# Privacy Policy

> Last updated: Jun 13, 2026

## 1. Introduction

Welcome to RankOrg ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SEO/GEO content platform. RankOrg helps local businesses, startups, and agencies with SEO/GEO content. We research and write SEO/GEO-optimized articles based on your website, brand voice, and target keywords, and publish approved content on a regular schedule with full options for review and edit.

We are committed to protecting your privacy and complying with applicable data protection laws including the General Data Protection Regulation (GDPR).

## 2. Data Controller

The data controller for your personal information is RankOrg. For any privacy-related inquiries, contact us at **contact@rankorg.com**.

## 3. Information We Collect

### 3.1 Account Information

When you create an account on RankOrg, we collect:

- Email address (primary identifier)
- Full name
- Profile image (when signing in via Google OAuth)
- Account preferences and settings

### 3.2 Site Configuration Data

When you set up your SEO/GEO site, we collect:

- Your website URL
- Target keywords and niche descriptions
- Subdomain preferences
- Custom domain (if configured)

### 3.3 Payment Information

Payment processing is handled entirely by DodoPayments. We do not store payment card details or banking information on our servers. We receive only payment status and subscription state from DodoPayments.

### 3.4 Usage Data

We collect IP addresses, device details, browser type, and session behavior to analyze platform usage and improve user experience. This data is processed through Mouseflow, Google Analytics 4, and Umami for privacy-focused usage analytics (see Section 6).

## 4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

- **Consent:** For email marketing and non-essential analytics cookies.
- **Contract:** To provide our SEO/GEO content services and manage your subscription.
- **Legitimate Interest:** For platform security, fraud prevention, and service improvement.
- **Legal Obligation:** To comply with applicable laws and regulations.

## 5. How We Use Your Information

- Authenticate and maintain your account.
- Research and write SEO/GEO-optimized articles based on your website and inputs, with full options for review and edit before publishing.
- Process payments and manage your subscription via DodoPayments.
- Send transactional emails (account verification, password reset, service notifications) via Amazon SES.
- Analyze platform usage and improve user experience via Mouseflow session analytics, Umami, and Google Analytics 4.
- Provide customer support and respond to inquiries.
- Send relevant service updates or offers (you can opt out anytime).

## 6. Third-Party Services and Data Sharing

We integrate with the following third-party services. By using RankOrg, you also agree to their respective privacy policies:

### 6.1 Google OAuth

Used solely for authentication purposes. When you sign in with Google, we receive only your name, email address, and profile picture to create and authenticate your account. We do not access any other Google account data. Subject to [Google's Privacy Policy](https://policies.google.com/privacy).

### 6.2 DodoPayments

Handles all payment processing and subscription management. We receive only payment status notifications and subscription state. No card or banking data is stored on our servers. Subject to DodoPayments' Privacy Policy.

### 6.3 Amazon Web Services (Amazon SES)

Processes transactional email delivery (account verification, password reset, 2FA codes, and service notifications). Your email address is shared with Amazon Web Services solely to deliver these messages. Subject to AWS' Privacy Policy.

### 6.4 OpenAI

Provides AI assistance for research and drafting of articles. Your website URL, keywords, and niche descriptions may be sent to OpenAI (or similar AI services) to help research and draft SEO/GEO-optimized content. We do not send personal account information to OpenAI. Subject to OpenAI's Privacy Policy.

### 6.5 Mouseflow

Used for session recording and analytics to improve platform usability. Mouseflow may collect IP addresses, device information, and user interaction data. Subject to Mouseflow's Privacy Policy.

### 6.6 Umami

Used for privacy-focused website analytics to understand page views and usage patterns. Subject to Umami's Privacy Policy.

### 6.7 Google Analytics 4

Used for platform usage analytics (page views, sessions, events, user flows) to understand how visitors and customers interact with the RankOrg dashboard, onboarding, and marketing pages. We use a single Google Analytics property for our own platform only. Subject to Google's Privacy Policy.

**We do not sell, rent, or trade your personal information to third parties for marketing purposes.**

## 7. Data Retention

- **Account data:** Retained until you request account deletion.
- **Site and content data:** Retained for the duration of your active subscription.
- **Analytics data:** Retained as needed for platform improvement, then anonymized or deleted.
- **Payment data:** Retained by DodoPayments according to their policies.

## 8. Your Rights (GDPR)

Under GDPR, you have the following rights:

- **Right of Access:** Request a copy of your personal data.
- **Right to Rectification:** Correct inaccurate or incomplete data.
- **Right to Erasure:** Request deletion of your personal data.
- **Right to Restrict Processing:** Limit how we use your data.
- **Right to Data Portability:** Receive your data in a structured format.
- **Right to Object:** Object to processing based on legitimate interests.
- **Right to Withdraw Consent:** Withdraw consent for consent-based processing at any time.

To exercise these rights, contact us at **contact@rankorg.com**. We will respond within 30 days.

## 9. Data Security

We implement encryption in transit and at rest, secure authentication protocols, and access controls to protect your data from unauthorized access, modification, or disclosure. However, no method of transmission over the internet is 100% secure.

## 10. International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA) by our third-party service providers. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where required.

## 11. Cookies and Tracking

We use essential cookies for authentication and session management. Analytics tools (via Mouseflow, Google Analytics 4, and Umami) are used to measure usage and improve our platform, with Umami used for privacy-focused analytics.

You can manage your preferences at any time by clicking "Cookie preferences" (in the footer or on this page) or by clearing your browser cookies.

## 12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

## 13. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices and encourage you to review their policies before sharing personal data.

## 14. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email and the "last updated" date will be revised. Continued use of our services after changes constitutes acceptance.

## 15. Contact Information

For any questions about this Privacy Policy, to exercise your rights, or to request account deletion:

- **Email:** contact@rankorg.com
- **Website:** rankorg.com
- **Response time:** We aim to respond within 5 days.
