Rankora
  • Features
  • Pricing
  • About
  • Blog
  • Contact
Sign InSign Up
Rankora

AI-powered review management to protect and grow your business reputation.

Product

  • Features
  • Pricing
  • Integrations
  • Changelog
  • Roadmap

Solutions

  • All Solutions
  • Restaurants
  • Hotels
  • Agencies
  • Clinics

Company

  • About
  • Blog
  • Careers
  • Press
  • Partners

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • GDPR
  • KVKK

Support

  • Contact
  • Documentation
  • Status
  • Resources
  • Accessibility

© 2026 Rankora. All rights reserved.

Made with ♥ for business owners worldwide

Legal

KVKK Clarification Text

This text has been prepared by Rankora in accordance with Article 10 of the Law on Protection of Personal Data No. 6698 (KVKK) to inform data subjects about the processing of their personal data.

Last updated: May 14, 2026

On this page

  • Data Controller
  • Purposes of Processing
  • Legal Basis & Collection Methods
  • Categories of Personal Data
  • Data Transfers
  • Retention Periods
  • Your Rights (Article 11)
  • How to Exercise Your Rights

Data Controller

In accordance with KVKK, the data controller responsible for the processing of your personal data is Rankora. As data controller, Rankora determines the purposes and means of processing personal data collected through the website and services.

Company NameRankora
Websitehttps://reviewshield.app
E-mailkvkk@reviewshield.app

Purposes of Processing Personal Data

Your personal data may be processed for the following purposes:

Service Delivery

To create and manage your account, provide subscription services, and deliver the features you request.

Google Reviews Management

To connect your Google Business Profile, import reviews, and generate AI-powered responses on your behalf.

Billing & Payments

To process subscription payments, issue invoices, and manage billing information in compliance with financial regulations.

Customer Support

To respond to your support requests, resolve issues, and improve the quality of our services.

Security & Fraud Prevention

To detect and prevent unauthorized access, fraud, and other security threats to our platform.

Legal Obligations

To fulfill our obligations under applicable laws including tax legislation, e-commerce regulations, and data protection law.

Analytics & Service Improvement

To analyze usage patterns and improve the performance, functionality, and user experience of our platform.

Marketing Communications

To send product updates, newsletters, and promotional communications where you have given your consent.

Legal Basis & Collection Methods

Your personal data is collected through the following methods and processed on the legal bases listed below in accordance with KVKK Articles 5 and 6:

Collection Methods

1

Digital Channels

Via our website, web application, API integrations, and email communications.

2

Third-Party Integrations

Through Google OAuth when you connect your Google Business Profile account.

3

Cookies & Tracking Technologies

Through cookies and similar technologies as described in our Cookie Policy.

Legal Bases (KVKK Art. 5)

Legal BasisApplication
Explicit ConsentFor marketing communications and non-essential cookies (KVKK Art. 5/1).
Contractual NecessityFor service delivery and account management as required to perform our contract with you (KVKK Art. 5/2-c).
Legal ObligationFor tax records, invoicing, and compliance with applicable legislation (KVKK Art. 5/2-ç).
Legitimate InterestFor security, fraud prevention, and anonymous analytics where your rights are not overridden (KVKK Art. 5/2-f).

Categories of Personal Data Processed

The following categories of personal data may be processed depending on your use of our services:

CategoryExamples
Identity

Identity Data

Name, surname, username
Contact

Contact Data

E-mail address, phone number (if provided)
Account

Account & Authentication Data

Password (hashed), OAuth tokens, session identifiers
Business

Business Data

Company name, Google Business Profile ID, review content
Billing

Billing Data

Billing address, tax ID, payment method token (via Stripe — card details are never stored by us)
Technical

Usage & Log Data

IP address, browser type, pages visited, feature usage
Communication

Communication Data

Support tickets, email correspondence

Transfer of Personal Data to Third Parties

Your personal data may be shared with the following third parties solely for the purposes described in this text, under data processing agreements and with appropriate safeguards:

RecipientPurposeLocation
StripePayment processing and billing managementUnited States (SCCs applied)
Google LLCGoogle Business Profile integration and OAuth authenticationUnited States (SCCs applied)
VercelCloud infrastructure and application hostingUnited States / EU (data residency options)
Neon / PostgreSQLDatabase hosting for application dataEU Region
OpenAIAI-generated review response suggestionsUnited States (SCCs applied)
ResendTransactional and marketing email deliveryUnited States (SCCs applied)

Personal data may be transferred to public authorities or judicial bodies where required by law. Cross-border transfers are carried out in accordance with KVKK Article 9 using Standard Contractual Clauses (SCCs) or adequacy decisions where applicable.

Retention Periods

Personal data is retained only as long as necessary for the purpose for which it was collected, or as required by applicable law:

Data CategoryRetention Period
Account DataDuration of account + 3 years after account deletion
Billing & Invoice Data10 years (Turkish Tax Procedure Law)
Usage & Log DataUp to 2 years
Support Communications3 years after ticket closure
Marketing Consent Records3 years after consent withdrawal
Google Review DataDuration of service subscription

At the end of the applicable retention period, personal data is securely deleted, anonymized, or destroyed in accordance with KVKK regulations and the Data Destruction Regulation.

Rights of Data Subjects (KVKK Article 11)

As a data subject under KVKK, you have the following rights regarding your personal data:

1

Right to be Informed

To learn whether your personal data is being processed.

2

Right of Access

To request information about the processing of your personal data.

3

Right to Rectification

To request correction of incomplete or inaccurate personal data.

4

Right to Erasure

To request deletion or destruction of your personal data where processing is no longer necessary.

5

Right to Notification

To request that corrections or deletions be notified to third parties to whom data was transferred.

6

Right to Object to Automated Decisions

To object to decisions made solely through automated processing that produce legal or similarly significant effects.

7

Right to Object to Processing

To object to the processing of your personal data in cases where processing is based on legitimate interest.

8

Right to Compensation

To request compensation for damages arising from unlawful processing of your personal data.

How to Exercise Your Rights

To exercise any of the rights listed above, you may submit a request to us using the contact details below. We will respond to your request within 30 days in accordance with KVKK. There is no fee for submitting a request; however, if the request requires additional cost, we may charge a fee in line with the tariff set by the Personal Data Protection Board.

1

E-mail

Send your signed request to kvkk@reviewshield.app

kvkk@reviewshield.app

2

Online Application

Use our secure data subject request form available in your account settings.

Account Settings → Privacy → Submit KVKK Request

When submitting a request, please include your full name, contact information, the right you wish to exercise, and a copy of your identity document (required under the KVKK Application Communiqué).

Contact KVKK TeamPrivacy PolicyCookie Policy