BeeRanked
Try live demo
Legal

Privacy Policy

Last updated: 13 June 2026

This Privacy Policy explains how Beeranked ("Beeranked", "we", "us") collects, uses, shares, and protects personal data when you visit our websites, use the Beeranked Content Studio, or otherwise use our services (together, the "Service"). Beeranked is an online service operated from Belgium. We act as the data controller for the personal data described below. Full legal entity details are available on request at [email protected].

We process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, the "GDPR") and applicable Belgian data protection law.

1. A quick summary

  • We collect the data we need to run your account, bill you, and deliver the Service. Nothing more.
  • We do not use advertising or analytics tracking cookies, and we do not sell personal data.
  • Your dashboard data is hosted in the European Union (Germany).
  • You have full rights over your data, including access, correction, export, and deletion.

2. The data we collect

Depending on how you use the Service, we collect the following categories of personal data.

  • Account data. Your email address and, for password-based accounts, a securely hashed password. Demo accounts are passwordless and hold only an email address.
  • Workspace data. The name of your workspace/company, team memberships and invitations, and any custom domains you connect.
  • Billing data. Your subscription plan and the identifiers assigned to you by our payment processor (a Stripe customer ID and subscription ID). We never receive or store your full card number. Card details are collected and processed directly by Stripe.
  • Content you create. The brands, pages, articles, media uploads, social posts, videos, and other content you produce in the Studio. This content is yours; we process it to provide the Service (see also section 8).
  • Communications. Messages you send us (for example, support requests) and the emails we send you (such as account, billing, and recovery emails).
  • Technical data. Basic information your browser sends when you use the Service, such as IP address, approximate region, and request logs, used to keep the Service secure and working (for example, to rate-limit sign-ups and prevent abuse).

3. Cookies and local storage

We keep this simple: we do not use advertising, marketing, or third-party analytics cookies. Because of that, no cookie consent banner is required. We use only:

  • A strictly necessary session cookie to keep you signed in. It is set as httpOnly and is essential to the Service.
  • First-party functional storage in your browser (localStorage) to remember preferences such as your light/dark theme, your selected brand, your preferred currency, and which onboarding tips you have already seen. This data stays in your browser and is not used for tracking.

4. Why we use your data and our legal bases

Under the GDPR we rely on the following legal bases.

  • Performance of a contract (Art. 6(1)(b)): to create and operate your account, host and serve your content, process subscriptions, and provide support.
  • Legitimate interests (Art. 6(1)(f)): to secure the Service, prevent fraud and abuse, maintain logs, and improve and operate our product. We balance these interests against your rights.
  • Legal obligation (Art. 6(1)(c)): to keep accounting and tax records (for example, VAT-compliant invoices).
  • Consent (Art. 6(1)(a)): where we ask for it (for example, any optional communications). You can withdraw consent at any time.

5. Who we share data with (subprocessors)

We do not sell your personal data. We share it only with the service providers we use to run Beeranked, each bound by a data processing agreement and acting on our instructions:

  • Stripe, for payment processing and billing.
  • Cloudflare, for content delivery, hosting, custom-domain provisioning, and object storage (Cloudflare R2) of published content and media.
  • Resend (and, in future, Amazon Web Services / AWS SES), for sending transactional email.
  • Zoho, for our support and contact mailboxes.
  • Our cloud hosting provider, located in Germany, for the servers that run the dashboard and database.

We may also disclose data where required by law, to enforce our Terms, or to protect the rights, safety, and security of Beeranked, our users, or the public.

6. Where your data is stored and international transfers

Your dashboard data and database are hosted on servers located in Germany, within the European Union. Some of our subprocessors (such as Stripe, Cloudflare, and AWS) may process limited data outside the European Economic Area. Where that happens, the transfer is covered by an appropriate safeguard under the GDPR, such as the European Commission's Standard Contractual Clauses or an adequacy decision.

7. How long we keep your data

We keep account, workspace, and content data for as long as your account is active. If you delete your account or it is closed, we delete or anonymise the associated personal data within a reasonable period, except where we must retain certain records (for example, invoices for tax purposes) for the period required by law. Inactive demo accounts may be removed automatically after a period of dormancy.

8. Content you publish and your visitors' data

When you use Beeranked to publish content and run sites, you decide what content and what personal data (if any) you collect from your own visitors. In that situation you are the data controller for your visitors' data and Beeranked acts as your processor, handling it on your behalf to provide the Service. You are responsible for having a lawful basis and an appropriate privacy notice for your own visitors.

9. Your rights under the GDPR

You have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erase your data ("right to be forgotten");
  • restrict or object to certain processing;
  • data portability (receive your data in a portable format);
  • withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, email [email protected]. We will respond within the time limits set by the GDPR. You also have the right to lodge a complaint with a supervisory authority, in particular the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données) or the authority in your country of residence.

10. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit (HTTPS), hashed passwords, scoped access controls, and network isolation between services. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children

The Service is intended for businesses and professionals and is not directed at children. It is not intended for anyone under the age of 16, and we do not knowingly collect personal data from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you. Your continued use of the Service after an update means you accept the revised policy.

13. Contact us

For any privacy question or to exercise your rights, contact us at [email protected]. For general support, write to [email protected].

See also our Terms & Conditions.