Last updated: 10 June 2026
This policy explains what personal data Ralf ("we", "us") collects when you use ralfhq.com and app.ralfhq.com, why, and your rights under UK GDPR.
Account data: your email address and password (stored as a secure hash), and if you sign in with Google, your Google account email. Billing data: handled by Stripe — we never see or store your card number; we store your subscription status and Stripe references. Service data: the website domains you add, crawl results for those sites, search and AI-visibility data about them, and settings you configure. Usage data: product analytics about how the Service is used, and standard server logs (IP address, browser type) for security.
To provide the Service you signed up for (contract); to bill you (contract / legal obligation); to secure the Service and prevent abuse (legitimate interest); to send service emails such as trial reminders, payment and product notifications (contract / legitimate interest). We don't send marketing email without consent, and we don't sell personal data.
We use a small set of processors to run the Service: Supabase (database and authentication, hosted in the EU), Vercel (web hosting), Stripe (payments), and AI/data providers used to generate the product's analysis — including OpenRouter (which routes to model providers such as OpenAI, Anthropic, Google and Perplexity) and DataForSEO (search data). Website data sent to AI providers relates to the sites you monitor, not your account identity. Some providers process data outside the UK/EEA under appropriate safeguards (standard contractual clauses).
Account and service data is kept while your account is active. If you close your account, or it remains inactive after cancellation, we delete personal data within 90 days, except records we must keep for tax and accounting (kept up to 6 years). Aggregated, de-identified data may be retained.
Under UK GDPR you can request access to, correction of, deletion of, or a copy of your personal data, object to or restrict processing, and withdraw consent. Email hello@ralfhq.com and we'll respond within one month. You can also complain to the UK Information Commissioner's Office (ico.org.uk).
app.ralfhq.com uses essential cookies/local storage for login sessions. The marketing site uses privacy-respecting analytics without cross-site tracking.
We'll post updates here and notify account holders of material changes by email or in-app.
Data questions or requests: hello@ralfhq.com