# Privacy Policy > Last updated: Apr 24, 2026 ## 1. Introduction Welcome to RankOrg ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SEO automation platform. RankOrg is a multi-tenant service that helps local businesses and agencies automatically generate and publish SEO-optimized blog content on a hosted subdomain. We are committed to protecting your privacy and complying with applicable data protection laws including the General Data Protection Regulation (GDPR). ## 2. Data Controller The data controller for your personal information is RankOrg. For any privacy-related inquiries, contact us at **contact@rankorg.com**. ## 3. Information We Collect ### 3.1 Account Information When you create an account on RankOrg, we collect: - Email address (primary identifier) - Full name - Profile image (when signing in via Google OAuth) - Account preferences and settings ### 3.2 Site Configuration Data When you set up your SEO site, we collect: - Your website URL - Target keywords and niche descriptions - Subdomain preferences - Custom domain (if configured) ### 3.3 Payment Information Payment processing is handled entirely by DodoPayments. We do not store payment card details or banking information on our servers. We receive only payment status and subscription state from DodoPayments. ### 3.4 Usage Data We collect IP addresses, device details, browser type, and session behavior to analyze platform usage and improve user experience. This data is processed through Mouseflow (see Section 6). ## 4. Legal Basis for Processing (GDPR) We process your personal data based on the following legal grounds: - **Consent:** For email marketing and non-essential analytics cookies. - **Contract:** To provide our SEO automation services and manage your subscription. - **Legitimate Interest:** For platform security, fraud prevention, and service improvement. - **Legal Obligation:** To comply with applicable laws and regulations. ## 5. How We Use Your Information - Authenticate and maintain your account. - Generate and publish AI-written SEO blog content on your behalf using your keywords and niche input. - Process payments and manage your subscription via DodoPayments. - Send transactional emails (account verification, password reset, service notifications) via Resend. - Analyze platform usage and improve user experience via Mouseflow session analytics. - Provide customer support and respond to inquiries. - Send relevant service updates or offers (you can opt out anytime). ## 6. Third-Party Services and Data Sharing We integrate with the following third-party services. By using RankOrg, you also agree to their respective privacy policies: ### 6.1 Google OAuth Used solely for authentication purposes. When you sign in with Google, we receive only your name, email address, and profile picture to create and authenticate your account. We do not access any other Google account data. Subject to [Google's Privacy Policy](https://policies.google.com/privacy). ### 6.2 DodoPayments Handles all payment processing and subscription management. We receive only payment status notifications and subscription state. No card or banking data is stored on our servers. Subject to DodoPayments' Privacy Policy. ### 6.3 Resend Processes transactional email delivery (account verification, password reset, 2FA codes, and service notifications). Your email address is shared with Resend solely to deliver these messages. Subject to Resend's Privacy Policy. ### 6.4 OpenAI Powers our AI blog content generation. Your website URL, keywords, and niche descriptions are sent to OpenAI to generate SEO content on your behalf. We do not send personal account information to OpenAI. Subject to OpenAI's Privacy Policy. ### 6.5 Mouseflow Used for session recording and analytics to improve platform usability. Mouseflow may collect IP addresses, device information, and user interaction data. Subject to Mouseflow's Privacy Policy. **We do not sell, rent, or trade your personal information to third parties for marketing purposes.** ## 7. Data Retention - **Account data:** Retained until you request account deletion. - **Site and content data:** Retained for the duration of your active subscription. - **Analytics data:** Retained as needed for platform improvement, then anonymized or deleted. - **Payment data:** Retained by DodoPayments according to their policies. ## 8. Your Rights (GDPR) Under GDPR, you have the following rights: - **Right of Access:** Request a copy of your personal data. - **Right to Rectification:** Correct inaccurate or incomplete data. - **Right to Erasure:** Request deletion of your personal data. - **Right to Restrict Processing:** Limit how we use your data. - **Right to Data Portability:** Receive your data in a structured format. - **Right to Object:** Object to processing based on legitimate interests. - **Right to Withdraw Consent:** Withdraw consent for consent-based processing at any time. To exercise these rights, contact us at **contact@rankorg.com**. We will respond within 30 days. ## 9. Data Security We implement encryption in transit and at rest, secure authentication protocols, and access controls to protect your data from unauthorized access, modification, or disclosure. However, no method of transmission over the internet is 100% secure. ## 10. International Data Transfers Your data may be processed in countries outside the European Economic Area (EEA) by our third-party service providers. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where required. ## 11. Cookies and Tracking We use essential cookies for authentication and session management. Analytics cookies (via Mouseflow) are used to improve our platform. You can manage cookie preferences through your browser settings. ## 12. Children's Privacy Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately. ## 13. Third-Party Links Our website may contain links to third-party sites. We are not responsible for their privacy practices and encourage you to review their policies before sharing personal data. ## 14. Changes to This Policy We may update this Privacy Policy periodically. Material changes will be communicated via email and the "last updated" date will be revised. Continued use of our services after changes constitutes acceptance. ## 15. Contact Information For any questions about this Privacy Policy, to exercise your rights, or to request account deletion: - **Email:** contact@rankorg.com - **Website:** rankorg.com - **Response time:** We aim to respond within 5 days.