Privacy Policy

Last Updated: April 18, 2026

1. Introduction

Welcome to Rampify ("we," "our," or "us"), a product of Workware Labs. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our website at rampify.dev and our services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us, including:

  • Account Information: Name, email address, and password (if using email authentication) or profile information from third-party authentication providers (Google, GitHub, etc.)
  • Site Information: Website domains, URLs, and sitemap data you add for analysis
  • Business Information: Industry, business type, content strategy, competitors, marketing strategy, and other business context you provide to receive personalized SEO and technology recommendations (optional)
  • Contact Information: Information you provide when contacting us for support or inquiries
  • Configuration Data: Settings and preferences for your SEO analysis

2.2 Automatically Collected Information

When you visit our marketing pages, our first-party analytics script records:

  • Page data: URL, page title, and referring URL for the first page of your visit
  • Browser context: The User-Agent header your browser sends with each request (used to identify browser type, operating system, and to classify the visit as a human, an LLM agent, a bot crawler, or automation — see §11.1), and your screen size (used to categorize as desktop, mobile, or tablet)
  • Geographic region: Country and region inferred from Cloudflare/Vercel edge headers. We do not store your IP address.
  • Language preference: Your browser's navigator.language value (e.g., en-US)
  • Session grouping: A random identifier stored in your browser's sessionStorage that groups pageviews from a single tab into a session. This identifier is not a cookie, is not shared with third parties, and is automatically deleted when you close the tab.
  • Form submissions: When you submit a marketing form on our site that has been opted in to tracking (e.g., /signup, /join, /free), we record the values of visible text fields and selections along with the session attribution described above (referrer, campaign ID if you arrived via a tracked link). Password fields, file uploads, checkboxes, and fields marked with data-rampify-ignore are never captured. A submission is only stored if it includes an email address. This information is saved to our contacts database so we can follow up about your application or account.

Inside our authenticated product (the Rampify dashboard, available after you create an account), we additionally collect:

  • Product usage data: The pages and features you use within the dashboard, via PostHog. This is linked to your account so we can understand how real users use Rampify and improve the product. See §11 for details and how to withdraw.
  • Site analysis data: Technical SEO data from websites you analyze (meta tags, schema markup, HTTP status codes, page performance)
  • Technology stack detection: Frameworks, libraries, and platforms detected on your site through automated scanning

2.3 Google Search Console Data

When you connect your Google Search Console account, we collect:

  • URL Inspection Data: Indexing status, coverage state, mobile usability
  • Search Analytics: Search queries, clicks, impressions, average position
  • Indexing API Data: Submission status and indexing queue information

3. How We Use Your Information

We use the collected information for:

  • Providing and maintaining our SEO intelligence services
  • Creating and managing your account
  • Analyzing your websites for SEO issues and opportunities
  • Providing personalized SEO and technology stack recommendations based on your business context
  • Providing search performance insights via Google Search Console integration
  • Communicating with you about our services
  • Improving our website and services
  • Analyzing usage patterns and trends
  • Sending service updates and notifications
  • Ensuring security and preventing fraud
  • Complying with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who help us operate our services:
    • Supabase (authentication and database services)
    • Vercel (hosting infrastructure)
    • Google APIs (OAuth authentication and Search Console integration)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, sale, or acquisition

5. What We DON'T Do

Important Privacy Commitment:

  • We do NOT use AI APIs to process your data. Rampify provides structured data and insights that YOU can choose to share with AI tools of your choice.
  • No automatic AI processing: We don't send your website data, content, or analysis results to any AI service providers.
  • You control AI usage: Our MCP (Model Context Protocol) server runs locally in your IDE. Any AI interactions happen in your environment, not ours.
  • No third-party AI sharing: We never share your data with OpenAI, Anthropic, or any other AI service providers.
  • Privacy-first architecture: Your SEO data stays in our database or your local environment—you decide what to share and when.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database infrastructure with Row Level Security (RLS)
  • Access controls and authentication
  • Regular security audits and updates

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request a copy of your data in a structured format
  • Opt-out: Opt-out of marketing communications
  • Revoke Access: Disconnect Google Search Console integration at any time

To exercise these rights, please contact us at info@rampify.dev.

8. Third-Party Authentication and Google Search Console

8.1 Third-Party Authentication Providers

We support authentication through third-party providers (Google OAuth, GitHub OAuth, etc.). When you sign in using a third-party provider, we access and store:

  • From OAuth providers: Your email address, name, and profile picture (for account identification and authentication)

We use this information solely to create and maintain your Rampify account and authenticate you when you log in. We do not sell, rent, or share your authentication data with third parties for their marketing purposes.

8.2 Google Search Console Integration

We use Google Search Console API to provide SEO performance data. When you connect your Google Search Console account, we access and store:

  • From Google Search Console API: URL inspection data, search analytics (queries, clicks, impressions), indexing status, and mobile usability information

How we use Google Search Console data:

  • To fetch and display SEO performance data from Google Search Console
  • To provide actionable insights based on your search performance
  • To help you manage indexing and site optimization
  • To track URL coverage and indexing status

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

9. Third-Party Services

Our website and services integrate with a small set of third-party services:

  • Authentication Providers: Google OAuth, GitHub OAuth, and other third-party authentication services
  • Google Search Console API: SEO and indexing data (only for sites you connect)
  • Supabase: Authentication infrastructure and database hosting
  • Vercel: Website and application hosting
  • PostHog: Product analytics inside the authenticated dashboard only (see §11.2)

These third-party services have their own privacy policies. We encourage you to review them.

10. MCP Server and Local Data Processing

Our MCP (Model Context Protocol) server is designed with privacy in mind:

  • Runs locally: The MCP server runs in your development environment (Cursor, Claude Code, VS Code)
  • You control data flow: The server fetches structured data from Rampify's API based on your requests
  • No automatic sharing: Data is only retrieved when you explicitly query it through your AI assistant
  • AI interactions stay local: Conversations between you and your AI assistant (Claude, GPT, etc.) happen in your IDE—we don't see or store them

11. Analytics, Cookies, and Tracking

We deliberately keep our tracking stack minimal. On marketing pages (the public site at rampify.dev), we use only our own first-party analytics. No third-party trackers, no cross-site tracking, no fingerprinting, no advertising cookies. Inside our authenticated product, we use one additional tool (PostHog) to understand how users use the dashboard.

11.1 Rampify Analytics (all pages)

Our own analytics script records the data described in §2.2 above. It uses your browser's sessionStorage — not cookies — to group pageviews into a per-tab session, and this identifier is automatically deleted when you close the tab. The only persistent identifier we set is a localStorage value to remember whether you are the site owner (for filtering your own visits out of our stats), which you can clear at any time in your browser. We do not fingerprint visitors or track you across other websites.

We classify each visit into one of six buckets based on the User-Agent header you send: human, LLM agent (e.g., ChatGPT or Claude fetching the page to answer a user's question), bot crawler, link preview (Slack, Discord, etc. unfurling a shared link), automation (scripts, headless browsers, uptime monitors), or unknown. This classification is informational only. It is not shared with third parties and is not used for advertising or personalization. The raw User-Agent string is stored alongside the classification so we can refine our patterns over time without discarding data.

11.2 PostHog (authenticated product only)

Once you sign up for a Rampify account and log in, we use PostHog to understand how you use the dashboard — which features you open, which workflows you complete, and where you get stuck. This is linked to your account email so we can follow up with you and so we can compare usage patterns across real customers. PostHog is not loaded on our public marketing pages.

By creating a Rampify account and accepting our Terms of Service, you consent to this product analytics. You can request deletion of your PostHog data by contacting info@rampify.dev.

11.3 Essential cookies

We set authentication cookies (via Supabase) that are strictly necessary for you to stay signed in to the product. These are not used for tracking.

11.4 What we do not use

  • No Google Analytics. Removed April 2026.
  • No HubSpot, Intercom, or similar CRM tracking pixels on public pages. Contact form submissions are stored in our own database with attribution.
  • No advertising or retargeting pixels (Meta, Google Ads, LinkedIn, TikTok, etc.).
  • No cross-site trackers or browser fingerprinting.
  • No sale or sharing of personal data with data brokers.

You can clear your session identifier at any time by closing the tab or opening rampify.dev in a private/incognito window. You can clear all Rampify storage via your browser's developer tools or site settings.

12. Children's Privacy

Our services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take steps to delete the information.

13. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

14. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date.

15. Contact Us

If you have questions about this privacy policy or our privacy practices, please contact us at:

Email: info@rampify.dev
Website: rampify.dev