Privacy Policy

1. Introduction

RankPulse ("we", "us", or "our") operates the website rankpulse.cloud and the RankPulse traffic administration platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your username, email address, and password (stored as a secure hash — we never store plaintext passwords).

2.2 Third-Party API Credentials

To provide our core functionality, we store OAuth tokens and API credentials for the following integrations on your behalf:

• Google Analytics 4 (GA4) — Measurement ID, Property ID, service account keys
• Google Search Console (GSC) — Service account keys, site URL
• Google Ads — OAuth 2.0 refresh tokens, customer IDs, developer tokens (stored encrypted in our database)
• Meta Ads (Facebook/Instagram) — Access tokens, ad account IDs
• OpenAI — API key for content generation

These credentials are used solely to perform API operations you request through the platform. We do not share them with third parties.

2.3 Usage Data

We may collect non-personal information such as browser type, operating system, pages visited, and time spent on the platform for the purpose of improving our Service.

3. How We Use Your Information

• To provide and maintain the Service, including campaign management, analytics, and reporting
• To communicate API calls to Google Ads, Meta Marketing API, GA4, GSC, and OpenAI on your behalf
• To authenticate your identity and protect your account
• To send you important notices about the Service (e.g., security alerts, maintenance)
• To improve and optimize the platform

4. Data Security

We implement industry-standard security measures to protect your data:

• All traffic is encrypted via SSL/TLS (HTTPS enforced with HSTS)
• Passwords are hashed using Django's PBKDF2 algorithm
• OAuth tokens are stored in our database with restricted access
• CSRF and XSS protections are enabled across the platform
• Server access is limited to key-based SSH authentication

While we strive to protect your information, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

5. Third-Party Services

Our Service integrates with third-party APIs. When you connect your Google Ads, Meta Ads, GA4, GSC, or OpenAI accounts, data is transmitted between our platform and those services in accordance with their respective privacy policies:

• Google Privacy Policy
• Meta Privacy Policy
• OpenAI Privacy Policy

6. Data Retention

We retain your account data and API credentials for as long as your account is active. If you delete your account, all associated data — including OAuth tokens, campaign data cached locally, and analytics reports — will be permanently removed within 30 days.

7. Your Rights (LGPD / GDPR)

Under the Brazilian General Data Protection Law (LGPD) and the European General Data Protection Regulation (GDPR), you have the right to:

• Access — Request a copy of the personal data we hold about you
• Rectification — Request correction of inaccurate data
• Deletion — Request deletion of your personal data
• Portability — Request export of your data in a machine-readable format
• Revoke Consent — Withdraw consent for data processing at any time

To exercise any of these rights, please contact us at contato@rankpulse.cloud.

8. Data Deletion Instructions

To request deletion of all your data from RankPulse:

1. Log in to your RankPulse account
2. Navigate to your account settings
3. Click "Delete Account" and confirm

Alternatively, send an email to contato@rankpulse.cloud with the subject "Data Deletion Request" and we will process your request within 15 business days.

9. Cookies

We use essential cookies to maintain your session and CSRF protection. We do not use tracking cookies or third-party advertising cookies.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

12. Contact

If you have questions about this Privacy Policy, please contact us:

• Email: contato@rankpulse.cloud
• Website: rankpulse.cloud
• Location: Rio de Janeiro, RJ — Brazil