Privacy Policy

01Who We Are

LiveRank is a community-driven ranking platform operated by Lucas Mendes, an individual operating from Argentina. Our domain is liverank.co. For privacy-related enquiries, contact us at [email protected].

While our legal entity is based in Argentina, LiveRank's servers are hosted in Germany (Netcup) and the service is accessible globally. GDPR applies to users located in the European Economic Area (EEA). CCPA applies to California residents. Brazil's LGPD applies to Brazilian residents. We comply with all applicable data protection laws.

02Information We Collect

We collect the following categories of personal data:

• Email address — collected at registration and used to verify your account and send transactional emails (e.g., email verification).
• Authentication tokens (JWT) — stored in your browser's localStorage after login. Used to authenticate your session. See our Cookie Policy for details.
• OAuth identity — if you sign in with Google OAuth, we receive your Google account email and name. We do not receive your Google password.
• Vote history with timestamps — every vote you cast is stored with its timestamp. Votes have a lifespan and decay over time. Expired votes are archived (see Data Retention below).
• Trust Score — a numerical reputation metric derived from your platform activity. Recalculated periodically.
• Comment content — text you submit as comments on rankings or items.
• Ranking content — rankings and items you create.
• Uploaded media — profile images, ranking cover images, and item images you upload.
• IP address — collected transiently for rate limiting (e.g., to prevent vote-spam). Not stored long-term beyond server access logs.
• User-agent — collected for error diagnostic context in our error tracking system (Sentry).

03How We Use Your Information

We use your information to:

• Provide and operate the LiveRank service.
• Authenticate your account and maintain session security.
• Send transactional emails (account verification, critical security notifications). We do not send marketing emails unless you have explicitly opted in.
• Calculate your Trust Score to weight your votes proportionally to your platform reputation.
• Detect and prevent abuse, including vote manipulation and coordinated inauthentic behaviour.
• Diagnose errors and monitor platform stability.

Legal basis (GDPR): performance of contract (operating the service), legitimate interests (platform integrity, error monitoring), and consent where applicable.

04Data Retention

Active accounts: your data is retained as long as your account is active.

Vote archives: when a vote expires (typically after 30 days), it is archived, not deleted. Archived votes are stored in the vote_archives table and are used for historical analytics and platform integrity. They are not displayed publicly in active rankings after expiry. We do not claim that old votes are deleted — they are archived.

Account deletion: if you request account deletion (see Your Rights below), we will anonymise or delete your personally identifiable information. Archived votes associated with your account may be retained in anonymised form for platform integrity purposes.

Server logs: access logs (including transient IP addresses) are retained for up to 90 days on Netcup infrastructure.

05Third-Party Data Processors

We share data with the following third-party processors, all of whom are contractually obligated to handle your data in compliance with applicable law:

• Resend (transactional email) — US-based. Processes email addresses to deliver verification and notification emails. Subject to Standard Contractual Clauses (SCCs) for EU data transfers.
• Sentry (error tracking) — US-based. Receives error context including user-agent, request paths, and error stack traces. Sensitive fields (authorization headers, cookies) are scrubbed before transmission. Subject to SCCs for EU data.
• Google Cloud / Google OAuth (OAuth identity) — US-based. If you use Google Sign-In, Google processes your identity claim and returns it to LiveRank. Google's own GDPR data processing terms apply.
• Cloudflare R2 (media storage) — globally distributed. Stores uploaded images (ranking covers, item images, profile avatars). Subject to Cloudflare's data processing addendum.
• Netcup (hosting) — Germany-based (EU jurisdiction). Hosts the LiveRank API, database, and worker processes. As an EU-based processor, Netcup operates under GDPR directly.

We do not sell your personal data to third parties. We do not use advertising networks or third-party analytics trackers on LiveRank.

06Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate data.
• Erasure — request deletion of your account and personally identifiable data. Note: expired votes will be retained in anonymised archived form per our retention policy above.
• Portability — request an export of your data in a machine-readable format.
• Objection — object to processing of your data for specific purposes (e.g., analytics).
• Complaint — if you are in the EU/EEA, you have the right to lodge a complaint with a supervisory authority. The Irish Data Protection Commission (DPC) is the named cross-border supervisory authority for EU data subjects: dataprotection.ie.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

07Contact

For privacy-related questions, data requests, or complaints, contact:

Lucas Mendes — LiveRank
[email protected]

We take data protection seriously. We will not use your contact to send you marketing communications.

08Changes to This Policy

We may update this Privacy Policy from time to time. We will update the “Last Updated” date above. Continued use of LiveRank after changes constitutes acceptance of the revised policy.