Security and privacy at RankEcho
RankEcho can run an initial AI visibility audit from public-domain information. It does not require access to your CMS, analytics, Search Console, CRM, or private customer data.
What data RankEcho collects
A free audit uses a public domain, optional email address, generated prompt results, cited source URLs, and scorecard data. It does not require analytics, CMS, CRM, or private customer data.
What RankEcho does not need
RankEcho does not need passwords, website admin access, Search Console access, analytics access, or customer records to run an initial AI visibility audit.
How audit data is used
Audit data is used to generate the scorecard, gap map, fix recommendations, proof reports, and aggregate benchmark statistics. Public benchmark data should be aggregated and anonymized.
API keys and integrations
Secrets such as AI provider keys, email provider keys, and Stripe keys should be stored as Cloudflare Worker secrets and never committed to the repository.
Billing security
Payments are handled through Stripe checkout. RankEcho should not store raw card details.
Responsible measurement
RankEcho measures public AI-search behavior and reports uncertainty. It should not claim guaranteed rankings or manipulate AI systems with deceptive content.
Run a no-card public-domain audit →