RankSurf

Privacy Policy

Last updated: January 23, 2026

1. Data Controller

RankSurf is the data controller responsible for your personal data. Contact: support@ranksurf.io

2. Information We Collect

We collect:

  • Account Information: Email address, name, and authentication data when you sign up.
  • Project Data: Website URLs, brand information, and content preferences you provide.
  • Uploaded Assets: Files, documents, and materials you upload for content generation.
  • Generated Content: Articles, briefs, and metadata created through the Service.
  • Usage Data: Log data, device information, and how you interact with the Service.
  • Payment Information: Processed securely by our payment provider (Stripe). We do not store card details.

3. How We Use Your Data

  • To provide and operate the Service.
  • To process your materials through AI for content generation.
  • To publish content to your connected platforms.
  • To communicate with you about your account and the Service.
  • To improve and develop the Service.
  • To comply with legal obligations.

4. Legal Basis for Processing

We process your data based on:

  • Contract Performance: To provide the Service you subscribed to.
  • Legitimate Interest: To improve the Service, prevent fraud, and ensure security.
  • Legal Obligation: To comply with applicable laws.
  • Consent: For optional processing such as marketing communications.

5. AI Processing

Your project data and uploaded assets are processed by AI services (Anthropic Claude) to generate content. This data is sent to third-party AI providers solely for content generation. We do not use your content to train AI models.

6. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication.
  • Anthropic: AI content generation.
  • Stripe: Payment processing.
  • Your Integrations: WordPress, Notion, and webhook endpoints you connect.

Each service has its own privacy policy governing their data practices.

7. Data Storage & Security

Your data is stored securely using industry-standard measures. We use encryption in transit and at rest. Access to data is restricted to authorized personnel only.

8. Data Retention

We retain your data while your account is active. Upon account deletion, we delete your personal data and uploaded assets within 30 days, except where retention is required by law.

9. Your Rights

Under GDPR and applicable laws, you have the right to:

  • Access and receive a copy of your data.
  • Correct inaccurate data.
  • Delete your account and associated data.
  • Export your generated content (data portability).
  • Object to processing in certain circumstances.
  • Restrict processing of your data.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection supervisory authority.

Contact us at support@ranksurf.io to exercise these rights.

10. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies to understand Service usage. You can control cookies through your browser settings.

11. International Transfers

Your data may be processed in countries outside your residence, including the United States (for AI processing) and the EU. We ensure appropriate safeguards are in place for such transfers.

12. Children

The Service is not intended for users under 18. We do not knowingly collect data from children.

13. Changes to This Policy

We may update this policy. Material changes will be communicated via email or through the Service before they take effect.

14. Contact

Questions about this policy? Contact us at support@ranksurf.io