Effective Date: January 2, 2026
Last Updated: January 2, 2026
1. Introduction
Ranksper (“we,” “us,” “our,” or “Company”) operates a Software-as-a-Service (SaaS) platform and provides branding and marketing services to businesses worldwide. This Privacy Policy describes how we collect, use, disclose, store, and protect personal information when you access our website, use our services, or interact with our platform.
We are committed to protecting your privacy and maintaining transparency about our data practices. This policy complies with applicable data protection regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other jurisdiction privacy laws.
Business Information:
- Legal Name: Ranksper
- Owner: Rishi Patel
- Principal Office: Gujarat, India
- Data Hosting Location: United States of America
- Privacy Contact: [email protected]
2. Information We Collect
2.1 Information You Provide Directly
We collect personal information you voluntarily provide when you:
- Account Registration: Full name, email address, phone number, company name, job title, billing address, payment information
- Service Usage: Project details, campaign specifications, marketing preferences, content uploads, brand assets, creative materials
- Communications: Messages sent through contact forms, support tickets, chat interactions, email correspondence, feedback submissions
- Payment Information: Credit card details, billing address, transaction history (processed securely through third-party payment processors)
- Marketing Preferences: Newsletter subscriptions, communication preferences, event registrations
2.2 Information Collected Automatically
When you access our platform, we automatically collect:
- Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
- Usage Data: Pages visited, features used, time spent on platform, click patterns, navigation paths, search queries
- Location Data: General geographic location based on IP address (city/region level)
- Technical Data: Log files, error reports, performance metrics, API calls, system diagnostics
- Cookies and Tracking Technologies: Session identifiers, preference settings, analytics data (detailed in Section 9)
2.3 Information from Third-Party Sources
We may receive information about you from:
- Business Partners: Lead generation services, co-marketing partners, referral sources
- Public Databases: Business directories, social media platforms (when you connect your accounts), professional networks
- Third-Party Integrations: Data from platforms you connect to our services (e.g., CRM systems, advertising platforms, analytics tools)
- Data Enrichment Services: Professional information to enhance service delivery
3. How We Use Your Information
We process your personal information for the following purposes:
3.1 Service Delivery and Performance
- Providing access to our SaaS platform and marketing services
- Processing transactions and managing subscriptions
- Delivering requested features and functionalities
- Providing customer support and technical assistance
- Sending service related notifications and updates
3.2 Platform Improvement and Optimization
- Analyzing usage patterns to improve user experience
- Developing new features and services
- Conducting research and analytics
- Testing platform performance and security
- Troubleshooting technical issues
3.3 Marketing and Communications
- Sending promotional materials about our services (with your consent)
- Delivering personalized marketing campaigns
- Conducting market research and surveys
- Sharing industry insights and educational content
- Processing referral program participation
3.4 Legal and Security Purposes
- Complying with legal obligations and regulations
- Enforcing our Terms of Service and other agreements
- Detecting and preventing fraud, abuse, and security threats
- Protecting our rights, property, and safety
- Responding to lawful requests from authorities
3.5 Business Operations
- Managing vendor and partner relationships
- Processing payments and maintaining financial records
- Conducting internal audits and quality assurance
- Facilitating business transfers or acquisitions
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:
- Contractual Necessity: Processing required to perform our contract with you and deliver requested services
- Legitimate Interests: Processing necessary for our legitimate business interests, including platform improvement, fraud prevention, and direct marketing (where not overridden by your rights)
- Consent: Processing based on your explicit, freely given consent (which you may withdraw at any time)
- Legal Obligation: Processing required to comply with applicable laws and regulations
- Vital Interests: Processing necessary to protect your vital interests or those of another person
5. Information Sharing and Disclosure
We do not sell your personal information. We share your information only in the following circumstances:
5.1 Service Providers and Processors
We engage trusted third-party service providers who process data on our behalf under strict contractual obligations:
- Cloud Hosting: Data storage and infrastructure providers (servers located in USA)
- Payment Processors: Secure payment gateway services for transaction processing
- Analytics Providers: Tools for platform analytics and performance monitoring
- Communication Services: Email delivery, SMS messaging, customer support platforms
- Marketing Tools: CRM systems, marketing automation, advertising platforms
- Security Services: Threat detection, DDoS protection, security monitoring
All service providers are contractually required to maintain confidentiality and implement appropriate security measures.
5.2 Business Transfers
If Ranksper undergoes a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity, subject to this Privacy Policy.
5.3 Legal Requirements
We may disclose your information when required by law, regulation, legal process, or governmental request, including:
- Responding to subpoenas, court orders, or legal proceedings
- Enforcing our agreements and policies
- Protecting our rights, property, or safety
- Preventing fraud or illegal activities
- Complying with national security or law enforcement requirements
5.4 With Your Consent
We may share your information for purposes not described in this policy with your explicit consent.
6. Data Retention
We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy:
- Active Accounts: Information retained for the duration of your active subscription or service relationship
- Transaction Records: Financial and billing data retained for 7 years to comply with tax and accounting regulations
- Marketing Data: Communication preferences and engagement data retained until you unsubscribe or request deletion
- Legal Requirements: Data retained as required by applicable laws (e.g., audit trails, compliance records)
- Deleted Accounts: Personal data deleted within 90 days of account closure, except where retention is legally required
Upon expiration of retention periods, we securely delete or anonymize your personal information using industry standard methods.
7. Your Privacy Rights
7.1 Rights Under GDPR (EEA, UK, Switzerland)
If you are located in the EEA, UK, or Switzerland, you have the following rights:
- Right to Access: Request confirmation of whether we process your personal data and obtain a copy
- Right to Rectification: Request correction of inaccurate or incomplete personal data
- Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain circumstances
- Right to Restriction: Request limitation of processing in specific situations
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
- Right to Withdraw Consent: Withdraw previously given consent at any time
- Right to Lodge a Complaint: File a complaint with your local data protection authority
7.2 Rights Under CCPA (California Residents)
California residents have the following rights:
- Right to Know: Request disclosure of personal information collected, used, shared, or sold
- Right to Delete: Request deletion of personal information we hold about you
- Right to Opt Out: Opt out of the sale or sharing of personal information (Note: We do not sell personal information)
- Right to Non-Discrimination: Exercise privacy rights without discriminatory treatment
- Right to Correct: Request correction of inaccurate personal information
- Right to Limit Use of Sensitive Personal Information: Limit use of sensitive personal data
7.3 Exercising Your Rights
To exercise any of these rights, contact us at [email protected] with the subject line “Privacy Rights Request”. We will respond within:
- GDPR Requests: 30 days (may be extended by 60 days for complex requests)
- CCPA Requests: 45 days (may be extended by 45 days with notice)
We may require verification of your identity before processing requests to protect your privacy and security.
8. Data Security
We implement comprehensive security measures to protect your personal information:
8.1 Technical Safeguards
- Encryption: Industry-standard SSL/TLS encryption for data transmission; AES-256 encryption for data at rest
- Access Controls: Multifactor authentication, role-based access controls, and least privilege principles
- Network Security: Firewalls, intrusion detection/prevention systems, DDoS protection
- Secure Development: Regular security audits, penetration testing, vulnerability assessments
- Data Segregation: Logical separation of customer data in multi-tenant environments
8.2 Organizational Measures
- Employee Training: Regular privacy and security training for all personnel
- Confidentiality Agreements: Contractual obligations for employees and contractors
- Incident Response: Established procedures for identifying and responding to security breaches
- Vendor Management: Security assessments and contractual protections for third-party processors
- Privacy by Design: Integrating data protection into system architecture and development
8.3 Data Breach Notification
In the event of a security breach affecting your personal information, we will notify you and relevant authorities as required by applicable laws (within 72 hours for GDPR regulated data).
9. Cookies and Tracking Technologies
9.1 Types of Cookies We Use
Our platform uses cookies and similar technologies:
- Essential Cookies (Required)
- Session management and authentication
- Security and fraud prevention
- Load balancing and performance
- No consent required for operation
Functional Cookies
- User preference storage
- Language settings
- Display customization
- Duration: Up to 12 months
Analytics Cookies
- Usage statistics and platform analytics
- Performance monitoring
- User behavior analysis
- Duration: Up to 24 months
Marketing Cookies
- Personalized advertising
- Campaign effectiveness measurement
- Retargeting capabilities
- Duration: Up to 13 months
9.2 Managing Cookie Preferences
You can control cookies through:
- Our cookie preference center (accessible at login)
- Browser settings (blocking or deleting cookies)
- Opt-out mechanisms provided by analytics providers
- Industry opt-out platforms (e.g., Digital Advertising Alliance)
Disabling essential cookies may affect platform functionality and limit your ability to use certain features.
10. International Data Transfers
As our data hosting infrastructure is located in the United States, your personal information may be transferred to and processed in the USA, which may have different data protection laws than your jurisdiction.
10.1 Transfer Safeguards
For transfers from the EEA, UK, or Switzerland, we implement appropriate safeguards:
- Standard Contractual Clauses: EU approved model contracts with our service providers
- Adequate Protection: Additional security measures to ensure GDPR-level protection
- Data Processing Agreements: Contractual obligations for all data processors
10.2 Your Consent
By using our services, you acknowledge and consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.
11. Children’s Privacy
Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete such information promptly. Parents or guardians who believe we have collected information from a child should contact us immediately at [email protected].
12. Third-Party Links and Services
Our platform may contain links to third-party websites, applications, or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.
When you integrate third-party services with our platform (e.g., social media accounts, advertising platforms), those services may collect information according to their own privacy policies.
13. Marketing Communications
13.1 Opt-In and Consent
We will only send you marketing communications if you have provided consent or where permitted by law. Marketing communications include newsletters, promotional offers, service updates, and educational content.
13.2 Unsubscribe Options
You may opt out of marketing communications at any time by:
- Clicking “Unsubscribe” in any marketing email
- Updating preferences in your account settings
- Contacting [email protected]
- Responding “STOP” to SMS messages
You will continue to receive transactional and service related communications necessary for your use of our platform.
14. Do Not Track Signals
Some browsers transmit “Do Not Track” (DNT) signals. Currently, there is no industry consensus on how to respond to DNT signals. Our platform does not currently respond to DNT signals, but you can manage tracking through our cookie preference center and browser settings.
15. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:
- Update “Last Updated” date at the top of this policy
- Notify you via email or prominent notice on our platform
- Request renewed consent where required by law
- Provide a 30-day notice period before changes take effect
We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.
16. Data Protection Officer
For GDPR related inquiries, you may contact our designated privacy team who oversees data protection compliance:
Email: [email protected]
Subject Line: “Attention: Data Protection Officer”
17. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Principal Office: Gujarat, India
- Email: [email protected]
Response Time: We aim to respond to all privacy inquiries within 5 business days.
18. Governing Law and Jurisdiction
This Privacy Policy is governed by the laws of India. For users in the EEA, UK, or California, applicable local data protection laws will also apply and take precedence where they provide greater protection.
Any disputes arising from this Privacy Policy will be subject to the exclusive jurisdiction of the courts in Gujarat, India, except where local laws mandate otherwise.
By using Ranksper’s services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.