Privacy Policy

Last updated: June 12, 2026

This policy describes what data RefreshRank ("we", "us") collects when you use the RefreshRank WordPress plugin and the RefreshRank API service at api.refreshrank.com, and how that data is handled. We collect the minimum needed to provide the service.

What we collect

• Account data. When you click "Start free" or activate a license, the plugin sends your site URL. We create an account identified by a license key. The free signup requires no name or email address.
• Search Console data. When you connect Google Search Console, we receive read-only search analytics for your verified property: per-page clicks, impressions, click-through rate, and average position, in 28-day windows covering up to 16 months. We refresh this daily. OAuth tokens are stored on our servers and are never sent to or stored on your WordPress site.
• Rewrite content. When you request an AI rewrite (paid plans), the plugin sends the title, meta description, and content (up to 30KB) of that one post, plus its top search queries. We process it to generate the proposed refresh and store the request and result so you can review and apply them.
• Operational logs. Standard server logs (IP address, request path, timestamp) kept for security and abuse prevention, including rate limiting.

What we do not do

• We do not send your content to third-party AI providers. Rewrites run on inference servers we operate.
• We do not sell or share your data with advertisers or data brokers.
• We do not write to your site. The plugin applies changes locally, only after you approve them, as WordPress revisions.
• We do not use your content to train AI models.

Google user data

RefreshRank's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Search Console data is used only to compute decay scores and display your queue; it is not transferred to others, used for advertising, or used to train models. You can revoke our access at any time from your Google account permissions.

Retention and deletion

Account, site, and analytics data are kept while your account is active. To delete your account and all associated data (including stored Search Console metrics and rewrite history), email hello@refreshrank.com from the site or account in question; we complete deletion within 30 days. Uninstalling the plugin removes its settings from your WordPress site but does not by itself delete server-side data - email us for that.

Cookies

This website sets no tracking cookies and runs no third-party analytics. The plugin operates inside your own WordPress admin and sets no cookies of its own.

Security

API access is authenticated by license key over HTTPS. Google tokens are stored server-side and scoped read-only. We apply rate limits and payload limits to all endpoints and keep encrypted off-site backups.

Changes

If this policy changes materially, we will update this page and note the new date above. Questions: hello@refreshrank.com.