PRIVACY POLICY

Privacy Policy

For Rankpy Marketing Services

Effective Date: 07 April 2025
Last Updated: 07 April 2025

Rankpy Marketing Services (“we,” “us,” or “our”), a digital marketing agency registered in the United Arab Emirates with headquarters at Office G-01-509 – Al Khabaisi Building – Dubai, operates in full compliance with UAE Federal Decree-Law No. 45 of 2021 (Personal Data Protection Law) and international standards including the GDPR where applicable. This comprehensive Privacy Policy governs all data processing activities across our website (www.rankpy.com), service delivery platforms, and client interactions.

1. DEFINITIONS & INTERPRETATION

1.1 Personal Data: Any information relating to an identified or identifiable natural person
1.2 Data Subject: Individuals whose data we process (clients, prospects, website visitors)
1.3 Data Controller: Rankpy Marketing Services determines purposes/means of processing
1.4 Data Processor: Third parties processing data on our instructions

2. SCOPE & APPLICABILITY

2.1 This policy covers:

  • Digital marketing services (SEO, PPC, SMM, etc.)

  • Website interactions (forms, cookies, analytics)

  • Offline data collection (contracts, meetings)
    2.2 Jurisdictional applicability:

  • Primary: United Arab Emirates

  • Secondary: GDPR for EU-based clients

3. DETAILED DATA COLLECTION PRACTICES

3.1 Categories of Data Collected

A. Client Onboarding Data

  • Full legal name and business registration documents

  • Emirates ID/passport copies for contract verification

  • VAT registration numbers (where applicable)

B. Automated Collection

  • Device fingerprints (browser/OS configurations)

  • Geolocation data (city-level for local SEO)

3.2 Special Category Data Exclusion

We implement technical measures to actively filter and exclude:

  • Health records

  • Biometric identifiers

  • Religious/political affiliation

4. LEGAL BASES FOR PROCESSING

4.1 Contractual Necessity (Article 6(1)(b) GDPR equivalent)

  • Service agreement fulfillment

  • Payment processing

4.2 Legitimate Interests (Article 6(1)(f))

  • Fraud prevention

  • Service improvement analytics

4.3 Legal Compliance

  • UAE tax reporting requirements

  • Court order responses

4.4 Explicit Consent

  • Newsletter subscriptions

  • Case study participation

5. DATA SHARING FRAMEWORK

5.1 Internal Sharing Protocols

  • Departmental access tiers (sales vs. technical teams)

  • Encryption standards for internal communications

5.2 Third-Party Ecosystem

A. Essential Processors

  • Hosting: AWS Middle East (Dubai data centers)

  • Analytics: Google Analytics 4 (IP anonymization)

  • Communication: Zoom, Microsoft Teams (E2E encrypted)

B. Restricted Sharing

  • Government entities (Dubai Economic Department requests)

  • Legal authorities (valid subpoenas)

5.3 International Transfer Safeguards

  • EU-UAE Standard Contractual Clauses

  • Data Protection Impact Assessments for high-risk transfers

6. COMPREHENSIVE SECURITY MEASURES

6.1 Technical Controls

  • Infrastructure:

    • ISO 27001-certified data centers

    • Distributed denial-of-service (DDoS) protection

  • Data Protection:

    • AES-256 encryption at rest

    • TLS 1.3 for in-transit data

6.2 Organizational Protocols

  • Mandatory NDAs for all employees

  • Quarterly penetration testing

  • Breach notification procedures (72-hour UAE PDPL requirement)

6.3 Vendor Management

  • Annual security audits for all third-party processors

  • Data processing addendums with subcontractors

7. DATA SUBJECT RIGHTS PROCEDURES

7.1 Access Requests

  • Submit via email to support@rankpy.com

  • 15-day response timeline

  • Free first copy (AED 100 for subsequent requests)

7.2 Erasure Process

  • Verification requirements:

    • Government-issued ID

    • Proof of representation (for business requests)

  • Exceptions:

    • Ongoing litigation holds

    • Public health research data

7.3 Automated Decision-Making Opt-Out

  • Available for:

    • Ad targeting algorithms

    • Lead scoring systems

8. COOKIE POLICY ANNEX

8.1 Strictly Necessary Cookies

  • Session cookies (PHPSESSID)

  • CSRF tokens

8.2 Performance Cookies

  • Google Tag Manager

  • Cloudflare analytics

8.3 Consent Management

  • CookieYes banner implementation

  • Granular preference center

CONTACT DETAILS

Data Protection Officer: Muhammad Zeeshan
Physical Address: Office G-01-509 – Al Khabaisi Building – Dubai
Email: support@rankpy.com
Phone: +971 58 854 2250