1. Introduction and Scope
RankLabs.ai (the "Laboratory") is committed to protecting the data veracity and privacy of our clients and their end users. This policy outlines how we handle data during our AEO auditing, mirroring, and node injection processes. We act primarily as a Data Processor for the ecommerce store data we ingest and harden.
2. Information We Collect
To perform our technical AEO protocols, we collect the following categories of data:
Public Product Data
We use automated scrapers to extract factual product details, including pricing, availability, and descriptions from your public-facing store.
Client Account Information
Names, business email addresses, and billing details are collected for administrative and laboratory access purposes.
Technical Log Data
We collect IP addresses, request headers, and ingestion rates from the AI agents and scrapers that interact with our mirrored proxy infrastructure.
Customer Transaction Signals
In certain "Transaction-Ready" tiers, we may process non-identifiable purchase signals to verify that AI agents are successfully facilitating sales.
3. Global Compliance Standards
A. General Data Protection Regulation (GDPR) - Europe
For users and clients located in the European Economic Area (EEA), we process data under the following legal bases:
Contractual Necessity
To provide the AEO hardening and mirroring services requested by the client.
Legitimate Interests
To ensure the security and technical speed of our laboratory infrastructure and to prevent bot-driven "noise".
Data Transfers
Any personal data transferred outside the EEA is protected by Standard Contractual Clauses (SCCs) to ensure an equivalent level of protection.
B. US State Privacy Laws (CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA)
We comply with the comprehensive privacy laws of California, Virginia, Colorado, Connecticut, Utah, and other applicable states. These standards mirror the high-veracity data integrity protocols developed through our collective engineering experience.
Right to Know and Access
You have the right to request a report on the categories of data we have collected about your store or account.
Right to Correct
You have the right to request that we correct any inaccurate personal information maintained within your laboratory metadata or account records.
Right to Delete
You may request the deletion of your laboratory metadata and the disabling of your mirrored proxy nodes at any time.
Right to Data Portability
You have the right to receive your data in a structured, machine-readable, and readily usable format to facilitate the transfer of veracity standards to other systems.
Opt-Out of Profiling and Advertising
You have the right to opt-out of the processing of your data for targeted advertising or profiling. RankLabs does not engage in cross-contextual behavioral advertising as part of the AEO protocol.
No Sale of Data
RankLabs does not "sell" or "share" personal or client data for cross-contextual behavioral advertising as defined by these state laws. We share data only with service providers necessary to fulfill the Zero-Dev infrastructure requirements.
Children's Privacy
We do not knowingly collect personal information from children under the age of 13. Furthermore, we have no actual knowledge of "selling" or "sharing" the personal information of consumers between the ages of 13 and 16.
Sensitive Data
We do not collect or process sensitive personal information, such as health data or precise geolocation, within our engineering archive.
Non-Discrimination
We will not discriminate against you for exercising your privacy rights. Choosing to exercise these rights will not result in changes to your service tier, quality of data hardening, or pricing structure.
4. How We Use and Share Data
AI Agent Accessibility
We intentionally make your hardened product data accessible to third-party AI search bots (e.g., ChatGPT, Perplexity) to ensure your store is "Transaction-Ready".
Technical Infrastructure
We share non-identifiable technical data with our hosting and security providers to maintain low-latency delivery.
Compliance and Safety
We may disclose information if required by law or to protect the technical integrity of our laboratory against malicious attacks.
5. Data Veracity and Retention
Accuracy
We perform regular audits to ensure our mirrored data matches your source store information.
Retention
We retain mirrored HTML and metadata only as long as your subscription is active. Upon termination, laboratory nodes and associated caches are purged within 48 hours.
6. Security Measures
As an engineering-first firm, we utilize industry-standard encryption (TLS 1.3) for all data in transit. Our proxy infrastructure is hardened against unauthorized injection, ensuring your semantic nodes remain "Transaction-Ready" and free from third-party tampering.
7. Contact the Lab
For privacy-related inquiries or to exercise your data rights under GDPR or US state laws, please contact our Data Protection Officer at privacy@ranklabs.ai.