PRIVACY POLICY

Last updated:13 October 2025

Translation note: This version is for understanding and may later be localised via i18n. Only the original en-US version is legally binding. Original: rattlestork.org/en-US/EULA.

Related policies: Terms of Use · Privacy Policy · Cookie Policy · Return Policy · Acceptable Use Policy · Imprint · EULA · Disclaimer

This privacy notice of RattleStork UG (limited liability) (“we”, “us”, “our”) explains how and why we access, collect, store, use and/or share (“process”), when you use our websites and mobile applications (the “Services”), especially if you:

Visit our website at https://rattlestork.org or a website referring to this notice;
Use our mobile application (RattleStork) or an app referring to this notice;
Interact with us in other ways, e.g. in sales, support, or events.

Questions or concerns? Reading this notice helps you understand your rights and choices. If you do not agree with our policies and practices, please do not use the services. You can reach us via the contact form or at rattlestork@gmail.com.

SUMMARY OF KEY POINTS

This summary highlights central points. See the table of contents below for details.

What data we process. Depends on how you interact with us and which features you use. See What data we collect.
Sensitive data. User-generated content may reveal special categories (e.g. health, sexual orientation, family planning). We process such data only with your explicit consent and only to provide the services. See Special categories.
How we use data. Providing and improving services, security and abuse prevention, legal obligations; with consent where required. See How we process.
Sharing. To processors (e.g. hosting, analytics, payments). We do not sell personal data and do not share it for cross-context behavioural advertising. See Sharing.
Security. Reasonable technical and organisational measures, but no system is 100% secure. See Security.
Your rights. Depending on residence: access, correction, deletion, objection, restriction, data portability, withdrawal of consent. See Your rights.

1. CONTROLLER & CONTACT
2. WHAT DATA DO WE COLLECT?
3. SPECIAL CATEGORIES (SENSITIVE DATA)
4. HOW DO WE PROCESS YOUR DATA?
5. LEGAL BASES (GDPR/UK GDPR/CANADA)
6. PAYMENTS & SUBSCRIPTIONS
7. COOKIES & SIMILAR TECHNOLOGIES
8. SOCIAL LOGINS
9. GOOGLE APIs & ANALYTICS
10. NOTICE-AND-ACTION (EU DSA)
11. HOW LONG DO WE STORE DATA?
12. HOW DO WE PROTECT DATA?
13. CHILDREN & MINORS
14. YOUR PRIVACY RIGHTS
15. US STATE PRIVACY NOTICES
16. INTERNATIONAL TRANSFERS
17. DO-NOT-TRACK
18. UPDATES TO THIS NOTICE
19. CONTACT

1. CONTROLLER & CONTACT

Controller: RattleStork UG (limited liability), Sternstraße 23, 39104 Magdeburg, Germany.
Email: rattlestork@gmail.com · Contact form: rattlestork.org/contact
Data Protection Officer (DPO): not appointed (currently not legally required).
Supervisory authority: State Commissioner for Data Protection Saxony-Anhalt.

2. WHAT DATA DO WE COLLECT?

Information you provide

Account data (email, username, password).
Profile & UGC (text, images, preferences, messages, matches, reports).
Support (requests, attachments, diagnostic data).
Billing metadata (plan, renewal status, transaction IDs; no full card numbers stored with us).

Automatically collected information

Log & usage data (timestamps, pages/screens, feature use, crash/error logs).
Device data (device identifiers, OS, app version, language, network, provider).
Location data (approximate e.g. IP-based; precise only with granted in-app permission).
Cookies/SDKs according to our Cookie Policy.

3. SPECIAL CATEGORIES (SENSITIVE DATA)

Our services may allow you to share information about health, sexual orientation, family planning or other special categories. We do not require such data. If you voluntarily disclose it, we process it only with your explicit consent (GDPR Art. 9(2)(a)) to provide the services (matching, messaging, security/moderation) and to fulfil legal obligations. You can revoke consent anytime in the settings; the lawfulness of processing before revocation remains unaffected.

4. HOW DO WE PROCESS YOUR DATA?

Service provision: account creation/login, profiles, matching, messaging, moderation, support.
Improvement & security: troubleshooting, analytics (with consent where required), anti-spam/fraud, abuse prevention.
Communication: service notifications, transactional emails, push notifications (opt-out in device settings).
Compliance: tax/accounting, consumer law, DSA Notice-and-Action, official information requests.
Marketing with consent (where required). You can object/unsubscribe anytime.

5. LEGAL BASES (GDPR/UK GDPR/CANADA)

Contract (Art. 6(1)(b)): provision of requested core functions.
Consent (Art. 6(1)(a)): non-essential cookies/SDKs, marketing, special categories (Art. 9(2)(a)).
Legal obligation (Art. 6(1)(c)): tax, consumer law, DSA, retention.
Legitimate interests (Art. 6(1)(f)): security, fraud prevention, product-related analytics with safeguards.

Canada: processing with explicit or implied consent unless an exception applies (e.g. fraud prevention, legal requirements). Revocable at any time.

6. PAYMENTS & SUBSCRIPTIONS

Purchases and subscriptions are processed via Apple App Store, Google Play or our web payment provider. We store no full card numbers. We receive limited billing metadata (plan, status, transaction IDs) for access management. Available plans and region-specific prices are shown in the app or on our subscription page.

7. COOKIES & SIMILAR TECHNOLOGIES

We use strictly necessary cookies (legitimate interests). Analytics/advertising cookies or SDKs are only set with your consent. Manage your choices via our consent banner. Details in our Cookie Policy.

8. SOCIAL LOGINS

When you register/login via social networks (e.g. Facebook, X), we receive profile data from the respective provider according to your settings there. We use this exclusively for login/account purposes in accordance with this notice. Please refer to the provider's privacy notices.

9. GOOGLE APIs & ANALYTICS

Our use of information from Google APIs is governed by the Google API Services User Data Policy, including the Limited Use requirements. Google Analytics. We may use Google Analytics to understand usage. You can object via, among others, the browser add-on, ad settings on mobile devices, the NAI opt-out and mobile options.

10. NOTICE-AND-ACTION (EU-DSA)

You can report allegedly unlawful content via our contact form or the in-app reporting function. We review reports, take appropriate measures and inform you as legally required.

11. HOW LONG DO WE STORE DATA?

We store personal data as long as your account is active or as required for the described purposes, and then delete or anonymise it unless longer legal retention periods apply (e.g. tax/accounting). Typical periods: operational logs and analytics 90–365 days; security logs as needed for security/compliance. You can request deletion in the settings.

12. HOW DO WE PROTECT DATA?

We implement appropriate technical and organisational measures (encryption during transmission, access controls, backups). Nevertheless, no electronic transmission or storage is 100% secure.

13. CHILDREN & MINORS

The services are aimed at adults 18+. We do not knowingly collect data from persons under 18. If you believe we have data of a minor, please contact us for deletion.

14. YOUR PRIVACY RIGHTS

Depending on your residence (e.g. EEA/UK/Switzerland/Canada/US states), you have rights to access, correction, deletion, restriction, objection, copy (data portability) and withdrawal of consent. Exercise your rights via the settings, the contact form or by email to rattlestork@gmail.com. You also have the right to file a complaint with your supervisory authority.

15. US STATE PRIVACY NOTICES

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah or Virginia, you may have special rights including to knowledge/access, correction, deletion, data copy and opt-out of targeted advertising/“sale”/profiling. We do not sell/share personal data for cross-context advertising.

Category	Examples	Collected
A. Identifiers	Contact details, IP, email, account name	YES
B. Customer records (CA)	Name, contact details, limited billing metadata	YES
C. Protected characteristics	Demographic data you provide	YES
D. Commercial info	Transactions, purchase history	NO (only via stores/providers; metadata YES)
E. Biometric data	Finger/voice prints	NO
F. Internet/network activity	Browsing, usage, interactions	YES
G. Geolocation	Device location	YES (with permission or IP-based)
H. Audio/Visual	Images or recordings for support	NO (UGC images possibly by you)
I. Professional data	Job/application info	NO (except for applications)
J. Education	Student records	NO
K. Inferences	Profiles/characteristics	NO (only minimal security signals)
L. Sensitive data	Health, sexual orientation (UGC)	YES (only with explicit consent)

Sources. Yourself, your devices, cookies/SDKs and service providers (hosting, analytics, payments, email delivery, crash reporting, content moderation).
Sharing. Disclosure to service providers for business purposes under contract. No personal data has been sold/shared in the last 12 months and we do not do so.

Exercising US state rights

Send requests via the settings, the contact form or by email to rattlestork@gmail.com. We verify your identity and respond according to applicable law. You may appoint an authorised person (proof required). If we refuse, you may appeal by email; you may also contact your Attorney General.

16. INTERNATIONAL TRANSFERS

For transfers outside the EEA/UK/Switzerland, we use appropriate safeguards (e.g. EU Standard Contractual Clauses/UK IDTA) and conduct transfer impact assessments. Copies are available on request with redactions.

17. DO-NOT-TRACK

There is no industry standard for DNT signals; therefore, we do not respond to them. If a standard is introduced, we will update this notice.

18. UPDATES TO THIS NOTICE

We may update this notice occasionally. The "Last updated" date indicates the latest version. Material changes may be highlighted in the app or by other appropriate means. Please check regularly.

19. CONTACT

RattleStork UG (haftungsbeschränkt)
Sternstraße 23, 39104 Magdeburg, Germany
E-Mail: rattlestork@gmail.com
Contact & Reports: rattlestork.org/contact
Privacy Settings: rattlestork.org/settings
Related Policies: Terms of Use · EULA · Cookie Policy

Blog