By creating an account or using the Service, you acknowledge that you have read and understood this Privacy Policy. Where required by law, we will request your explicit consent before processing your data. If you do not agree with this policy, do not use the Service.
01 Who we are (data controller)
The controller of your information is:
SoadTech, LLC
651 N Broad St, Suite 201
Middletown, DE 19709
United States
Email: [email protected]
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you may also contact our representative at the email above.
02 Information we collect
We only collect data that is necessary to provide the Service.
2.1 Information you provide directly
| Category | Examples | Purpose |
|---|---|---|
| Account identifiers | Email, password (hashed), first name, last name, profile code | Account creation, login, identification within the app |
| Phone | Mobile number, country code | Verification, friend lookup, account recovery |
| Profile data | Avatar, gender, birthday, preferred currency, language | Personalization |
| Expense data | Amounts, items, currencies, categories, dates, notes, payment method, groups, members, settlements | Core expense-splitting functionality |
| Receipt images | Photos of receipts uploaded for OCR | Automatic extraction of expense data |
| Feedback & support | Messages you send us | Customer support |
2.2 Information collected automatically
| Category | Examples |
|---|---|
| Device & technical data | Model, OS version, app version, language, timezone, IP, crash logs |
| Usage data | Screens viewed, features used, taps, session duration, referring source |
| Push tokens | FCM token, APNs token, Live Activity token |
| Cookies (Site only) | Session cookies, persistent for preferences and analytics |
| Advertising identifiers (iOS) | IDFA, only if you grant App Tracking Transparency |
| Attribution | Install source, deferred deep links via AppsFlyer |
2.3 Information from third parties
- Social login providers (Google, Apple): name, email, profile picture and verified user identifier.
- Payment providers (App Store, Google Play, Stripe): subscription status, transaction IDs, last four digits of card (Stripe only), country, currency. We do not receive or store full card numbers.
- Friend connections: when other users add you to a group or send you a friend request, we receive their reference to you (email, phone or profile code).
2.4 Information we process but do NOT store
To minimize our footprint over your data, the following categories are processed in real time and not retained on our servers:
- Contacts: when you choose to find friends, your address book is queried one-time against our database to detect which contacts already use Splittier. The list itself is not stored on our servers.
- AI chat content: messages you send to the AI assistant and its responses are processed transiently and discarded when the session ends. We do not keep a long-term history.
- Voice recordings & transcripts: audio captured during Voice Chat Premium is streamed to ElevenLabs for real-time processing and is not stored by Splittier afterwards.
2.5 We do NOT knowingly collect
- Government IDs, passports or social security numbers.
- Precise GPS location.
- Health, biometric, religious, political or sexual-orientation data.
- Full payment card numbers or CVV (handled exclusively by Apple, Google and Stripe).
03 Children
The Service is not intended for users under 13 years (or 16 in EEA/UK). We do not knowingly collect data from minors. If you believe a child has provided us data, contact [email protected] and we will delete it promptly.
04 How we use your information
| Purpose | Data used | Legal basis (GDPR) |
|---|---|---|
| Create and manage your account | Identifiers, phone, password | Contract |
| Split expenses, group management, settlements | Expense data, contacts, friend connections | Contract |
| Receipt OCR | Receipt images | Contract / consent |
| AI assistant (text and voice) | Chat, audio, expense context | Contract / consent |
| Phone & email verification | Phone, email, OTP | Contract, legitimate interest |
| Push, email & SMS notifications | Push tokens, email, phone | Contract |
| Marketing communications | Email, usage data | Consent (opt-in), revocable |
| Subscriptions and in-app purchases | Transaction IDs, customer IDs | Contract |
| Detect fraud and abuse, enforce terms | All categories | Legitimate interest, legal obligation |
| Improve the Service, analytics, debugging | Usage data, crash logs | Legitimate interest |
| Comply with legal obligations | Required data | Legal obligation |
05 AI and automated processing
Splittier uses AI in some features. You should know:
- Receipt OCR is performed by Google Gemini (Google LLC). Images and extracted text are transmitted to Google.
- Voice Chat Premium uses ElevenLabs, Inc. for STT, TTS and real-time conversational AI.
- AI outputs may be inaccurate. You are responsible for reviewing AI-generated data before saving.
- AI providers act as our processors and are contractually prohibited from using your data to train their public models, except where we have explicitly informed you.
- You can opt out of AI features by simply not using Scan Bill, AI Chat or Voice Chat. The rest of the Service does not require AI.
07 International data transfers
Splittier is operated from the United States. If you access the Service from outside the US, your data will be transferred and processed in the US and other countries where our processors operate. Where required by law, we rely on the European Commission's Standard Contractual Clauses (SCCs), the UK Addendum and equivalent safeguards.
08 Data retention
| Data | Retention |
|---|---|
| Account data | Until you delete your account; anonymized within 30 days |
| Expense and settlement data | While your account is active; after deletion, in anonymized form to preserve historical accuracy of shared bills |
| Receipt images | While your account is active; deleted on account deletion |
| Voice recordings & transcripts | Not stored — processed in real time only |
| AI chat content | Not stored — processed in real time only |
| Contacts | Not stored — queried one-time on import |
| OTP codes | 5 minutes |
| Push tokens | Until the device unregisters |
| Crash logs / analytics | Up to 24 months |
| Tax / billing records | Up to 7 years (legal obligation) |
09 Your rights
Depending on your jurisdiction, you have the following rights:
- Access — request a copy of your data.
- Rectification — correct inaccurate or incomplete data.
- Deletion ("right to be forgotten") — delete your account from Profile → Settings → Delete Account or by emailing [email protected].
- Portability — receive your data in a structured format.
- Restriction & objection — object to or restrict certain processing, including marketing.
- Withdraw consent — at any time, without affecting prior lawful processing.
- Lodge a complaint — with your local data protection authority.
California residents (CCPA/CPRA)
You have the right to know, delete, correct and limit the use of sensitive personal information, and the right not to be discriminated against for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising.
To exercise any right, email [email protected]. We will respond within 30 days.
Account deletion
When you delete your account:
- Your name is replaced with
anonymous-<id>. - Your email is replaced with
anonymous-<id>@anonymous.com. - Avatar, phone, contacts, images, AI chat and device tokens are deleted.
- Shared bills are preserved in anonymized form so other participants retain their history.
10 Security
We implement administrative, technical and organizational safeguards: encryption in transit (TLS), encryption at rest for sensitive fields, hashed passwords (bcrypt), access controls and regular security review. No system is 100% secure. If we discover a breach affecting your data, we will notify you and the relevant authority as required by law.
You are responsible for keeping your password confidential and logging out of shared devices.
11 Device permissions
| Permission | Why |
|---|---|
| Camera | Capture receipt photos for OCR |
| Photo library | Select existing receipt or avatar photos |
| Contacts | Add friends from your address book (processed locally; only matched users uploaded) |
| Microphone | Voice Chat Premium |
| Notifications | Friend requests, expense activity, payment reminders |
| App Tracking Transparency (iOS) | Attribution and deep links via AppsFlyer; optional |
You can revoke any permission from your device settings.
12 Links to other services
The Service may contain links to third-party sites (AppsFlyer OneLinks, payment provider pages, etc.). We are not responsible for those sites' privacy practices. Read their policies before submitting data.
13 Changes to this policy
We may update this policy. Material changes will be notified by in-app banner or email at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.
14 Contact
Questions, requests or complaints?
Email: [email protected]
Mail: SoadTech, LLC — 651 N Broad St, Suite 201, Middletown, DE 19709, United States