Privacy Policy

1. Introduction

This Privacy Policy explains how WK Operations Ltd ("WK Operations", "we", "us", or "our") collects, uses, discloses and protects personal data when you use the Rankzon real-time Google SERP API, our websites, dashboards, and related services (collectively, the "Service").

WK Operations Ltd is a company registered in Malta with the following details:

• Company name: WK Operations Ltd
• Registration number: C 97833
• Registered address: ADD Malta, Level 2, Hardrocks Business Park, Burmarrad Road, Naxxar NXR6345, Malta

We act as a "data controller" for personal data we collect and process in connection with the Service, as defined by applicable data protection laws, including the EU General Data Protection Regulation (GDPR) where it applies.

2. Personal Data We Collect

We may collect and process the following categories of personal data about you:

• Account and contact information: such as your name, email address, password (hashed), company name, billing details, and authentication identifiers.
• Usage and log data: such as IP address, browser type, device information, timestamps, API requests, response metadata, error logs, and interactions with our dashboards and documentation.
• Payment and billing data: limited payment information required to process your transactions (for example, billing address and partial card details), which may be handled by third-party payment processors on our behalf. We also process payment and usage information as necessary to assess eligibility for and process refunds in accordance with our Refund Policy.
• Support and communication data: such as messages you send to us (for example, via email or support channels), feedback, and other information you choose to provide.

In general, search queries and parameters that you send to the API are treated as service data and are logged and processed to operate, secure, and improve the Service. You should ensure that you do not include unnecessary personal data in your API requests.

3. How We Use Personal Data

We use personal data for the following purposes, based on the legal bases indicated:

• To provide and operate the Service (performance of a contract), including authenticating users, processing API requests, managing your account, and providing customer support.
• To maintain security and prevent abuse (legitimate interests and legal obligations), including monitoring usage, detecting fraudulent or abusive behavior, protecting against misuse of API keys, and enforcing our Terms of Service.
• To process payments and manage billing (performance of a contract and legal obligations), including charging fees, issuing invoices, and handling accounting and tax requirements.
• To improve and develop the Service (legitimate interests), including analyzing usage patterns, troubleshooting performance, and improving features, reliability and user experience.
• To communicate with you (performance of a contract and legitimate interests), including sending important notices about your account, service changes, security alerts, and responses to your inquiries.
• To send marketing communications (consent or legitimate interests, as required by law), such as product updates, offers and newsletters. You can opt out of marketing communications at any time.
• To comply with legal obligations, including record-keeping, responding to lawful requests from public authorities, and complying with applicable laws and regulations.

4. Cookies and Similar Technologies

We may use cookies and similar tracking technologies (such as pixels or local storage) on our websites and dashboards to:

• Remember your preferences and settings.
• Authenticate sessions and protect against fraudulent activity.
• Analyze usage statistics to understand how the Service is used and to improve it.

Where required by law, we will obtain your consent before using non-essential cookies or similar technologies. You can manage your cookie preferences through your browser settings, but disabling certain cookies may affect the functionality of the Service.

5. How We Share Personal Data

We do not sell your personal data. We may share personal data with the following categories of recipients, only to the extent necessary for the purposes described in this Policy:

• Service providers and processors: third parties that provide infrastructure, hosting, logging, analytics, payment processing, email delivery, customer support tools and other services that help us operate the Service.
• Professional advisers: such as lawyers, accountants and auditors, where necessary to obtain professional advice or legal compliance.
• Authorities and law enforcement: where required by law, regulation, legal process, or to protect our rights, users, or the public.
• Business transfers: in connection with any merger, acquisition, sale of assets, financing, or similar transaction involving WK Operations Ltd, provided that appropriate safeguards are in place.

Where we engage third parties to process personal data on our behalf, we do so under written agreements that require them to implement appropriate technical and organizational measures and to process personal data only in accordance with our instructions and applicable law.

6. International Transfers

The Service may involve the transfer of personal data to countries outside of the European Economic Area (EEA) or your country of residence, including to service providers and infrastructure in other jurisdictions.

Where such transfers occur and the destination country does not provide an adequate level of data protection, we will implement appropriate safeguards as required by applicable law, such as standard contractual clauses approved by the European Commission or equivalent mechanisms, to protect your personal data.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to provide the Service, comply with legal, accounting or reporting requirements, resolve disputes, and enforce our agreements.

Usage logs and API request data may be retained for a limited period for security, debugging, analytics and billing purposes. When personal data is no longer required, we will delete it or anonymize it in accordance with our data retention policies and applicable law.

8. Security

We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures may include encryption, access controls, logging, and regular security reviews.

However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials and API keys and for promptly notifying us of any suspected compromise.

9. Your Rights

Depending on your location and applicable law (for example, under the GDPR), you may have some or all of the following rights in relation to your personal data:

• Right of access: to obtain confirmation of whether we process your personal data and to receive a copy.
• Right to rectification: to request correction of inaccurate or incomplete personal data.
• Right to erasure: to request deletion of personal data in certain circumstances.
• Right to restriction: to request restriction of processing in certain circumstances.
• Right to data portability: to receive personal data you provided to us in a structured, commonly used format and to transmit it to another controller where technically feasible.
• Right to object: to object to processing based on our legitimate interests, and to object to direct marketing at any time.
• Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

10. Children’s Privacy

The Service is not intended for use by children under the age of 18, and we do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us and we will take appropriate steps to delete such data where required by law.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do so, we will update the "Last updated" date at the top of this page and, where appropriate, provide additional notice (for example, via the dashboard or by email).

Your continued use of the Service after the effective date of any revised Privacy Policy constitutes your acceptance of the updated Policy. If you do not agree with the changes, you should stop using the Service.

12. Contact

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, you may contact WK Operations Ltd at:

WK Operations Ltd
ADD Malta, Level 2, Hardrocks Business Park, Burmarrad Road
Naxxar NXR6345
Malta

This Privacy Policy is provided for informational purposes only and does not constitute legal advice. You should consult your own legal counsel regarding your obligations under applicable data protection laws.