Privacy Policy

Last updated: January 22, 2026

1. Introduction

This Privacy Policy explains how WK Operations Ltd ("WK Operations", "we", "us", or "our") collects, uses, discloses and protects personal data when you use Rankzon, our SEO intelligence and keyword research platform, including our websites, dashboards, and related services (collectively, the "Service").

WK Operations Ltd is a company registered in Malta with the following details:

  • Company name: WK Operations Ltd
  • Registration number: C 97833
  • Registered address: ADD Malta, Level 2, Hardrocks Business Park, Burmarrad Road, Naxxar NXR6345, Malta

We act as a "data controller" for personal data we collect and process in connection with the Service, as defined by applicable data protection laws, including the EU General Data Protection Regulation (GDPR) where it applies.

For data protection inquiries, you can contact us at: [email protected]

2. Personal Data We Collect

We may collect and process the following categories of personal data about you:

  • Account and contact information: such as your name, email address, password (hashed), company name, billing details, and authentication identifiers.
  • Usage and log data: such as IP address, browser type, device information, timestamps, interactions with our platform, and feature usage patterns.
  • Payment and billing data: limited payment information required to process your transactions (for example, billing address and partial card details), which may be handled by third-party payment processors on our behalf.
  • Support and communication data: such as messages you send to us (for example, via email or support channels), feedback, and other information you choose to provide.

Data you submit to the Service is treated as service data and may be logged to operate, secure, and improve the Service. We may aggregate and anonymize this data to enhance our platform and intelligence. You should ensure that you do not include unnecessary personal data in your use of the Service.

3. How We Use Personal Data

We use personal data for the following purposes, based on the legal bases indicated:

  • To provide and operate the Service (performance of a contract), including authenticating users, processing your requests, generating analytics and insights, managing your account, and providing customer support.
  • To maintain security and prevent abuse (legitimate interests and legal obligations), including monitoring usage, detecting fraudulent or abusive behavior, and enforcing our Terms of Service.
  • To process payments and manage billing (performance of a contract and legal obligations), including charging fees, issuing invoices, and handling accounting and tax requirements.
  • To improve and develop the Service (legitimate interests), including analyzing usage patterns, enhancing our data and intelligence, and developing new features and capabilities. Our legitimate interest is to provide a better service to all users while respecting your privacy rights.
  • To communicate with you (performance of a contract and legitimate interests), including sending important notices about your account, service changes, and security alerts.
  • To send marketing communications (consent or legitimate interests), such as product updates, offers and newsletters. You can opt out of marketing communications at any time by clicking the unsubscribe link in any email or by contacting us.
  • To comply with legal obligations, including record-keeping, responding to lawful requests from public authorities, and complying with applicable laws and regulations.

4. Cookies and Similar Technologies

We may use cookies and similar tracking technologies on our websites and dashboards to:

  • Remember your preferences and settings.
  • Authenticate sessions and protect against fraudulent activity.
  • Analyze usage statistics to understand how the Service is used and to improve it.

Where required by law, we will obtain your consent before using non-essential cookies. You can manage your cookie preferences through your browser settings.

5. How We Share Personal Data

We do not sell your personal data. We may share personal data with the following categories of recipients:

  • Service providers and processors: third parties that provide infrastructure, hosting, logging, analytics, payment processing, and other services.
  • Professional advisers: such as lawyers, accountants and auditors, where necessary for legal compliance.
  • Authorities and law enforcement: where required by law, regulation, or legal process.
  • Business transfers: in connection with any merger, acquisition, or sale of assets involving WK Operations Ltd.

6. International Transfers

The Service may involve the transfer of personal data to countries outside of the European Economic Area (EEA), including to service providers located in countries that may not offer the same level of data protection as your home country.

Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Transfers to countries with an adequacy decision from the European Commission
  • Other legally approved transfer mechanisms under GDPR

You may request more information about the safeguards we use for international transfers by contacting us at [email protected].

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to provide the Service, comply with legal requirements, resolve disputes, and enforce our agreements.

Typical retention periods include:

  • Account data: retained while your account is active and for up to 90 days after account deletion
  • Usage logs: retained for up to 12 months for security, debugging, and analytics purposes
  • Billing and payment records: retained for up to 7 years to comply with tax and accounting obligations
  • Marketing communications: retained until you opt out or withdraw consent

When personal data is no longer required, we will securely delete it or anonymize it.

8. Security

We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures include encryption, access controls, logging, and regular security reviews.

However, no method of transmission over the internet is completely secure. You are responsible for maintaining the security of your account credentials and API keys.

9. Your Rights

Depending on your location and applicable law (for example, under the GDPR), you may have the following rights:

  • Right of access: to obtain confirmation of whether we process your personal data and to receive a copy.
  • Right to rectification: to request correction of inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of personal data in certain circumstances.
  • Right to restriction: to request restriction of processing in certain circumstances.
  • Right to data portability: to receive personal data you provided to us in a structured format.
  • Right to object: to object to processing based on our legitimate interests.
  • Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, or inform you if we need additional time (up to two additional months for complex requests).

You also have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement occurred. For Malta, the relevant authority is the Office of the Information and Data Protection Commissioner (IDPC).

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Any automated processing we perform (such as usage analytics) is used solely to improve the Service and does not result in decisions that affect your rights.

11. Children's Privacy

The Service is not intended for use by children under the age of 16 (or the applicable age of digital consent in your jurisdiction), and we do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us at [email protected] and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email or through a prominent notice on the Service before the changes take effect.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of any revised Privacy Policy constitutes your acceptance of the updated Policy.

13. Contact

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, you may contact WK Operations Ltd at:

WK Operations Ltd
Data Protection Inquiries
ADD Malta, Level 2, Hardrocks Business Park, Burmarrad Road
Naxxar NXR6345
Malta

Email: [email protected]

This Privacy Policy is provided for informational purposes only and does not constitute legal advice.

Questions? Contact us at [email protected]

Terms of Service Back to Home