RankLovable ("we", "us", "our") respects your privacy. This policy explains what data we collect, why, and what rights you have under the UK GDPR and the Data Protection Act 2018.
1. Who we are
RankLovable is operated by Rerakt Digital. The data controller is Vicki at Rerakt Digital, contactable at vicki@reraktdigital.com.
2. What we collect
- Account & contact data: name, email, and the website URL you submit.
- Audit data: the URL you ask us to audit, and the publicly available technical results we produce (meta tags, SSR status, indexing signals).
- Monitoring data: for paid Monitor customers, the URL being monitored, check results, and timestamps.
- Communications: the content of emails or messages you send us.
- Usage data: standard server logs (IP, user agent, timestamps) used for security and abuse prevention.
3. Why we use it (lawful basis)
- To deliver the service you requested (contract).
- To send transactional emails — audit results, monitor alerts, account notices (contract).
- To improve the product and prevent abuse (legitimate interests).
- To comply with legal obligations (e.g. tax, fraud prevention).
We do not send marketing emails without your explicit opt-in.
4. Sharing & processors
We share data only with the processors needed to run the service:
- Lovable Cloud / Supabase — database and authentication.
- Lovable Email infrastructure — sending transactional emails.
- Stripe — payment processing for paid plans (we never see your full card details).
- Cloudflare — DNS, edge delivery and security.
We do not sell your personal data, ever.
5. International transfers
Some processors may store data outside the UK/EEA. Where this happens we rely on standard contractual clauses or equivalent safeguards.
6. Retention
- Audit results: kept while your account is active, then deleted within 12 months of inactivity.
- Monitor data: kept while your subscription is active, deleted within 90 days of cancellation.
- Billing records: kept for 7 years to satisfy UK tax law.
7. Your rights
You have the right to access, correct, delete, restrict or port your personal data, and to object to processing. Email vicki@reraktdigital.com and we'll respond within 30 days. You can also complain to the ICO at ico.org.uk.
8. Security
Data is encrypted in transit (TLS) and at rest. Access is restricted to authorised personnel only. We'll notify you and the ICO of any breach affecting your data within 72 hours of becoming aware.
9. Changes
We'll update this page if our practices change and revise the "last updated" date.