RankCredits — SEO Analysis Platform
Last updated: February 20, 2026
The data controller within the meaning of the General Data Protection Regulation (GDPR) is:
N. Merttuerk
Sonnenblumenstr. 16, 16348 Wandlitz
Email: support@rankcredits.com
Website: https://rankcredits.com
We only process personal data to the extent necessary for providing a functional website and our content and services.
We process personal data in accordance with the GDPR based on: consent (Art. 6(1)(a)), performance of a contract (Art. 6(1)(b)), legal obligation (Art. 6(1)(c)), and legitimate interests (Art. 6(1)(f)).
We implement appropriate technical and organizational measures including SSL/TLS encryption, encrypted password storage, and regular security reviews.
Purpose: Execution of the requested SEO analyses. Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
RC Score, Local Radar, Domain X-Ray, GSC Deep Scan results are stored as long as the user account exists.
For SEO analyses, we use data from DataForSEO. DataForSEO does not process any personal data of our users.
For the "GSC Deep Scan" feature, our platform accesses user data via the Google Search Console API. This only occurs after the user has explicitly granted consent through Google's OAuth 2.0 authorization process.
Data accessed:
Use: The data is used exclusively to generate the GSC Deep Scan analysis requested by the user. The data is not used for any other purposes, including advertising, profiling, or sharing with third parties.
Storage: Retrieved Google user data is processed temporarily for the duration of the analysis. The generated analysis results (aggregated reports) are stored in the user account for as long as the account exists.
Sharing: Google user data is not shared with, sold to, or used by third parties for any purpose other than the described analysis.
Revocation: Users can revoke access to their Google Search Console data at any time at: https://myaccount.google.com/permissions.
Legal basis: Consent (Art. 6(1)(a) GDPR)
RankCredits' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
During registration, we collect: email address, password (stored encrypted), time of registration, and IP address for security purposes.
For payment processing, we use Stripe. Stripe processes payment data directly under its own privacy policy.
When contacting us, we process your email address, message content, and timestamp for responding to your inquiry.
The website is hosted by Vercel Inc. Server log files are automatically deleted after 7 days. User data is stored with Supabase in the EU (Frankfurt, Germany).
We only use technically necessary cookies for authentication (Supabase). We do NOT use tracking, analytics, or marketing cookies.
We use Sentry for error detection. No personal data is transmitted to Sentry.
You have the right to: access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), withdrawal of consent (Art. 7(3)), and complaint to a supervisory authority (Art. 77).
User account data is deleted 60 days after account closure. Server log files after 7 days. Billing data is retained for 10 years per statutory requirements.
We reserve the right to amend this privacy policy. The current version is always available at rankcredits.com/privacy.