MegaTrend Spotter logoMegaTrend Spotter

Privacy policy

Last updated: June 2026

This policy explains how MegaTrend Spotter (“we”, “us”) collects, uses, and protects personal data when you use megatrendspotter.com. We act as the data controller under the EU General Data Protection Regulation (GDPR).

Who we are

MegaTrend Spotter is a foresight tool for analysts. For privacy questions, contact privacy@megatrendspotter.com.

Data we collect

  • Account data — email address and authentication identifiers when you sign up or sign in (including via Google OAuth).
  • Workspace content — scans, keywords, AI-synthesized trends, and visualizations you create in the app.
  • Usage data — if you accept analytics cookies, Google Analytics 4 records pages visited, device type, approximate location (country/region), and referring URL. See our cookie policy for details.
  • Technical logs — server and error logs containing IP address and request metadata, retained briefly for security and debugging.

Why we use it (legal bases)

  • Contract — to provide the service, authenticate you, and store your scans.
  • Legitimate interest — to secure the service, prevent abuse, and improve reliability.
  • Consent — for analytics cookies. You can withdraw consent at any time from the cookie policy page.
  • Legal obligation — where required to comply with applicable law.

AI processing

When you ask MegaTrend Spotter to suggest keywords or synthesize trends, the relevant workspace content is sent to a large language model provider (via the Lovable AI Gateway, currently Google and OpenAI) to generate the response. Providers process the data only to return a result and do not use it to train their models.

Sharing & processors

We share data only with service providers strictly needed to run the product:

  • Supabase — authentication and database hosting.
  • Cloudflare — application hosting and CDN.
  • Google Ireland Ltd. — analytics (only with consent), Google OAuth, and Gemini AI models.
  • OpenAI — GPT models used for AI features.

Some providers may process data outside the EEA. Transfers rely on the European Commission's Standard Contractual Clauses and equivalent safeguards.

Retention

We keep your account data and scans for as long as your account is active. Delete your account or specific scans at any time to remove them; backups roll off within 30 days. Analytics data follows Google Analytics' default retention.

Your GDPR rights

You have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Erase your data (“right to be forgotten”).
  • Restrict or object to processing.
  • Port your data to another service.
  • Withdraw consent for analytics at any time.
  • Lodge a complaint with your national data protection authority.

To exercise any of these rights, email privacy@megatrendspotter.com.

Security

Data is encrypted in transit (HTTPS) and at rest. Access is restricted with row-level security and least-privilege controls. No system is perfectly secure, so we encourage strong, unique passwords.

Changes

We may update this policy as the product evolves. Material changes will be reflected by an updated date at the top of this page.

← Back to homeCookie policy