Privacy Policy

Last updated: May 15, 2026

1. Introduction

RankMind AI ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at www.rank-mind.com.

This policy is compliant with the EU General Data Protection Regulation (GDPR), the UAE Personal Data Protection Law (PDPL Federal Decree-Law No. 45 of 2021), and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is RankMind AI. For any data-related inquiries, contact us at: privacy@rankmind.ai

3. Information We Collect

We collect the following categories of personal data:

  • Account Data: Name, email address, password (hashed), and profile information provided during registration.
  • Usage Data: Pages visited, features used, agent runs, timestamps, and interaction logs.
  • Technical Data: IP address, browser type, device information, operating system, and referral URLs.
  • Payment Data: Billing information processed securely by Stripe. We do not store full card numbers.
  • Content Data: URLs, keywords, and content you submit to our AI agents for analysis.
  • Communications: Emails and support messages you send us.

4. How We Use Your Data

We process your personal data for the following purposes and legal bases:

Service Delivery
To provide, operate, and maintain the RankMind AI platform and its AI agents.
Contract performance
Account Management
To create and manage your user account, authenticate you, and send transactional emails.
Contract performance
Billing & Payments
To process subscription payments, issue invoices, and manage plan upgrades.
Contract performance
Product Improvement
To analyze usage patterns and improve our AI models, features, and user experience.
Legitimate interests
Security
To detect fraud, prevent abuse, and protect the integrity of our platform.
Legitimate interests
Legal Compliance
To comply with applicable laws, regulations, and legal processes.
Legal obligation
Marketing (with consent)
To send product updates and promotional emails. You may opt out at any time.
Consent

5. Cookies and Tracking

We use cookies and similar tracking technologies to operate and improve our service. Categories of cookies we use:

  • Strictly Necessary: Required for authentication, session management, and security. Cannot be disabled.
  • Analytics: Help us understand how users interact with our platform (e.g., page views, feature usage). Only activated after your consent.
  • Preferences: Remember your settings and preferences (e.g., theme, language).

You can manage your cookie preferences at any time via our cookie consent banner or your browser settings.

6. Third-Party Services

We share data with the following trusted third-party processors:

ServicePurposeLocation
SupabaseAuthentication & databaseUSA (AWS)
StripePayment processingUSA
OpenAIAI content generationUSA
ResendTransactional email deliveryUSA
VercelHosting & infrastructureUSA/Global CDN
GoogleOAuth login, Search APIUSA/Global

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account deletion:

  • Account data is deleted within 30 days.
  • Billing records are retained for 7 years as required by financial regulations.
  • Anonymized analytics data may be retained indefinitely.

8. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email us at privacy@rankmind.ai. We will respond within 30 days.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission where applicable.

10. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, bcrypt password hashing, and regular security audits. However, no method of transmission over the internet is 100% secure.

11. Children's Privacy

Our service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via a prominent notice on our platform. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries or to exercise your rights: