Privacy Policy

Rankly · Last updated: May 2, 2026

Rankly ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information about you when you use our mobile application, Rankly (the "App").

1. Information We Collect

We collect the following categories of information:

• Contact Information — your name and email address, collected when you create an account.
• Identifiers — a unique user ID generated when you register, used to identify your account across sessions.
• Usage Data — information about how you use the App, including lists you create and accounts you follow. This helps us improve the experience.

2. How We Use Your Information

• To create and manage your account.
• To provide the core features of Rankly, including creating, saving, and sharing ranked lists.
• To personalise your experience and recommend relevant content.
• To communicate with you about your account or updates to the App.
• To improve and develop the App based on usage patterns.

3. Advertising

The App displays ads served by Google AdMob. We do not track you across other companies' apps or websites for advertising purposes. We do not collect or share your data with third parties for targeted advertising. AdMob may collect limited non-personal data (such as crash logs and general usage data) to serve non-personalised ads. For more information, see Google's Privacy Policy.

4. Spotify Integration

Rankly offers an optional integration with Spotify that lets you import and rank your own Spotify listening data. This integration is provided in partnership with Spotify AB and is governed by the Spotify Privacy Policy in addition to this policy.

• Authentication — we use Spotify's official OAuth 2.0 flow with PKCE. You authenticate directly with Spotify; Rankly never sees your Spotify password.
• Scopes requested — user-top-read, user-read-recently-played, and user-read-private. These allow Rankly to read your top artists and tracks, recent listening history, and basic profile (display name, country, product tier) so we can display and rank your music.
• Data we fetch — your Spotify display name and user ID, top artists and tracks across short, medium, and long term ranges, and recently played tracks (track name, artist, album, played-at timestamp, cover art URLs).
• Data we do not access — we do not stream, download, cache, or rebroadcast Spotify audio content. We do not access your playlists, library, payment information, or social connections beyond the scopes listed above.
• Token storage — your Spotify access and refresh tokens are stored encrypted on your device's secure storage (iOS Keychain / Android Keystore) and, where required for background refresh, in our backend in encrypted form. Tokens are kept only as long as you remain connected to Spotify in the App.
• Attribution — content sourced from Spotify is attributed to Spotify in the App and is presented as Spotify data, not as data owned by Rankly or by you.
• Disconnecting — you can disconnect Spotify at any time from Rankly's Settings screen. Disconnecting revokes the tokens, deletes them from our systems, and removes Spotify-derived content from your Rankly account. You can additionally revoke Rankly's access at any time from your Spotify account apps page.
• Compliance — Rankly's use of Spotify data complies with the Spotify Developer Terms and Developer Policy.

5. Sharing of Information

We do not sell your personal information. We may share information with:

• Advertising partners — Google AdMob serves non-personalised ads in the App. No personal data is shared for ad targeting.
• Service providers — third-party companies that help us operate the App (e.g. cloud hosting, analytics). They are contractually required to protect your data.
• Legal obligations — if required by law or to protect the rights and safety of our users.

6. Data Retention

We retain your information for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us (see Section 10). Spotify tokens and Spotify-derived content are deleted as soon as you disconnect Spotify in the App.

7. Security

We use industry-standard measures to protect your information. However, no method of transmission over the internet or electronic storage is 100% secure.

8. Children's Privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

9. Your Rights

Depending on where you live, you may have the right to access, correct, or delete your personal data, or to object to or restrict certain processing. To exercise these rights, contact us using the details below.

10. Contact Us

If you have questions or requests regarding this Privacy Policy, please reach out:

Bob Van den Audenaerde
Email: bob.vandenaudenaerde@gmail.com

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Continued use of the App after changes take effect constitutes acceptance of the revised policy.

Effective date: May 2, 2026