Privacy Policy — RankMeTop Vault
Last updated: 10 July 2026
RankMeTop Vault is a browser extension built for internal use by RankMeTop
employees. It lets signed-in staff autofill and retrieve company logins stored
in the RankMeTop system's credential vault. This policy explains what data
the extension collects, why, and how it's handled.
What we collect
-
Your sign-in credentials. The email and password you enter
to sign in are sent directly to RankMeTop's own backend to authenticate you.
We don't see or store your password in the extension itself beyond the
moment it's submitted.
-
Session tokens. After signing in, the extension stores a
JWT access token and refresh token in the browser's local extension storage
(
browser.storage.local), so you stay signed in between popup
opens. These are cleared when you log out.
-
The active tab's URL. When you open the extension, the
current tab's web address is sent to the backend to check whether a vault
entry matches that site, so we can offer to autofill it. This only happens
for tabs you're actively viewing while the extension popup is open, or
while checking whether to show the toolbar badge.
-
Vault credentials, on request. When you choose to autofill
a login or copy a saved username/password, that credential is decrypted on
RankMeTop's backend and sent to the extension for that one action. It is
not stored by the extension afterward.
What we don't do
- We don't sell, rent, or share any of the above with third parties.
- We don't use this data for advertising, analytics, or tracking.
- We don't collect data from any site other than to check/autofill a login
you've asked the extension to handle.
Where data is stored
All account and vault data lives on RankMeTop's own backend server. Vault
credentials are encrypted at rest. Access to any given vault entry is scoped
to your account's role and department, enforced server-side — the extension
only ever receives what your account is already permitted to see.
Data retention
Session tokens are stored locally until you log out or they expire. Revealed
vault credentials exist only transiently in memory to fill a form or populate
a copy action, and are not persisted by the extension.
This extension is for internal company use
RankMeTop Vault is not intended for the general public — it requires a
RankMeTop company account to do anything, and only RankMeTop employees are
expected to install it.
Changes to this policy
If how this extension handles data changes, this page will be updated
accordingly.
Contact
Questions about this policy or your data can be sent to
[email protected].