rankion.ai
🇩🇪 Deutsch 🇬🇧 English 🇫🇷 Français 🇪🇸 Español
4 reporting channels · response < 2 business days

Report incidents

How to report problems or misbehaviour of our AI systems.

Translation notice — The German version of this document is the legally binding original. This English translation is provided for informational purposes only. In case of any conflict between this translation and the German version, the German text shall govern. View authoritative German version.

If you notice behaviour by our AI systems while using Rankion that you consider problematic, we want to know. Fast reporting enables fast remediation.

What you can report

  • AI misbehaviour: hallucinations with potential to cause harm (e.g. AI states wrong facts in an advice-style response)
  • Harmful outputs: discriminatory, abusive or dangerous content
  • Data-protection violations: if you suspect that your or someone else's personal data is being processed unlawfully
  • Security vulnerabilities: bugs affecting confidentiality / integrity / availability
  • Suspicion of misuse: if you have indications that Rankion is being used for prohibited purposes (high-risk applications, deepfakes of real persons)

How to report

AI misbehaviour / outputs

General incidents

incidents@rankion.ai

Response within 2 business days

Security vulnerabilities

Responsible disclosure (PGP email recommended)

security@rankion.ai

Response within 24 hours for severity High+

Data protection

GDPR matters / Data Protection Officer

datenschutz@rankion.ai

Response within 1 month (Art. 12(3) GDPR)

EU supervisory authority

Direct complaint route available at any time

In Germany, the competent authority for the AI Act is the Federal Network Agency (Bundesnetzagentur, planned from August 2026); for GDPR matters, the State Data Protection Commissioner of the state of registered seat

What to include (for fast handling)

  • Date and time of the incident (UTC preferred)
  • Which Rankion feature was affected
  • Reproduction steps, if possible
  • Screenshots or output snippets (ideally anonymised)
  • What harm you suspect or have observed

What we do

  1. Acknowledgement of receipt within 1 business day
  2. Initial triage assessment (severity) within 2 business days
  3. Critical / High: immediate mitigation or emergency patch
  4. Medium / Low: included in the next release iteration
  5. Status update on remediation
  6. For data-protection-relevant incidents additionally: notification to the supervisory authority within 72 hours pursuant to Art. 33 GDPR, where required

Anonymous reporting

You may also report anonymously — use a disposable email provider for that. We then cannot ask follow-up questions, which slows handling.

← Back to Trust Center

Last update: 2026-05-03

Cookies: We use necessary cookies for functionality and optional ones for improvements. Details

Necessary
Active
Analytics
Marketing