PRIVACY POLICY

Last updated:

Translation note: This version is for understanding and may later be localized via i18n. Legally binding is exclusively the original en-US version. Original: rattlestork.org/en-US/EULA.

Related policies: Terms of Use · Privacy Policy · Cookie Policy · Return Policy · Acceptable Use Policy · Imprint · EULA · Disclaimer

This privacy notice of RattleStork UG (limited liability) ("we", "us", "our") explains how and why we access, collect, store, use and/or share ("process") personal data when you use our websites and mobile applications (the "Services") especially if you:

  • Visit our website at https://rattlestork.org or a website that refers to this notice;
  • Use our mobile application (RattleStork) or an app that refers to this notice;
  • Interact with us in other ways, e.g., through sales, support, or events.

Questions or concerns? Reading this notice helps you understand your rights and choices. If you do not agree with our policies and practices, please do not use the services. You can reach us via the contact form or at rattlestork@gmail.com.

SUMMARY OF KEY POINTS

This summary highlights central points. See the table of contents below for details.

  • What data we process. Depends on how you interact with us and which features you use. See What data we collect.
  • Sensitive data. User-generated content may reveal special categories (e.g., health, sexual orientation, family planning). We process such data only with your explicit consent and only to provide the services. See Special categories.
  • How we use data. Providing and improving services, security and abuse prevention, legal obligations; with consent where required. See How we process.
  • Sharing. To processors (e.g., hosting, analytics, payments). We do not sell personal data nor share it for cross-context behavioral advertising. See Sharing.
  • Security. Reasonable technical and organizational measures, but no system is 100% secure. See Security.
  • Your rights. Depending on residence: access, correction, deletion, objection, restriction, data portability, withdrawal of consent. See Your rights.

TABLE OF CONTENTS

1. CONTROLLER & CONTACT

Controller: RattleStork UG (limited liability), Sternstraße 23, 39104 Magdeburg, Germany.
Email: rattlestork@gmail.com · Contact form: rattlestork.org/contact
Data Protection Officer (DPO): not appointed (currently not legally required).
Supervisory authority: State Commissioner for Data Protection Saxony-Anhalt.

2. WHAT DATA DO WE COLLECT?

Information you provide

  • Account data (email, username, password).
  • Profile & UGC (text, images, preferences, messages, matches, reports).
  • Support (requests, attachments, diagnostic data).
  • Billing metadata (plan, renewal status, transaction IDs; no full card numbers stored with us).

Automatically collected information

  • Log & usage data (timestamps, pages/screens, feature use, crash/error logs).
  • Device data (device identifiers, OS, app version, language, network, provider).
  • Location data (approximate e.g. IP-based; precise only with granted in-app permission).
  • Cookies/SDKs according to our Cookie Policy.

3. SPECIAL CATEGORIES (SENSITIVE DATA)

Our services may allow you to share information about health, sexual orientation, family planning, or other special categories. We do not require such data. If you voluntarily disclose it, we process it only with your explicit consent (GDPR Art. 9(2)(a)) to provide services (matching, messaging, security/moderation) and to fulfill legal obligations. You can revoke consent anytime in settings; the lawfulness of processing before revocation remains unaffected.

4. HOW DO WE PROCESS YOUR DATA?

  • Service provision: account creation/login, profiles, matching, messaging, moderation, support.
  • Improvement & security: troubleshooting, analytics (with consent where required), anti-spam/fraud, abuse prevention.
  • Communication: service notifications, transactional emails, push notifications (opt-out in device settings).
  • Compliance: tax/accounting, consumer law, DSA Notice-and-Action, official information requests.
  • Marketing with consent (where required). You can object/unsubscribe anytime.

5. LEGAL BASES (GDPR/UK GDPR/CANADA)

  • Contract (Art. 6(1)(b)): provision of requested core functions.
  • Consent (Art. 6(1)(a)): non-essential cookies/SDKs, marketing, special categories (Art. 9(2)(a)).
  • Legal obligation (Art. 6(1)(c)): tax, consumer law, DSA, retention.
  • Legitimate interests (Art. 6(1)(f)): security, fraud prevention, product-related analytics with safeguards.

Canada: processing with explicit or implied consent unless an exception applies (e.g. fraud prevention, legal requirements). Revocation possible anytime.

6. PAYMENTS & SUBSCRIPTIONS

Purchases and subscriptions are processed via Apple App Store, Google Play, or our web payment provider. We store no full card numbers. We receive limited billing metadata (plan, status, transaction IDs) for access management. Available plans and region-specific prices are shown in the app or on our subscription page.

7. COOKIES & SIMILAR TECHNOLOGIES

We use strictly necessary cookies (legitimate interests). Analytics/advertising cookies or SDKs are only set with your consent. Manage your choices via our consent banner. Details in our Cookie Policy.

8. SOCIAL LOGINS

When you register/login via social networks (e.g., Facebook, X), we receive profile data from the respective provider according to your settings there. We use this exclusively for login/account purposes in accordance with this notice. Please refer to the provider's privacy notices.

9. GOOGLE APIs & ANALYTICS

Our use of information from Google APIs is governed by the Google API Services User Data Policy, including the Limited Use requirements. Google Analytics. We may use Google Analytics to understand usage. You can object via the browser add-on, ad settings on mobile devices, the NAI opt-out and mobile options.

10. NOTICE-AND-ACTION (EU-DSA)

You can report allegedly illegal content via our contact form or the in-app reporting feature. We review reports, take appropriate action, and inform you as legally required.

11. HOW LONG DO WE STORE DATA?

We store personal data as long as your account is active or as needed for the described purposes, then delete or anonymize it unless longer legal retention periods apply (e.g., tax/accounting). Typical periods: operational logs and analytics 90–365 days; security logs as needed for security/compliance. You can request deletion in the settings.

12. HOW DO WE PROTECT DATA?

We implement appropriate technical and organizational measures (encryption during transmission, access controls, backups). Nevertheless, no electronic transmission or storage is 100% secure.

13. CHILDREN & MINORS

The services are intended for adults 18+. We do not knowingly collect data from persons under 18. If you believe we have data of a minor, please contact us for deletion.

14. YOUR PRIVACY RIGHTS

Depending on your residence (e.g., EEA/UK/Switzerland/Canada/US states), you have rights to access, correction, deletion, restriction, objection, copy (data portability), and withdrawal of consent. Exercise your rights via the settings, the contact form or by email to rattlestork@gmail.com. You also have the right to file a complaint with your supervisory authority.

15. US STATE PRIVACY NOTICES

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have special rights including knowledge/access, correction, deletion, data copy, and opt-out of targeted advertising/“sale”/profiling. We do not sell/share personal data for cross-context advertising.

CategoryExamplesCollected
A. IdentifiersContact data, IP, email, account nameYES
B. Customer records (CA)Name, contact data, limited billing metadataYES
C. Protected classificationsDemographic info you provideYES
D. Commercial infoTransactions, purchase historyNO (only via stores/providers; metadata YES)
E. Biometric dataFinger/voice printsNO
F. Internet/network activityBrowsing, usage, interactionsYES
G. GeolocationDevice locationYES (with permission or IP-based)
H. Audio/visualImages or recordings for supportNO (UGC images possibly by you)
I. Professional dataJob/application infoNO (except for applications)
J. EducationStudent recordsNO
K. InferencesProfiles/characteristicsNO (only minimal security signals)
L. Sensitive dataHealth, sexual orientation (UGC)YES (only with explicit consent)

Sources. Yourself, your devices, cookies/SDKs, and service providers (hosting, analytics, payments, email delivery, crash reporting, content moderation).
Sharing. Disclosure to service providers for business purposes under contract. No personal data has been sold/shared in the last 12 months and we do not do so.

Exercising US State Rights

Send requests via the settings, the contact form or by email to rattlestork@gmail.com. We verify your identity and respond according to applicable law. You may appoint an authorized person (proof required). If we refuse, you may appeal by email; you may also contact your Attorney General.

16. INTERNATIONAL TRANSFERS

For transfers outside the EEA/UK/Switzerland, we use appropriate safeguards (e.g., EU standard contractual clauses/UK IDTA) and conduct transfer impact assessments. Copies are available on request with redactions.

17. DO-NOT-TRACK

There is no industry standard for DNT signals; therefore, we do not respond to them. If a standard is introduced, we will update this notice.

18. UPDATES TO THIS NOTICE

We may update this notice occasionally. The “Last updated” date indicates the latest version. Material changes may be highlighted in the app or otherwise. Please check regularly.

19. CONTACT

RattleStork UG (haftungsbeschränkt)
Sternstraße 23, 39104 Magdeburg, Germany
Email: rattlestork@gmail.com
Contact & Reports: rattlestork.org/contact
Privacy Settings: rattlestork.org/settings
Related Policies: Terms of Use · EULA · Cookie Policy