Cookie policy

How TrendRise uses cookies and similar technologies.

A detailed cookie draft covering necessary storage, consent records, authentication, checkout, preferences, analytics, Partner attribution, URL parameters, browser controls, retention, provider technologies, and inventory-review items.

Legal hubContact

Purpose and status

This Cookie Policy explains how TrendRise uses cookies, local storage, URL parameters, device storage, pixels, SDKs, server logs, and similar technologies across the public website, docs, legal pages, support pages, app, Partner links, checkout flows, and product surfaces.

  • This is a lawyer-review-ready operating draft and must be reviewed by counsel before final public launch.
  • This policy works with the Privacy Policy, Terms of Use, Partner Terms, Refund Policy, Subprocessors page, and Data Processing Addendum.
  • The production cookie inventory still needs final confirmation from engineering and counsel before broad customer launch.
  • Questions about cookies or privacy choices should be sent to privacy@trendrise.io.

What cookies and similar technologies do

Cookies and similar technologies help a browser, device, or service remember information across pages or sessions. Some are required for the service to work. Others help TrendRise remember choices, understand usage, improve the product, or attribute approved Partner referrals.

  • Cookies are small browser records stored by a website or provider.
  • Local storage is browser storage that can remember settings or product state.
  • Pixels, tags, SDKs, and similar tools can help measure page views, conversions, errors, campaign performance, or referral activity.
  • URL parameters such as ref, partner, or UTM values can pass source and campaign context into TrendRise workflows.
  • Server logs can record request information such as IP address, user agent, referrer, route, timestamp, and error context.

Strictly necessary category

Strictly necessary technologies are required to provide the website, app, account, security, checkout, routing, consent, and core service functions requested by the user. These cannot be turned off through the TrendRise cookie banner.

  • Authentication, sign-in, sign-up, session handling, account security, and workspace access.
  • Security, fraud prevention, CSRF protection, abuse prevention, rate limiting, load balancing, routing, and service reliability.
  • Checkout, billing portal, payment-status, refund, dispute, tax, and fraud-prevention flows provided by payment processors.
  • Cookie consent storage so TrendRise can remember whether the user accepted, rejected, or customized choices.
  • Basic route state, development-only local beta session handling, and other technical records needed to deliver requested app behavior.

Authentication, sessions, and security

Authentication, session, and security technologies help TrendRise and its providers recognize signed-in users, protect accounts, prevent abuse, and keep workspace access scoped to the correct person or team.

  • These technologies may be provided by TrendRise, Clerk, Vercel, Stripe, security infrastructure, hosting providers, or similar service providers.
  • Examples include session identifiers, sign-in state, email verification state, multi-factor or device security context, CSRF protection, fraud signals, request integrity checks, and load-balancer routing.
  • Disabling these in the browser may prevent sign-in, checkout, account settings, Partner dashboards, billing portal access, support flows, or other app features from working.
  • Provider cookie names and durations can change and should be confirmed in the production inventory.

Payment and checkout technologies

TrendRise uses payment providers such as Stripe for Checkout, subscription management, customer portal access, fraud prevention, billing events, refunds, disputes, taxes, and Partner payout readiness. These providers may set or read cookies and similar technologies during hosted checkout, account portal, fraud-prevention, or payout flows.

  • Payment-related technologies are usually necessary for a requested purchase, billing action, fraud-prevention check, or payout onboarding step.
  • TrendRise should not collect or store raw payment card numbers in its own application.
  • Stripe and other payment providers process certain cookies, payment identifiers, fraud signals, and hosted-page activity under their own policies.
  • Billing metadata may connect checkout sessions, invoices, subscriptions, refunds, disputes, policy versions, and Partner attribution records.

Preferences category

Preference technologies remember non-essential interface choices so TrendRise feels consistent when a user returns.

  • Examples may include dismissed notices, preferred views, filter state, display settings, non-essential route state, or other interface choices.
  • Preference storage may use first-party cookies, local storage, or similar browser storage.
  • If the user rejects the Preferences category, TrendRise should avoid storing non-essential preference records where the banner controls that behavior.
  • Deleting browser data may reset preferences and cause banners, notices, or settings to appear again.

Analytics category

Analytics technologies help TrendRise understand how visitors and customers use the website, docs, product flows, support surfaces, checkout funnels, Partner funnels, and legal pages. Analytics should be enabled only where permitted and, where required, after consent.

  • Examples may include page views, route activity, feature usage, referrer, browser/device context, approximate location, funnel steps, errors, performance metrics, documentation usage, support-page usage, and aggregate conversion signals.
  • Analytics should be used to improve reliability, onboarding, documentation, pricing, product quality, support, and provider-cost control.
  • TrendRise should avoid analytics collection that is unnecessary, overly sensitive, or unrelated to operating and improving the service.
  • If TrendRise adds a named analytics provider, the production cookie inventory should list provider name, cookie/storage names, purpose, category, retention, and whether consent is required.

Partner attribution category

Partner attribution technologies help TrendRise determine whether a visitor arrived through an approved Partner link and whether that visit later led to signup, checkout, subscription, refund, dispute, commission eligibility, or payout review.

  • Current Partner attribution cookie name: trendrise_partner_code.
  • Current retention target: 90 days unless a specific Partner offer, law, technical setting, or policy update says otherwise.
  • Current purpose: stores the approved Partner code so TrendRise can connect a later signup or checkout to the Partner attribution ledger.
  • Partner links may also use URL parameters such as ref, partner, utm_source, utm_medium, utm_campaign, utm_content, and utm_term.
  • Attribution can be affected by browser settings, consent choices, private browsing, cookie blocking, storage clearing, overwritten links, expired windows, payment-provider metadata, refunds, disputes, fraud review, and Partner Terms.

Partner click and campaign logs

When someone opens an approved Partner link, TrendRise may record a click event and related campaign context for attribution, fraud prevention, Partner reporting, commission review, and dispute analysis.

  • Examples may include Partner code, Partner application id, source URL, landing URL, referrer, user agent, UTM parameters, timestamp, and a daily hashed visitor signal where available.
  • TrendRise should avoid using Partner click records to expose unnecessary customer-level data to Partners.
  • Approved Partners may see limited aggregated or event-level attribution information where needed for the Partner program, but TrendRise may withhold data for privacy, security, legal, fraud, or product reasons.
  • Partner attribution records can be used to freeze, reverse, deny, or reconcile commissions connected to refunds, disputes, fraud, self-referrals, coupon abuse, or policy violations.

URL parameters and referral data

TrendRise may use referral and campaign parameters in URLs to understand where traffic came from, route visitors, attribute referrals, diagnose campaign issues, and connect signups or purchases to the right source.

  • Examples include ref, partner, utm_source, utm_medium, utm_campaign, utm_content, and utm_term.
  • Do not put sensitive personal data, payment information, secrets, or private customer data in URL parameters.
  • URL parameters may be stored in browser history, server logs, analytics tools, support screenshots, payment metadata, or Partner attribution records.
  • TrendRise may remove, normalize, hash, or limit referral data where appropriate.

Product and workspace storage

Some browser storage may support product behavior inside TrendRise, such as keeping route state, temporary workflow context, local UI state, or development-only beta session behavior.

  • Workspace records and generated outputs should generally be stored server-side in the TrendRise application, not only in browser storage.
  • Local storage should not be used for secrets, API keys, raw payment card data, government identifiers, or highly sensitive personal data.
  • In protected app areas, some browser storage may be necessary or strongly related to requested product functionality.
  • Clearing browser storage may interrupt local state, sign-in state, preferences, attribution, or incomplete workflows.

Email, support, and communications technologies

If TrendRise uses email, support, chat, or customer-communication tools, those providers may use tracking or storage technologies to deliver messages, remember conversation state, prevent abuse, measure deliverability, or help support teams respond.

  • Examples may include email delivery, bounce, unsubscribe, suppression, open, click, reply, support-thread, chat-session, or help-widget metadata where enabled.
  • Marketing email tracking should follow consent and unsubscribe rules where applicable.
  • Support technologies may be necessary where the user requests support, but optional analytics or marketing features should be categorized appropriately.
  • Any support/chat/email tracking tools used in production should be included in the final inventory.

Advertising and retargeting

TrendRise does not currently intend for the default legal draft to authorize broad third-party advertising, cross-context behavioral advertising, sale of customer lists, or retargeting pixels without additional review.

  • If TrendRise adds ad pixels, retargeting, lookalike audiences, cross-context behavioral advertising, or targeted advertising, the Cookie Policy, Privacy Policy, consent banner, and provider inventory must be updated before use.
  • Any such technologies should be separated from strictly necessary cookies and reviewed for consent, opt-out, Global Privacy Control, and US state privacy requirements where applicable.
  • Sensitive personal information should not be used for advertising or profiling unless expressly approved by counsel and applicable law.

Do Not Track and Global Privacy Control

Some browsers offer Do Not Track or Global Privacy Control signals. TrendRise's final implementation should define how these signals are handled based on applicable law, supported vendors, and product behavior.

  • Do Not Track is not a uniform technical or legal standard across all browsers and providers.
  • Global Privacy Control may be legally relevant in some jurisdictions, especially for sale, sharing, targeted advertising, or similar opt-out rights.
  • If TrendRise adds sale, sharing, targeted advertising, or broader ad-tech integrations, GPC handling should be implemented and documented before launch.
  • Counsel should review the final US state privacy signal posture.

Managing choices

Users can manage optional categories through the TrendRise cookie banner and can also block or delete cookies through browser settings. Browser-level blocking may affect sign-in, checkout, Partner attribution, preferences, workspace routing, support, and product functionality.

  • Rejecting non-essential cookies will not disable strictly necessary technologies.
  • Changing choices applies prospectively. It may not delete information already collected under a prior valid choice or retained for security, billing, legal, fraud-prevention, tax, support, or dispute purposes.
  • Users can clear cookies and local storage through browser controls, but doing so may sign them out, remove preferences, break attribution continuity, or require the banner to appear again.
  • If a user uses multiple browsers, devices, profiles, or private browsing sessions, choices may need to be set separately.
  • Some third-party providers may require separate controls through their own sites or privacy tools.

Current operating inventory

This inventory reflects the current operating draft and known TrendRise-specific technologies. It must be confirmed against production provider settings before launch.

  • trendrise_cookie_consent: first-party cookie and localStorage; strictly necessary; stores cookie category choices and consent version; target retention 180 days.
  • trendrise_partner_code: first-party httpOnly cookie; Partner attribution; stores an approved Partner code after an approved Partner link; target retention 90 days unless a specific offer or law requires a different result.
  • Clerk/authentication technologies: provider-managed cookies or storage; strictly necessary for sign-in, sign-up, sessions, account security, verification, and protected app access; retention controlled by provider/session settings.
  • Stripe/payment technologies: provider-managed cookies or storage; necessary for Checkout, billing portal, payment security, fraud prevention, tax, refunds, disputes, and payout-related flows; retention controlled by Stripe and checkout/session settings.
  • Vercel/hosting/security/log technologies: server and infrastructure records; necessary for routing, hosting, reliability, security, error investigation, and abuse prevention; retention controlled by infrastructure and log settings.
  • Analytics technologies: optional category where enabled; exact provider names, cookies, storage names, and retention periods must be added before enabling production analytics that require consent.
  • Support/chat/email technologies: category depends on exact tool and purpose; exact provider names, cookies, storage names, and retention periods must be added before enabling production tools that set cookies or track engagement.

Retention

Cookie and storage retention depends on the category, provider, browser, user settings, and legal purpose.

  • Session technologies may expire when the browser closes, when the session expires, or when the user signs out.
  • Consent storage currently targets 180 days.
  • Partner attribution currently targets 90 days.
  • Security, billing, refund, dispute, tax, fraud-prevention, support, and legal records may be retained server-side even after browser cookies expire or are deleted.
  • Provider-managed cookies and logs may follow provider-specific retention settings described in provider documentation or contracts.

Children and sensitive data

TrendRise is not designed for children and does not need sensitive personal data in browser storage for normal use.

  • Do not enter children's data, health data, government identifiers, payment card data, private keys, passwords, or other highly sensitive information into URL parameters, support screenshots, browser storage, prompts, or optional tracking workflows.
  • If sensitive information is accidentally submitted, contact privacy@trendrise.io or security@trendrise.io so TrendRise can assess reasonable mitigation.
  • Optional cookies should not be used to infer sensitive characteristics unless counsel approves a specific lawful workflow.

Third-party sites and embedded services

TrendRise may link to or integrate with third-party services such as Stripe, Clerk, Vercel, Notion, Slack, GitHub, OpenAI, Apify, Google, Shopify, Etsy, Amazon, Gumroad, or other providers. Those providers may use their own cookies and similar technologies under their own policies.

  • TrendRise is not responsible for third-party sites that are not controlled by TrendRise.
  • Hosted checkout, authentication, embedded widgets, support tools, and external product channels may have separate cookie notices or privacy settings.
  • The Subprocessors page should track key providers used to operate TrendRise.
  • The final cookie inventory should distinguish first-party TrendRise technologies from provider-managed technologies.

Policy and banner updates

TrendRise may update this Cookie Policy and the banner as the product, providers, analytics, Partner program, support tooling, advertising posture, legal obligations, or regions change.

  • Material category changes should update the banner before the new optional technology is used where consent is required.
  • A new consent version may cause the banner to reappear.
  • The updated date should change when the policy or cookie categories materially change.
  • The final public page should remove lawyer-review notes once counsel approves the document.

Contact

Questions about cookies, local storage, consent, attribution, analytics, browser signals, or privacy choices should be sent to TrendRise.

  • Privacy and cookie requests: privacy@trendrise.io.
  • Security reports: security@trendrise.io.
  • Billing, refunds, invoices, payment issues, and credits: billing@trendrise.io.
  • General support: support@trendrise.io.

Related policies

Terms of UseAcceptable UsePrivacy PolicyRefund PolicyCookie PolicySecuritySubprocessors