Privacy policy

Last updated: April 2026

This policy describes how Ranqly (“we”, “us”) handles information when you use our websites and software services at ranqly.ai (the “Services”). If you have questions, contact us at privacy@ranqly.ai.

Information we process

We may process:

• Account data — such as name, email, business name, and credentials you provide when you sign up or use the Services.
• Content you submit — posts, media, business details, and other materials you upload or generate through the product.
• Technical data — such as IP address, device and browser type, and logs used for security, debugging, and reliability.
• Usage data — how you interact with the Services, to improve the product and support you.

Social media platform integrations

Ranqly lets you connect third-party social media accounts so we can publish content on your behalf. When you connect a platform, we access only the data and permissions needed to post, and we store an access token and basic profile information (such as account name and profile URL) so the integration works.

• TikTok — When you connect TikTok, we request access to your basic profile information and permission to publish photo and video posts through TikTok's Content Posting API. We store your TikTok open ID, display name, and access/refresh tokens. We do not read, collect, or store your TikTok followers, likes, messages, or any content you did not create through Ranqly. We do not sell, share, or transfer your TikTok data to any third party except as needed to publish your approved content. You can disconnect TikTok at any time from Settings, which revokes our access and deletes your stored tokens.
• Facebook & Instagram — We connect via Meta's OAuth to obtain a Page access token. We store the Page ID, page name, and token. For Instagram, we access the linked Instagram Business Account to publish posts. We do not access your personal Facebook profile, messages, or friends list.
• Google Business Profile — We connect via Google OAuth to access your Business Profile locations for publishing local posts. We store your account ID, location ID, and access/refresh tokens.
• LinkedIn — We connect via LinkedIn OAuth to post on your behalf as a person or organization. We store your member ID or organization ID, profile name, and access/refresh tokens.
• X (Twitter) — We connect via X OAuth 2.0 to publish posts. We store your user ID, username, and access/refresh tokens.

For all platforms: tokens are stored encrypted at rest, transmitted only over HTTPS, and deleted when you disconnect. We never use your social media credentials for any purpose other than publishing content you have approved.

How we use information

We use information to operate and improve the Services, authenticate users, provide support, send service-related messages, comply with law, and protect the security and integrity of our systems.

AI and automation

Features that use artificial intelligence may send portions of your content or instructions to third-party model providers solely to generate outputs you request. We configure services to support your use case; you remain responsible for the accuracy and appropriateness of published content.

Sharing

We do not sell your personal information. We may share data with subprocessors that help us host, deliver, and secure the Services (for example cloud hosting, email, analytics, or AI providers), subject to contractual protections. We may disclose information if required by law or to protect rights and safety.

Data retention

We retain different categories of data for different periods:

• User account data — retained while your account is active, plus 30 days after a deletion request (grace period).
• Activity logs — retained for 12 months, then automatically purged.
• Social media posts — retained while your account is active.
• Media uploads — retained while your account is active; soft-deleted items are permanently purged after 21 days.
• Lead data — retained while your account is active.
• Billing records — retained for 7 years for tax compliance.
• Server logs — retained for 90 days.

Your rights (GDPR/CCPA)

Depending on your location, you have the following rights regarding your personal data:

• Right to access — export your data at any time via Settings > Export Data.
• Right to deletion — request account deletion via Settings > Delete Account (30-day grace period during which you can cancel).
• Right to rectification — update your profile information at any time through your account settings.
• Right to data portability — your data export is provided in machine-readable JSON format.
• Right to object — contact privacy@ranqly.ai to object to specific processing activities.
• California residents (CCPA) — you may request disclosure of data collected, sold, or shared. We do not sell personal information.

Cookies & tracking

We use the following cookies and tracking technologies:

• Google Analytics — analytics purposes; opt-out available via cookie consent banner.
• Meta Pixel — marketing attribution; opt-out available via cookie consent banner.
• Stripe.js — payment processing; essential for service operation.
• Session cookie — authentication; essential for service operation.

We do not use third-party advertising cookies. You can manage your cookie preferences using the consent banner that appears when you first visit the site, or by clicking the button below.

Manage Cookie Preferences

Third-party services

We share data with the following third-party service providers to operate the Services:

• OpenAI — content generation. Data shared: business name, trade type, service areas.
• Stripe — payment processing. Data shared: email, billing information (handled directly by Stripe).
• Twilio — SMS notifications. Data shared: phone numbers.
• SendGrid — email delivery. Data shared: email addresses.
• Ayrshare — social media posting. Data shared: post content, media URLs.
• Google Cloud — infrastructure and storage. Data shared: all application data (encrypted at rest and in transit).
• Runway ML — video generation. Data shared: prompts and generated videos.
• ServiceTitan — CRM integration. Data shared: lead data, job details.

Security

We use reasonable technical and organizational measures to protect information. No method of transmission over the Internet is completely secure.

Changes

We may update this policy from time to time. We will post the revised version on this page and update the “Last updated” date.