RankFloRankFlo

Privacy Policy

Last updated: March 28, 2026

RankFlo ("we", "us", or "our") operates https://app.rankflo.io and related services (the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights. By using the Service, you agree to the practices described here.

1. Information We Collect

Account information

When you create an account we collect your name, email address, and password (hashed). If you sign in via Google or GitHub OAuth, we receive your name, email, and profile photo from that provider.

Usage data

We collect server logs, page views, feature usage, and error reports to operate and improve the Service. This data is linked to your account and IP address.

Content you create

Blog posts, media files, settings, and other content you create within the Service are stored on our servers and processed to deliver the Service to you.

Payment information

Payments are processed by Stripe. We do not store credit card numbers. We receive billing metadata (plan type, last 4 digits, subscription status) from Stripe.

2. How We Use Your Information

  • To provide, operate, and improve the Service
  • To process payments and manage your subscription
  • To send transactional emails (receipts, account alerts, password resets)
  • To respond to support requests
  • To detect and prevent fraud, abuse, and security incidents
  • To comply with legal obligations

We do not sell your personal data to third parties. We do not use your content to train AI models.

3. Data Sharing

We share data only with trusted service providers who process it on our behalf:

  • Stripe — payment processing
  • Hetzner — cloud infrastructure and data storage (EU)
  • KIE.ai — AI image generation (only the text prompts you submit)
  • OpenAI / Anthropic / Google — AI text generation (only the content you send to AI features)

All providers are contractually bound to process data only as instructed and with appropriate security measures.

4. Cookies & Tracking

We use a single session cookie (rankflo_session) to keep you logged in. We do not use third-party advertising trackers or fingerprinting. Analytics are collected server-side without client-side JavaScript trackers.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we permanently delete your personal data within 30 days, except where retention is required by law (e.g., billing records for 7 years).

6. Your Rights (GDPR / CCPA)

Depending on your location, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Export your data in a portable format
  • Object to or restrict processing of your data
  • Withdraw consent at any time

To exercise any of these rights, email privacy@rankflo.io. We will respond within 30 days.

7. Security

We use TLS encryption for all data in transit, bcrypt hashing for passwords, and AES-256 encryption for sensitive credentials stored at rest. Our infrastructure is hosted in ISO 27001-certified data centers. We conduct regular security reviews.

8. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, contact us immediately.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email or by posting a notice in the dashboard. Continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy questions or requests:

RankFlo
privacy@rankflo.io