← Back to Ranql

Privacy Policy

Last Updated: February 24, 2026 | Effective Date: February 24, 2026

1. Introduction

Clearfield Labs, Inc. ("we," "us," "our," or "Company"), operates the Ranql platform and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service, including our website, applications, and any related tools or features.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

For questions about this Privacy Policy or our data practices, please contact us at: privacy@clearfieldlabs.com

2. Information We Collect

2.1 Information You Provide Directly

When you use our Service, you may provide us with the following types of information:

  • Account Information: Name, email address, phone number, and password when you create an account.
  • Business Information: Law firm name, business address, practice areas, website URL, and business contact information.
  • Profile Information: Job title, professional background, and profile photos.
  • Payment Information: Billing address and payment card details (processed securely by our payment processor, Stripe).
  • Communication Preferences: Your preferences for receiving marketing communications, newsletters, and alerts via email, SMS, or phone.
  • User-Generated Content: Content you create within the Service, including project boards, notes, and configurations.
  • Support Communications: Information you provide when contacting our support team.

2.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

  • Device Information: Device type, operating system, browser type, screen resolution, and device identifiers.
  • Usage Data: Pages viewed, features used, time spent on pages, and interaction patterns.
  • Log Data: IP address, access times, referring URLs, and error logs.
  • Location Information: General geographic location based on IP address.

2.3 Information from Public and Third-Party Sources

A core function of our Service is gathering competitive intelligence and market insights to help law firms understand their digital presence and competitive landscape. To provide this service, we collect publicly available information about businesses, including:

  • Website Content: Publicly accessible content from law firm websites, including text, images, and metadata.
  • Business Directory Information: Information from public business directories and listing services.
  • Google Business Profile Data: Publicly available information including business ratings, reviews, business hours, photos, and contact information from Google Maps and Google Business Profiles.
  • Social Media Presence: Publicly available information from business social media profiles (LinkedIn, Facebook, Twitter/X, Instagram).
  • Advertising Intelligence: Publicly visible advertising campaigns and ad creative from platforms including Facebook Ads Library and Google Ads transparency tools.
  • Technical Website Data: Website performance metrics, security configurations (SSL certificates, security headers), and technical infrastructure information.
  • Search Engine Visibility: Information about how businesses appear in search engine results and AI-powered search assistants.
  • Industry and Market Data: Publicly available information about legal market trends, competitor activities, and industry benchmarks.

Important Note: We collect this publicly available information to provide you with competitive intelligence and market insights. This information is gathered from sources that make it publicly accessible on the internet. We do not access private or restricted information.

2.4 Cookies and Similar Technologies

We use browser storage technologies (localStorage and sessionStorage) to:

  • Remember your preferences and settings
  • Track marketing attribution (UTM parameters, referral codes, Google/Facebook/Microsoft click IDs) for up to 30 days
  • Maintain your session state while using the Service
  • Prevent abuse and enforce rate limits for anonymous users through device fingerprinting

We do not use third-party advertising cookies or tracking pixels. Our analytics are conducted internally using our own systems.

2.5 Device Fingerprinting

To prevent abuse of our free report features and enforce rate limits, we collect device characteristics including:

  • Screen dimensions and color depth
  • Timezone and language settings
  • Browser and platform information
  • Hardware characteristics (memory, processor count)
  • Touch and storage capabilities

This information is hashed to create an anonymous device identifier used solely for abuse prevention. We do not use device fingerprinting for advertising or cross-site tracking.

2.6 Session and Login Information

When you log in to the Service, we collect:

  • IP address and general geographic location (country, city)
  • Device type and browser information
  • Login method (password, magic link, single sign-on)
  • Session timestamps and activity

This information is used for security monitoring, fraud prevention, and to enable features like session management.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing and Improving the Service

  • Generate Digital Dominance Reports and competitive intelligence analyses
  • Power our AI Coach feature to provide personalized strategic recommendations
  • Operate automated intelligence workers that gather market insights
  • Create and manage project boards and workflow automation
  • Process transactions and manage subscriptions
  • Provide customer support and respond to inquiries
  • Improve and optimize our Service features and user experience

3.2 Communications

  • Send you Digital Dominance Reports and analysis results
  • Deliver service-related notifications (account updates, security alerts, billing information)
  • Send marketing communications about new features, products, offers, and platform updates
  • Provide proactive insights and recommendations based on your competitive intelligence data
  • Send newsletters and educational content related to your industry
  • Send SMS alerts and phone notifications (with your explicit consent)

Marketing Communications: When you create an account or request a report, you consent to receive marketing communications about product updates, new features, and relevant offers. You can opt out of marketing emails at any time by clicking the "unsubscribe" link in any email, replying "STOP" to SMS messages, or updating your preferences in account settings. Service-related communications (account security, billing, legal updates) are not subject to opt-out.

3.3 Security and Legal Compliance

  • Protect against fraud, unauthorized access, and other illegal activities
  • Enforce our Terms of Service and other policies
  • Comply with legal obligations and respond to legal requests
  • Maintain audit logs for security and compliance purposes

3.4 AI and Machine Learning

Our Service uses artificial intelligence to analyze data and provide recommendations. Specifically:

  • Our AI Coach feature uses your firm's data and competitive intelligence to provide personalized strategic guidance
  • We use AI models to synthesize market research and generate actionable insights
  • AI helps analyze competitor strategies and identify opportunities
  • We create embeddings (mathematical representations) of your reports to enable semantic search and contextual recommendations

We use third-party AI providers (including Anthropic's Claude and OpenAI) to power these features. Your data is sent to these providers solely to generate responses and is processed in accordance with their privacy policies. We do not use your data to train AI models.

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Stripe: Payment processing and subscription management
  • Supabase: Database hosting and authentication services
  • Resend: Email delivery services
  • Anthropic (Claude) / OpenRouter: AI-powered analysis and recommendations
  • Perplexity: Real-time market research and competitive intelligence
  • Google APIs: Business profile data, website performance analysis, and location services
  • Apify: Web scraping and data extraction for advertising intelligence
  • Jina: Website content extraction and analysis

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Business Transfers

If we are involved in a merger, acquisition, financing, or sale of business assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Subpoenas, court orders, or other legal processes
  • Requests from government authorities
  • Protecting our rights, privacy, safety, or property
  • Enforcing our Terms of Service

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4.5 Aggregated or De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for industry benchmarking, research, and analytics purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction:

  • Encryption: Data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption
  • Access Controls: Row-Level Security (RLS) ensures multi-tenant data isolation at the database level
  • Authentication: Secure authentication systems with session management
  • Audit Logging: Comprehensive logging of administrative actions and data access
  • Sensitive Data Handling: API keys, passwords, and other sensitive data are masked in logs and never stored in plain text
  • Regular Security Reviews: We regularly review and update our security practices

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to provide you with the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.

  • Account Data: Retained while your account is active and for a reasonable period thereafter
  • Digital Dominance Reports: Retained to provide historical analysis and trend tracking
  • Competitive Intelligence Data: Retained to enable year-over-year comparisons and market tracking
  • Communication Logs: Retained for customer support and compliance purposes
  • Payment Records: Retained as required by tax and financial regulations

You may request deletion of your account and associated data by contacting us at privacy@clearfieldlabs.com.

7. Your Rights and Choices

7.1 Account Information

You may access, update, or delete your account information at any time through your account settings or by contacting us.

7.2 Marketing Communications

You may opt out of receiving marketing communications by:

  • Clicking the "unsubscribe" link in any marketing email
  • Replying "STOP" to any SMS marketing message
  • Updating your communication preferences in your account settings
  • Contacting us at privacy@clearfieldlabs.com

Please note that you will continue to receive service-related communications even if you opt out of marketing messages.

7.3 California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the personal information we collect, use, and share
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: You can opt out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

7.4 European Privacy Rights

If you are located in the European Economic Area (EEA) or United Kingdom, you may have additional rights under GDPR, including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

To exercise these rights, contact us at privacy@clearfieldlabs.com.

8. Third-Party Links and Services

Our Service may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access.

9. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@clearfieldlabs.com.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification to registered users for significant changes

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Clearfield Labs, Inc.

2108 N Street, Ste N
Sacramento, CA 95816

Email: privacy@clearfieldlabs.com

We will respond to your inquiry within a reasonable timeframe.