Rankodin
FAQAboutContact

Privacy Policy

Last updated: 28 May 2025

This Privacy Policy explains what data Rankodin collects when you use our website and tools, how we use it, and what rights you have. We operate in full compliance with the European Union General Data Protection Regulation (GDPR) and the ePrivacy Directive.

1. Who we are

Rankodin is operated from Romania, European Union. Until our company registration is complete, the service is operated by the individual founder. For any privacy question, contact us at support@rankodin.com.

2. What we do — and what we do not do

Rankodin is a read-only SEO analysis tool. It fetches publicly accessible pages of websites the same way Google does — it never logs in to any store, never writes anything to your site, and never stores your site's content on our servers.

We do not:

  • require you to create an account;
  • collect your name, address or payment details;
  • sell or share your data with advertising networks;
  • store audit results, page HTML or product data on our servers;
  • track you across other websites.

3. Data we collect

URLs you submit

When you run an audit or use any tool, the URL you enter is sent to our server to process your request. It is used only to perform that scan and is not retained after the response is returned to your browser.

Technical request data

Our servers receive standard request metadata — IP address, browser type, referring page and approximate region. This is used solely for security, rate limiting and keeping the service running. It is held in server logs for a maximum of 30 days and then automatically deleted.

Google Search Console token

If you connect Google Search Console, the access token Google issues is stored in a short-lived, encrypted httpOnly cookie in your own browser. It is never stored on our servers. You can disconnect at any time from the Search Console page, which immediately deletes the cookie.

Store API credentials (Product Importer)

If you use the Product Importer, your WooCommerce or Shopify API credentials are sent from your browser directly to your store's API through our server. They are used only to complete the push request and are never logged or stored.

Analytics

We may use privacy-respecting, cookieless analytics to understand how the tool is used in aggregate (e.g. which features are most used). No personal identifiers are collected. See our Cookie Policy for details.

4. Legal basis (GDPR)

For users in the European Union, we process data on the following legal bases:

  • Legitimate interest — processing the URL you submit to deliver the audit result you requested, and retaining minimal server logs to secure the service.
  • Consent — for any optional analytics cookies, where applicable.
  • Contract performance — processing related to a license key purchase, where applicable.

5. Third-party services

To provide certain features, Rankodin may pass the URL you submit to the following third-party services:

  • Google PageSpeed Insights API — to retrieve performance metrics (Core Web Vitals). No personal data is sent — only the public URL. Governed by Google's Privacy Policy.
  • Anthropic Claude API — to generate SEO copy suggestions (titles, descriptions, alt texts). Only the publicly visible page content and URL are sent. Governed by Anthropic's Privacy Policy.
  • Vercel — our hosting provider, based in the United States. Data transfers are covered by Standard Contractual Clauses under GDPR. Governed by Vercel's Privacy Policy.

6. Data retention

Audit results and scanned content are never stored — they exist only in memory for the duration of your request and are returned to your browser. Server logs are retained for a maximum of 30 days for security purposes, then deleted. Score history and marked fixes are stored entirely in your own browser's localStorage — we have no access to them.

7. Your rights under GDPR

As a person in the European Union, you have the following rights:

  • Right of access — to request a copy of any personal data we hold about you.
  • Right to rectification — to correct inaccurate data.
  • Right to erasure — to request deletion of your personal data.
  • Right to restriction — to limit how we process your data.
  • Right to object — to object to processing based on legitimate interest.
  • Right to data portability — to receive your data in a structured, machine-readable format.

To exercise any of these rights, contact us at support@rankodin.com. We will respond within 30 days as required by GDPR.

8. Data security

All data transmitted between your browser and our servers is encrypted via HTTPS/TLS. API credentials passed through the Product Importer are never written to disk or logs. We apply the principle of data minimisation — we only process what is strictly necessary to deliver the service.

9. Children

Rankodin is not directed at children under the age of 16. We do not knowingly collect data from children.

10. Changes to this policy

We may update this policy as the product evolves or as regulations change. The "last updated" date at the top of this page always reflects the current version. Continued use of the service after a change constitutes acceptance of the updated policy.

11. Contact & complaints

For any question about this policy or your data, contact us at support@rankodin.com.

If you believe your data has been processed unlawfully, you have the right to lodge a complaint with your national data protection authority. In Romania, this is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP).