Rank Press SRL is committed to protecting your personal data in full compliance with the General Data Protection Regulation (EU) 2016/679 and the Belgian law of July 30, 2018.
Rank Press SRL (hereinafter "we", "us", "our" or "the Controller") is firmly committed to safeguarding the privacy and personal data of all individuals who interact with our services, website, and platforms.
This Data Protection Policy explains how we collect, use, store, share, and protect your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation, hereinafter "GDPR") and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data (hereinafter "the Belgian Data Protection Law").
By using our website, subscribing to our services, or otherwise providing us with your personal data, you acknowledge that you have read and understood this policy. This policy applies to all personal data processed by Rank Press SRL, regardless of the medium or method used to collect it.
The data controller responsible for the processing of your personal data is:
Company name: Rank Press SRL
Legal form: Limited Liability Company under Belgian law
Registered office: 64 rue du Congo, 6890 Ochamps, Belgium
Email: contact@rankpress.com
Website: https://rankpress.com
As the data controller, Rank Press SRL determines the purposes and means of processing personal data and is responsible for ensuring that all processing activities comply with applicable data protection legislation.
For any questions or requests relating to the processing of your personal data, you may contact our Data Protection Officer at the following address: dpo@rankpress.com
In accordance with Article 6 of the GDPR, we only process your personal data when we have a valid legal basis to do so. Depending on the context, we rely on one or more of the following legal bases:
Where you have given clear, informed, and unambiguous consent to the processing of your personal data for one or more specific purposes. You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. This applies notably to the use of non-essential cookies, the subscription to our newsletter, and the receipt of marketing communications.
Where processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract. This includes the creation and management of your user account, the provision of our SaaS services, payment processing, and customer support.
Where processing is necessary for compliance with a legal obligation to which we are subject under Belgian or European Union law. This includes accounting and tax obligations, the retention of invoicing data, and responses to lawful requests from judicial or administrative authorities.
Where processing is necessary for the purposes of the legitimate interests pursued by Rank Press SRL, provided that such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving and securing our services, fraud prevention, internal analytics, and direct marketing to existing customers within the scope of comparable services.
We collect and process different categories of personal data depending on your interactions with our services. We apply the principle of data minimisation and only collect data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
Your personal data is processed for the following specific and explicit purposes:
We do not use your personal data for automated decision-making, including profiling, that produces legal effects or similarly significantly affects you, unless we have informed you of such processing and obtained your explicit consent or such processing is necessary for the performance of a contract.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. The retention periods are determined based on the nature of the data, the purpose of processing, and our legal obligations.
Your account data is retained for the duration of your active subscription and for a period of 3 years following the closure or termination of your account, in order to handle any post-contractual enquiries or disputes.
In accordance with Belgian accounting law (Code of Economic Law, Book III, Title 3), invoicing and financial records are retained for a minimum of 7 years from the end of the relevant financial year.
Connection logs and navigation data are retained for a maximum of 13 months, in compliance with the recommendations of the Belgian Data Protection Authority.
Data processed for marketing purposes is retained for 3 years from your last active engagement with our communications. Upon withdrawal of consent, your data will be removed from marketing lists without undue delay.
Customer support tickets and correspondence are retained for 3 years following the resolution of the enquiry.
At the end of the applicable retention period, personal data is either securely deleted or anonymised so that it can no longer be associated with an identified or identifiable individual.
Under the GDPR (Articles 15 to 22) and the Belgian Data Protection Law, you benefit from the following rights with respect to your personal data:
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, access to the personal data and information about the purposes, categories, recipients, retention periods, and the existence of your other rights.
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed.
You have the right to obtain the erasure of personal data concerning you without undue delay where the data is no longer necessary for the purposes for which it was collected, where you withdraw consent, where you object to the processing, or where the data has been unlawfully processed. This right is subject to legal retention obligations.
You have the right to obtain restriction of processing where you contest the accuracy of the data, where the processing is unlawful but you oppose erasure, where we no longer need the data but you require it for the establishment, exercise, or defence of legal claims, or where you have objected to processing pending verification of our legitimate grounds.
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance, where the processing is based on consent or contract and is carried out by automated means.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on legitimate interests. You also have the unconditional right to object to the processing of your personal data for direct marketing purposes at any time.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such decision is necessary for a contract, authorised by law, or based on your explicit consent.
To exercise any of these rights, please submit your request by email to dpo@rankpress.com or by post to our registered office. We may ask you to verify your identity before processing your request. We will respond to your request within one month of receipt. This period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request, together with the reasons for the delay.
The exercise of these rights is free of charge. However, where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable fee or refuse to act on the request, in accordance with Article 12(5) of the GDPR.
Your personal data is primarily stored and processed within the European Economic Area (EEA). However, certain processing activities may involve the transfer of personal data to countries outside the EEA.
Where such transfers occur, we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, including:
You may request a copy of the relevant safeguards in place for international transfers by contacting our Data Protection Officer at dpo@rankpress.com.
In the course of our activities, we may share your personal data with third-party service providers (data processors) who process data on our behalf and under our instructions. These processors are contractually bound to comply with the GDPR and to implement appropriate technical and organisational measures to protect your data.
The categories of recipients include:
Our website and services are hosted on servers located within the European Union. Our hosting providers ensure physical and logical security of the infrastructure and are bound by data processing agreements in compliance with Article 28 of the GDPR.
Payment transactions are handled by certified third-party payment providers who comply with PCI-DSS (Payment Card Industry Data Security Standard). We do not store or have access to your full payment card details.
We use analytics services to understand how visitors interact with our website and to improve our services. Where possible, we use privacy-focused analytics solutions and anonymise or pseudonymise data before processing.
We use third-party services for sending transactional emails, newsletters, and customer support communications. These providers process your email address and related data under our instructions.
Our SEO and content generation features rely on third-party artificial intelligence providers. Data transmitted to these providers is limited to what is strictly necessary for the provision of the service and is governed by data processing agreements.
We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. Personal data may also be disclosed where required by law, regulation, or court order, or where necessary for the establishment, exercise, or defence of legal claims.
Rank Press SRL implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR. These measures are designed to protect your personal data against unauthorised access, alteration, disclosure, or destruction.
Our security measures include, but are not limited to:
While we take all reasonable steps to protect your personal data, no method of transmission over the Internet or method of electronic storage is completely secure. We therefore cannot guarantee absolute security but commit to promptly addressing any security incident in accordance with our obligations under the GDPR.
In accordance with Article 35 of the GDPR, Rank Press SRL conducts Data Protection Impact Assessments (DPIAs) where a type of processing, in particular using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons.
A DPIA is carried out prior to the processing and includes:
DPIAs are conducted in particular when introducing new data processing activities, implementing new technologies, processing data on a large scale, or engaging in systematic monitoring. Where a DPIA indicates that the processing would result in a high risk in the absence of measures taken by the Controller to mitigate the risk, we consult the Belgian Data Protection Authority prior to the processing, in accordance with Article 36 of the GDPR.
Rank Press SRL has established procedures for detecting, reporting, and investigating personal data breaches. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we will act promptly in accordance with Articles 33 and 34 of the GDPR.
In accordance with Article 33 of the GDPR, where a personal data breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the Belgian Data Protection Authority (APD/GBA) without undue delay and, where feasible, not later than 72 hours after becoming aware of it. Where the notification is not made within 72 hours, it shall be accompanied by reasons for the delay.
Where a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, we will communicate the breach to the affected data subjects without undue delay, in accordance with Article 34 of the GDPR. This communication will describe the nature of the breach, the likely consequences, and the measures taken or proposed to address the breach and mitigate its effects.
All personal data breaches are documented in an internal register, regardless of whether they are notifiable to the supervisory authority. This register records the facts relating to the breach, its effects, and the remedial action taken, in compliance with Article 33(5) of the GDPR.
Rank Press SRL has designated a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and its implementation, ensuring compliance with the GDPR and the Belgian Data Protection Law.
The DPO's responsibilities include:
You may contact our Data Protection Officer for any enquiry related to the processing of your personal data or the exercise of your rights:
Data Protection Officer
Email: dpo@rankpress.com
Postal address: Rank Press SRL, 64 rue du Congo, 6890 Ochamps, Belgium
If you believe that the processing of your personal data by Rank Press SRL infringes the GDPR or the Belgian Data Protection Law, you have the right to lodge a complaint with the competent supervisory authority.
The competent supervisory authority for Rank Press SRL is:
Autorité de Protection des Données (APD)
Gegevensbeschermingsautoriteit (GBA)
Address: Rue de la Presse 35, 1000 Brussels, Belgium
Phone: +32 (0)2 274 48 00
Email: contact@apd-gba.be
Website: https://www.autoriteprotectiondonnees.be
If you reside in another EU/EEA Member State, you also have the right to lodge a complaint with the data protection authority in your country of habitual residence, place of work, or place of the alleged infringement, in accordance with Article 77 of the GDPR.
We encourage you to contact us first so that we may attempt to resolve any concerns before you escalate the matter to the supervisory authority.
Rank Press SRL reserves the right to update or modify this Data Protection Policy at any time to reflect changes in our data processing practices, legal requirements, or regulatory guidance.
In the event of material changes, we will notify you by email (to the address associated with your account) or by means of a prominent notice on our website at least 30 days before the changes take effect. The "Last updated" date at the top of this page will be revised accordingly.
We encourage you to review this policy periodically to stay informed about how we protect your personal data. Continued use of our services after the effective date of any changes constitutes your acknowledgement of the updated policy.
Previous versions of this policy are available upon request by contacting our Data Protection Officer.
For any questions, requests, or concerns regarding this Data Protection Policy, the processing of your personal data, or the exercise of your rights, please contact us:
Rank Press SRL
64 rue du Congo, 6890 Ochamps, Belgium
General enquiries: contact@rankpress.com
Data protection enquiries: dpo@rankpress.com
Website: https://rankpress.com