

This DPA applies to all processing of personal data by TrendingTools on behalf of the Data Controller in connection with the Services provided under the Terms of Service.

Nature and Purpose of Processing

TrendingTools provides client-side tools that process data locally in the user's browser. The purpose of processing is to enable the functionality of our tools, including:

  • Text manipulation and conversion
  • Password generation
  • Unit conversion calculations
  • QR code generation
  • Color processing and conversion
  • Mathematical calculations
  • Image editing operations
  • Text analysis and counting
  • Data encoding and decoding
  • JSON formatting and validation

Types of Personal Data

Since all processing occurs client-side, TrendingTools does not have access to or process personal data. Any personal data processed through our tools remains on the Data Controller's device.

Categories of Data Subjects

Data subjects may include:

  • End users of the Data Controller's services
  • Employees or contractors of the Data Controller
  • Any individual whose data is processed through our tools

Data Processing Details

Duration of Processing

Processing occurs only during the active use of our tools. No data is stored or retained after the processing session ends.

Location of Processing

All data processing occurs locally in the user's web browser. No data is transmitted to our servers or any third-party servers.

Subprocessors

TrendingTools does not use any subprocessors for data processing. However, we rely on the following third-party services for website functionality:

  • GitHub Pages: Website hosting (may see IP addresses for security purposes)
  • Google Fonts: Font delivery service
  • Font Awesome: Icon delivery service

These services do not process personal data from our tools.

Obligations of the Processor

Processing Instructions

TrendingTools will process personal data only in accordance with documented instructions from the Controller, unless required to do so by applicable law.

Confidentiality

TrendingTools ensures that persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

Security Measures

TrendingTools implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Client-side encryption where applicable
  • Secure coding practices
  • Regular security reviews
  • HTTPS encryption for all communications

Assistance to Controller

Taking into account the nature of processing and the information available, TrendingTools will assist the Controller in:

  • Responding to data subject requests
  • Ensuring compliance with security obligations
  • Conducting data protection impact assessments
  • Reporting personal data breaches

Data Subject Rights

Since TrendingTools does not store personal data, data subject rights are exercised through the Data Controller. TrendingTools will provide reasonable assistance to the Controller in fulfilling their obligations to respond to data subject requests.

Data subjects may exercise their rights under GDPR, including:

  • Right of access
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Rights related to automated decision making and profiling

Data Transfers

TrendingTools does not transfer personal data across borders. All processing occurs locally in the user's browser.

If any data transfer occurs in the future, TrendingTools will ensure that appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses
  • Adequacy decisions
  • Binding Corporate Rules
  • Approved codes of conduct or certification mechanisms

Security Breach Notification

In the event of a personal data breach, TrendingTools will notify the Controller without undue delay after becoming aware of the breach. The notification will include:

  1. A description of the nature of the breach
  2. The categories and approximate number of data subjects concerned
  3. The categories and approximate number of personal data records concerned
  4. The name and contact details of the data protection officer or other contact point
  5. A description of the likely consequences of the breach
  6. A description of the measures taken or proposed to address the breach

Audit Rights

The Controller has the right to conduct audits to verify TrendingTools' compliance with this DPA. Audits will be conducted:

  • With reasonable advance notice
  • During normal business hours
  • Without unreasonably disrupting TrendingTools' operations
  • Subject to reasonable confidentiality obligations

TrendingTools will make available to the Controller all information necessary to demonstrate compliance with the obligations in this DPA.

Deletion or Return of Data

Since TrendingTools does not store personal data, there is no data to delete or return at the end of the processing relationship.

Upon termination of the Services, TrendingTools will delete any residual data (if any exists) in accordance with its data retention policies and applicable law.

Important Clarification

This DPA is provided for compliance purposes. In practice, TrendingTools operates as a client-side application where:

  • All data processing occurs locally in the user's browser
  • No personal data is transmitted to our servers
  • No personal data is stored by TrendingTools
  • The Data Controller retains full control over all data

The primary responsibility for data protection remains with the Data Controller, who determines what data is processed through our tools.

Governing Law and Jurisdiction

This DPA shall be governed by and construed in accordance with the laws specified in the Terms of Service. Any disputes arising from this DPA shall be resolved in accordance with the dispute resolution provisions of the Terms of Service.

Changes to This DPA

We may update this DPA from time to time. The updated version will be indicated by an updated "Last Updated" date and the updated version will be effective as soon as it is accessible.

We encourage you to review this DPA frequently to be informed of how we are protecting your information and ensuring compliance with data protection regulations.

Contact Information

For questions about this DPA or data protection matters, please contact us through our Contact Us page with "DPA Inquiry" in the subject line.