Privacy Policy
Last updated: March 2026 · Splitr
1. What We Collect
When you use Splitr we collect:
- Account information — name, email address, and (optionally) a profile photo and phone number you provide.
- Financial records — expenses, splits, and settlement transactions you create inside clubs.
- Device tokens — to send you push notifications (opt-in).
- Usage data — server logs for debugging and performance monitoring.
2. How We Use Your Data
- To operate the app and display your balances, clubs, and events.
- To send push notifications about activity in your clubs.
- To investigate bugs and improve performance.
We do not sell or share your personal data with third parties for advertising.
3. Data Retention
Your personal data (name, email, phone, bio, avatar) is retained for as long as your account is active. If you delete your account, your personal identifiers are permanently erased. Financial records are retained in anonymised form to preserve the integrity of other members' balance histories.
4. Your Rights (GDPR)
If you are in the EEA you have the right to:
- Access — export a full copy of your data via Profile → Export My Data.
- Erasure — permanently delete your account via Profile → Delete My Account.
- Rectification — update your name, email, and bio at any time from Edit Profile.
- Portability — your exported data is provided in machine-readable JSON format.
5. Security
Passwords are hashed with bcrypt. All data is transmitted over HTTPS. Tokens are stored securely and rotated on each use.
6. Third-Party Services
- Google Sign-In / Apple Sign-In — used for authentication. Their respective privacy policies apply.
- Google Places API — used for location search. No location data is stored by Splitr.
- Expo / Firebase — used for push notifications.
7. Changes
We may update this policy and will notify you via the app if changes are significant.