GDPR Addendum

GDPR Addendum (EU/EEA and UK Data Protection Compliance)

Effective Date: October 5, 2025
Website: https://yourtrendingstories.com
Contact Email: [email protected]
Governing Law: United States of America (with adherence to GDPR principles for EU/EEA and UK users)

1. Purpose and Scope

This GDPR Addendum supplements and forms an integral part of our Privacy Policy.
It applies exclusively to users located within the European Economic Area (EEA) and the United Kingdom, in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the UK Data Protection Act 2018 (“UK GDPR”).

For purposes of this Addendum, “Personal Data” shall have the meaning assigned under Article 4(1) of the GDPR — any information relating to an identified or identifiable natural person.

2. Lawful Bases for Processing

We process personal data in compliance with the lawful bases defined under Article 6 of the GDPR. These include:

  1. Consent (Art. 6(1)(a)): When you voluntarily provide information or consent to cookies, newsletters, or marketing communications.
  2. Performance of a Contract (Art. 6(1)(b)): When processing is necessary to provide services you request or to fulfill contractual obligations.
  3. Legal Obligation (Art. 6(1)(c)): When processing is required for compliance with applicable law.
  4. Legitimate Interests (Art. 6(1)(f)): When processing is necessary for our legitimate business purposes, such as maintaining security, improving the Site, or preventing fraud, provided that such interests are not overridden by your rights and freedoms.

3. Categories of Personal Data Processed

We may process the following categories of personal data for EU/UK users:

  • Identification Data: Name, username, email address (via Google OAuth login).
  • Technical Data: IP address, browser type, device identifiers, and cookies.
  • Usage Data: Interaction logs, preferences, and website navigation patterns.
  • Communication Data: Inquiries, contact messages, and voluntary submissions.

Sensitive categories of data (as defined under Article 9 GDPR) are not collected or processed.

4. Data Controller and Contact

For GDPR compliance purposes, the Data Controller of personal data processed through this Site is:

YourTrendingStories.com
Email: [email protected]
Website: https://yourtrendingstories.com

5. Data Subject Rights

Under GDPR, users located in the EEA or UK are entitled to exercise the following rights concerning their personal data:

  1. Right of Access (Art. 15): Obtain confirmation as to whether personal data concerning you are being processed and access to such data.
  2. Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
  3. Right to Erasure (“Right to be Forgotten”) (Art. 17): Request deletion of your personal data under certain lawful circumstances.
  4. Right to Restrict Processing (Art. 18): Request limitation of data processing where accuracy or legality is disputed.
  5. Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format or request transmission to another controller.
  6. Right to Object (Art. 21): Object to processing based on legitimate interests or direct marketing purposes.
  7. Right to Withdraw Consent (Art. 7(3)): Withdraw consent at any time without affecting the lawfulness of prior processing.

Requests to exercise any of these rights may be submitted by emailing [email protected].
We will respond within 30 days in accordance with Article 12(3) GDPR.

6. International Data Transfers

As our operations are based in the United States, your data may be transferred and processed outside the EEA/UK.
To safeguard such transfers, we rely on one or more of the following lawful mechanisms:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • UK International Data Transfer Addendum (for transfers from the United Kingdom);
  • Adequacy Decisions (where applicable); or
  • Explicit user consent (Art. 49(1)(a) GDPR) for specific transfers.

We implement appropriate technical and organizational measures to ensure equivalent data protection standards consistent with GDPR requirements.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy and in accordance with applicable law.
When data is no longer needed, it will be securely deleted or anonymized.

8. Data Security

We employ administrative, technical, and physical safeguards to protect personal data against unauthorized access, alteration, disclosure, or destruction, in compliance with Articles 32–34 GDPR.

These include secure encryption protocols, restricted access controls, and regular system security reviews.

9. Automated Decision-Making

We do not engage in automated decision-making or profiling as defined under Articles 22(1) and (4) of the GDPR.
Any future implementation of automated processing will be disclosed and subject to user consent and oversight requirements.

10. Complaints and Supervisory Authority

EU/EEA and UK residents have the right to lodge a complaint with a supervisory data protection authority if they believe their data is being processed unlawfully.

You may contact your local supervisory authority, or the primary one applicable to us:
European Data Protection Board (EDPB)https://edpb.europa.eu/

For UK users:
Information Commissioner’s Office (ICO)https://ico.org.uk/

We encourage you to contact us directly first to resolve any concerns at [email protected].

11. Children’s Data

Our services are not directed to children under 16 years of age in the EEA or UK.
We do not knowingly collect or process personal data from minors without parental consent as required under Article 8 GDPR.

12. Updates to This Addendum

We may update this Addendum periodically to reflect changes in law, technology, or our data practices.
The updated version will be posted on this page with a revised “Effective Date.” Continued use of the Site signifies acceptance of the modified terms.

13. Contact for Data Protection Inquiries

For all data protection matters, including GDPR-related questions or rights requests, please contact:

Data Protection Officer (DPO)
YourTrendingStories.com
Email: [email protected]
Website: https://yourtrendingstories.com

Legal Notice

This GDPR Addendum is made pursuant to Regulation (EU) 2016/679, the UK Data Protection Act 2018, and related implementing regulations.
It constitutes a binding supplement to the site’s Privacy Policy, ensuring compliance with transnational data protection obligations.

Compliance Summary:
This Addendum ensures global legal coverage for your blog, combining:

  • U.S. privacy compliance (CCPA, CalOPPA)
  • EU/UK data protection compliance (GDPR, UK GDPR)
  • Google OAuth, Analytics, and AdSense data protection adherence
Published: October 5, 2025
Updated: October 5, 2025