PRIVACY POLICY

Last updated:

Translation note: This version is for understanding and may later be localized via i18n. Legally binding is exclusively the original en-US version. Original: rattlestork.org/en-US/EULA.

Related policies: Terms of Use · Privacy Policy · Cookie Policy · Return Policy · Acceptable Use Policy · Imprint · EULA · Disclaimer

This privacy notice from RattleStork UG (limited liability) (“we”, “us”, “our”) explains how and why we access, collect, store, use and/or share (“process”) personal data when you use our websites and mobile applications (the “Services”), especially if you:

  • Visit our website at https://rattlestork.org or a website that refers to this notice;
  • Use our mobile application (RattleStork) or an app that refers to this notice;
  • Interact with us in other ways, e.g., through sales, support, or events.

Questions or concerns? Reading this notice helps you understand your rights and choices. If you do not agree with our policies and practices, please do not use the services. You can reach us via the contact form or at rattlestork@gmail.com.

SUMMARY OF KEY POINTS

This summary highlights central points. See the table of contents below for details.

  • What data we process. Depends on how you interact with us and which features you use. See What data we collect.
  • Sensitive data. User-generated content may reveal special categories (e.g., health, sexual orientation, family planning). We process such data only with your explicit consent and only to provide the services. See Special categories.
  • How we use data. Providing and improving services, security and abuse prevention, legal obligations; with consent where required. See How we process.
  • Sharing. To processors (e.g., hosting, analytics, payments). We do not sell personal data and do not share it for cross-context behavioural advertising. See Sharing.
  • Security. Reasonable technical and organizational measures, but no system is 100% secure. See Security.
  • Your rights. Depending on residence: access, correction, deletion, objection, restriction, portability, withdrawal of consent. See Your rights.

TABLE OF CONTENTS

1. CONTROLLER & CONTACT

Controller: RattleStork UG (limited liability), Sternstraße 23, 39104 Magdeburg, Germany.
Email: rattlestork@gmail.com · Contact form: rattlestork.org/contact
Data Protection Officer (DPO): not appointed (currently not legally required).
Supervisory authority: State Commissioner for Data Protection Saxony-Anhalt.

2. WHAT DATA DO WE COLLECT?

Information you provide

  • Account data (email, username, password).
  • Profile & UGC (text, images, preferences, messages, matches, reports).
  • Support (requests, attachments, diagnostic data).
  • Billing metadata (plan, renewal status, transaction IDs; no full card numbers stored with us).

Automatically collected information

  • Log & usage data (timestamps, pages/screens, feature usage, crash/error logs).
  • Device data (device identifiers, OS, app version, language, network, provider).
  • Location data (approximate e.g. IP-based; precise only with granted in-app permission).
  • Cookies/SDKs according to our Cookie Policy.

3. SPECIAL CATEGORIES (SENSITIVE DATA)

Our services may allow you to share information about health, sexual orientation, family planning, or other special categories. We do not require such data. If you voluntarily disclose it, we process it only with your explicit consent (GDPR Art. 9(2)(a)) to provide the services (matching, messaging, security/moderation) and to fulfill legal obligations. You can revoke consent anytime in the settings; the lawfulness of processing before revocation remains unaffected.

4. HOW DO WE PROCESS YOUR DATA?

  • Providing the services: account creation/login, profiles, matching, messaging, moderation, support.
  • Improvement & security: troubleshooting, analytics (with consent where required), anti-spam/fraud, abuse prevention.
  • Communication: service notifications, transactional emails, push notifications (opt-out in device settings).
  • Compliance: tax/accounting, consumer law, DSA Notice-and-Action, regulatory inquiries.
  • Marketing with consent (where required). You can object/unsubscribe anytime.

5. LEGAL BASES (GDPR/UK GDPR/CANADA)

  • Contract (Art. 6(1)(b)): provision of requested core functions.
  • Consent (Art. 6(1)(a)): non-essential cookies/SDKs, marketing, special categories (Art. 9(2)(a)).
  • Legal obligation (Art. 6(1)(c)): tax, consumer law, DSA, retention.
  • Legitimate interests (Art. 6(1)(f)): security, fraud prevention, product-related analytics with safeguards.

Canada: processing with explicit or implied consent unless an exception applies (e.g. fraud prevention, legal requirements). Revocation possible anytime.

6. PAYMENTS & SUBSCRIPTIONS

Purchases and subscriptions are processed via Apple App Store, Google Play, or our web payment provider. We store no full card numbers. We receive limited billing metadata (plan, status, transaction IDs) for access management. Available plans and region-specific prices are shown in the app or on our subscription page.

7. COOKIES & SIMILAR TECHNOLOGIES

We use strictly necessary cookies (legitimate interests). Analytics/advertising cookies or SDKs are only set with your consent. Manage your choices via our consent banner. Details in our Cookie Policy.

8. SOCIAL LOGINS

When you register/login via social networks (e.g., Facebook, X), we receive profile data from the respective provider according to your settings there. We use this exclusively for login/account purposes in accordance with this notice. Please refer to the provider's privacy notices.

9. GOOGLE APIs & ANALYTICS

Our use of information from Google APIs follows the Google API Services User Data Policy, including the Limited-Use requirements. Google Analytics. We may use Google Analytics to understand usage. You can object via, among others, the browser add-on, mobile ad settings, the NAI opt-out and mobile options.

10. NOTICE-AND-ACTION (EU-DSA)

You can report allegedly illegal content via our contact form or the in-app reporting feature. We review reports, take appropriate action, and inform you as legally required.

11. HOW LONG DO WE STORE DATA?

We store personal data as long as your account is active or as needed for the described purposes, then delete or anonymize it unless longer legal retention periods apply (e.g., tax/accounting). Typical periods: operational logs and analytics 90–365 days; security logs as needed for security/compliance. You can request deletion in the settings.

12. HOW DO WE PROTECT DATA?

We implement appropriate technical and organizational measures (encryption during transmission, access controls, backups). However, no electronic transmission or storage is 100% secure.

13. CHILDREN & MINORS

The services are intended for adults 18+. We do not knowingly collect data from persons under 18. If you believe we have data of a minor, please contact us for deletion.

14. YOUR PRIVACY RIGHTS

Depending on your residence (e.g., EEA/UK/Switzerland/Canada/US states), you have rights to access, correction, deletion, restriction, objection, copy (data portability), and withdrawal of consent. Exercise your rights via the settings, the contact form or by email to rattlestork@gmail.com. You also have the right to file a complaint with your supervisory authority.

15. US STATE PRIVACY NOTICES

If you reside in California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have special rights including access, correction, deletion, data copy, and opt-out of targeted advertising/“sale”/profiling. We do not sell/share personal data for cross-context advertising.

CategoryExamplesCollected
A. IdentifiersContact data, IP, email, account nameYES
B. Customer records (CA)Name, contact data, limited billing metadataYES
C. Protected classificationsDemographic info you provideYES
D. Commercial infoTransactions, purchase historyNO (only via stores/providers; metadata YES)
E. Biometric dataFinger/voice printsNO
F. Internet/network activityBrowsing, usage, interactionsYES
G. GeolocationDevice locationYES (with permission or IP-based)
H. Audio/visualImages or recordings for supportNO (UGC images possibly by you)
I. Professional dataJob/application infoNO (except for applications)
J. EducationStudent recordsNO
K. InferencesProfiles/characteristicsNO (only minimal security signals)
L. Sensitive dataHealth, sexual orientation (UGC)YES (only with explicit consent)

Sources. Yourself, your devices, cookies/SDKs, and service providers (hosting, analytics, payments, email delivery, crash reporting, content moderation).
Sharing. Disclosure to service providers for business purposes under contract. No personal data has been sold/shared in the last 12 months and we do not do so.

Exercising US state rights

Send requests via the settings, the contact form or by email to rattlestork@gmail.com. We verify your identity and respond according to applicable law. You may appoint an authorized person (proof required). If we refuse, you can appeal by email; you may also contact your Attorney General.

16. INTERNATIONAL TRANSFERS

For transfers outside the EEA/UK/Switzerland, we use appropriate safeguards (e.g., EU Standard Contractual Clauses/UK IDTA) and conduct transfer impact assessments. Copies are available on request with redactions.

17. DO-NOT-TRACK

There is no industry standard for DNT signals; therefore, we do not respond to them. If a standard is introduced, we will update this notice.

18. UPDATES TO THIS NOTICE

We may update this notice occasionally. The “Last updated” date indicates the latest version. Material changes may be highlighted in the app or by other appropriate means. Please check regularly.

19. CONTACT

RattleStork UG (limited liability)
Sternstraße 23, 39104 Magdeburg, Germany
Email: rattlestork@gmail.com
Contact & Reports: rattlestork.org/contact
Privacy Settings: rattlestork.org/settings
Related Policies: Terms of Use · EULA · Cookie Policy