Privacy Policy

Split Settle ("we", "our", or "the app") is a mobile application that helps friends split expenses and track shared balances. Your privacy is important to us. This policy explains what data we collect, how we use it, and your rights.

1. Information We Collect

We collect only the minimum data necessary to provide expense-splitting functionality:

• Account Information: Your name and email address when you create an account (via email sign-up or Google Sign-In).
• Profile Data: Optional profile photo and display name that you choose to set.
• Expense Data: Expense descriptions, amounts, currencies, dates, and split information that you create within the app.
• Settlement Data: Payment records between you and your friends.
• Group Data: Group names, membership, and associated expenses that you create.
• Device Information: Push notification tokens to deliver real-time notifications (only when you grant permission).

2. How We Use Your Information

• To provide the core expense-splitting and balance-tracking functionality.
• To authenticate your identity and secure your account.
• To send push notifications about expenses and settlements involving you.
• To enable you to find and connect with friends on the platform.
• To maintain and improve the app's performance and reliability.

3. Data Storage & Security

Your data is stored securely on Supabase (backed by PostgreSQL with row-level security). All data is transmitted over HTTPS/TLS encryption. We implement the following security measures:

• Row-Level Security (RLS) policies ensuring users can only access their own data.
• Encrypted authentication tokens managed by Supabase Auth.
• Optional biometric lock (fingerprint/face) for app access.
• Secure local storage for session tokens (AsyncStorage/SecureStore).

4. Third-Party Services

We use the following third-party services:

• Supabase — Database, authentication, and serverless functions. Supabase Privacy Policy
• Google Sign-In — OAuth authentication (only if you choose to sign in with Google). Google Privacy Policy
• Expo Push Notifications — Delivers push notifications. Expo Privacy Policy
• Firebase Cloud Messaging (FCM) — Android push notification delivery. Firebase Privacy Policy

5. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. Your data is shared only in these limited cases:

• With your friends: When you add an expense or settlement, the other party sees the relevant transaction details (amount, description, date).
• With group members: Group expenses and balances are visible to all members of that group.
• Service providers: Our infrastructure providers (Supabase, Google, Expo) process data as described above.
• Legal requirements: If required by law or to protect our legal rights.

6. Data Retention

Your data is retained for as long as your account is active. Deleted expenses are soft-deleted (marked as inactive) but may be permanently removed after 90 days. If you delete your account, all associated data will be permanently deleted within 30 days.

7. Your Rights

You have the right to:

• Access your personal data through the app (Account → Edit Profile, Export Data).
• Correct your information (change name, email) at any time.
• Export your data as a CSV file from Account → Export.
• Delete your account and all associated data by contacting us.
• Withdraw consent for push notifications via your device settings.

8. Children's Privacy

Split Settle is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal data, we will delete it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. When we do, we will update the "Last updated" date at the top and notify users of material changes through the app or email.

10. Contact Us

If you have questions about this privacy policy or your data, contact us at:

Email: privacy@settle.app