Privacy Policy
Last updated: March 21, 2026
1. Introduction
RankForge ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our structural SEO intelligence platform ("the Service").
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Email address
- Password (stored as a cryptographic hash — we never store plaintext passwords)
- Account preferences and settings
2.2 Website Data (Crawl Data)
When you submit a website for analysis, our crawler (RankForgeBot/1.0) accesses publicly available pages and collects:
- Page URLs and HTTP status codes
- HTML content (titles, headings, meta tags, link elements)
- Internal link structure and anchor text
- Page load characteristics
We only crawl publicly accessible pages. We respect robots.txt directives and implement rate limiting to minimize impact on target servers. We do not crawl password-protected areas, submit forms, or interact with dynamic content requiring authentication.
2.3 Usage Data
We automatically collect certain information about how you interact with the Service, including:
- Analysis history and timestamps
- Feature usage patterns
- API request logs (endpoints accessed, response codes)
- IP address and browser user agent (for rate limiting and security)
2.4 Branding Assets
If you upload custom branding (logos, colors) for white-label reports, those assets are stored on our servers and associated with your account.
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service.
- Perform SEO analysis and generate recommendations for your websites.
- Generate reports (PDF, CSV, JSON) based on your analysis data.
- Authenticate your identity and manage your account.
- Enforce usage limits, rate limiting, and prevent abuse.
- Communicate important updates about the Service or your account.
- Comply with legal obligations.
4. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information or analysis data. We may share information only in these circumstances:
- Service providers: We may share data with third-party providers who assist in operating the Service (hosting, infrastructure), under strict confidentiality agreements.
- Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
- Safety and enforcement: We may disclose information to protect the rights, safety, or property of RankForge, our users, or the public.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.
5. Data Retention
We retain data according to these policies:
- Account data: Retained for the duration of your account. Deleted upon account deletion, subject to legal retention requirements.
- Analysis data (registered users): Retained for as long as your account is active. You can delete individual analyses at any time.
- Anonymous analysis data: Automatically deleted after 24 hours.
- Generated reports: Stored until you delete them or your account is terminated.
- Server logs: Retained for up to 90 days for security and debugging purposes.
6. Data Security
We implement industry-standard security measures to protect your data, including:
- Passwords are hashed using strong cryptographic algorithms (never stored in plaintext).
- Authentication is handled via signed JWT tokens with configurable expiration.
- Database connections use encrypted channels where supported.
- Rate limiting protects against brute-force and abuse.
- Access controls restrict data visibility to authorized account holders and administrators.
While we take reasonable precautions, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal data.
- Deletion: Request deletion of your personal data and account.
- Data portability: Request your analysis data in a machine-readable format (JSON, CSV).
- Objection: Object to certain types of data processing.
- Restriction: Request restriction of processing in certain circumstances.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
8. Cookies and Tracking
The Service uses essential cookies and local storage for authentication and session management. We do not use third-party tracking cookies, advertising pixels, or behavioral analytics tools.
9. International Data Transfers
Your data may be processed in jurisdictions outside your country of residence. Where required by law, we implement appropriate safeguards (such as standard contractual clauses) to protect your data during international transfers.
10. Children's Privacy
The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notification. The "Last updated" date at the top reflects the most recent revision.
12. Contact Us
For questions or concerns about this Privacy Policy or our data practices, contact us at [email protected].