Privacy Policy for Rankforce / Analyzer for Google™ AI Overviews

Effective Date: November 3rd, 2025

1. Introduction

Welcome to Rankforce ("we," "us," "our"), the provider of the Analyzer for Google™ AI Overviews Chrome extension and related web services (collectively, the "Service"). Your privacy is of the utmost importance to us. This Privacy Policy outlines how we collect, use, disclose, secure, and otherwise process your personal data when you use our website, our Chrome extension, and any associated services.

This policy is designed to comply with the EU's General Data Protection Regulation (GDPR).

Data Controller: For the purposes of the GDPR, the data controller is: Hagen Hoferichter, operating as Rankforce.tech Reuterstr. 1, 12053 Berlin, Germany hagen@Rankforce.tech

2. Information We Collect

To provide our Service, we collect several types of information.

A. Information Collected via our Chrome Extension (with your explicit permission):

Search Query Data: When you perform a search on Google and our extension is active, the extension reads the search query (for example, the q parameter in the URL) and sends this query to our servers. This is essential for the Service to analyze and generate expanded "fan-out" queries and related insights for Answer Engine Optimization (AEO) and Generative Engine Optimization (GEO).
Anonymous Instance Identifier: To distinguish between different browser installations and to understand aggregated usage over time, the extension may generate and store a random, pseudonymous instance identifier in your browser's local storage. This identifier is transmitted to our servers together with your search queries. We do not use this identifier to attempt to directly identify you as a natural person.
On-Page Processing: The extension may analyze certain elements of the search results page (for example, headings or AI Overview sections) locally in your browser to determine where and how to display its UI. Unless explicitly stated otherwise in this Privacy Policy, we do not transmit the full page contents or your Google account data to our servers.

B. Information You Provide to Us:

Contact Information: If you contact us directly (for example via email), we may receive and process your name, email address, and any other information you choose to provide in your message.
Payment Information (if you purchase a paid plan): If we offer paid plans or subscriptions, payments will be processed by a third-party payment provider such as Stripe. When you subscribe, you will provide payment information (like credit card details) directly to this provider. We do not store your full credit card number on our servers; we may only store limited information such as a reference token and the last four digits of your card for verification and accounting purposes.

C. Usage Data and Analytics:

Service Usage Data: We may collect information about how you interact with the Service, such as timestamps of requests, error logs, performance metrics, and aggregated statistics about which features are used.
Analytics Data: We use privacy-focused analytics tools (such as Vercel Analytics) to collect data about how you interact with our website and, where applicable, our Service (e.g., pages visited, browser type, approximate region). This helps us understand user behavior, improve the user experience, and optimize our Service.

3. How We Use Your Information (Purpose and Legal Basis for Processing)

Our use of your personal data is strictly for the purposes of providing and improving the Service you have requested.

To Provide the Core Service (Legal Basis: Art. 6(1)(b) GDPR - Performance of a Contract):
- Analyzing Search Queries and AI Overviews: The primary purpose of our Service is to analyze your search queries and certain AI-generated search result features (such as Google's "AI Overviews") in order to generate expanded queries, metrics, and insights that help you understand and optimize for answer engines and generative search. We use the search queries and anonymous instance identifier described above strictly to provide these insights back to you.
- Account Management & Payments (if applicable): If we offer user accounts or paid subscriptions, we will use your contact and payment information to manage your subscription, process payments, and provide customer support.
To Improve Our Service (Legal Basis: Art. 6(1)(f) GDPR - Legitimate Interests):
- We analyze usage and analytics data to identify bugs, understand feature popularity, and develop new functionalities that serve our users' needs.
To Ensure Security (Legal Basis: Art. 6(1)(f) GDPR - Legitimate Interests):
- We use browser fingerprint data and monitor activity to prevent fraud, secure your account, and ensure the integrity of our platform.

We do not sell your personal data. To provide our Service, we share data with trusted third-party service providers (sub-processors) who are contractually obligated to protect your data.

Hosting and Infrastructure:
- Vercel: Hosts our front-end application and serverless backend endpoints through which the Service is provided.
- Google Cloud / Google AI Services: Provides backend infrastructure and AI/ML models (for example, through the Google Gemini API or Vertex AI) that we use to analyze search queries and generate expanded queries and insights.
Payment Processing (if applicable):
- Stripe (or a comparable provider): May securely handle payment processing for subscriptions or paid plans, if and when such offerings are made available.
Analytics:
- Vercel Analytics (and similar privacy-focused analytics tools): Provides insights into how our website and Service are used.

International Data Transfers: Many of our sub-processors (including Google, Vercel, Clerk, Neon, Modal, and Stripe) are based in the United States. The transfer of your personal data to the US is secured through appropriate legal mechanisms, such as the EU-U.S. Data Privacy Framework and/or the European Commission's Standard Contractual Clauses (SCCs), which ensure your data is protected to a standard equivalent to that of the GDPR.

5. Data Security

We implement robust technical and organizational security measures to protect your personal data.

Encryption: Your data, including the highly sensitive LinkedIn authentication cookie, is encrypted both in transit (using TLS/SSL) and at rest in our database.
Access Control: Access to personal data is strictly limited to authorized personnel who require it to perform their job functions.
Third-Party Security: We select our sub-processors based on their commitment to security and data protection.

Despite these measures, no method of transmission over the Internet or method of electronic storage is 100% secure.

6. Data Retention

We retain your personal data only for as long as necessary to provide you with our Service and as required by law. If you delete your account, we will take steps to delete your personal data from our active systems within a reasonable timeframe, subject to any legal obligations to retain certain information (e.g., for financial records).

As a resident of the European Economic Area (EEA), you have the right to:

Access, rectify, or erase your personal data.
Restrict or object to the processing of your data.
Data portability (receive your data in a structured, machine-readable format).
Withdraw consent at any time, where consent is the legal basis for processing.
Lodge a complaint with a supervisory authority.

To exercise these rights, please contact us at hagen@Rankforce.tech.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Effective Date." We recommend you review this policy periodically.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

By email: hagen@Rankforce.tech
By mail: Hagen Hoferichter, Reuterstr. 1, 12053 Berlin