Splitorium

Privacy Policy

Last Updated: December 24, 2025

            Summary: Splitorium is an expense sharing app. We collect only the data necessary to provide our service, and we do not sell your personal information to third parties.
        

1. Introduction

Splitorium ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

2. Information We Collect

2.1 Information You Provide

Account Information: When you create an account, we collect your email address, username, first name, last name, and password (stored securely using bcrypt hashing).
Profile Information: You may optionally provide a profile photo.
Expense Data: Information about expenses you create, including amounts, descriptions, dates, currencies, and participant details.
Group Information: Names and details of expense groups you create or join.
Payment Records: Records of settlements between group members.
Receipt Images: When you use our receipt scanning feature, we temporarily process receipt images. If you choose to attach a receipt to an expense, the image is stored securely.

2.2 Information Collected Automatically

Device Information: Device type, operating system, and unique device identifiers for sync purposes.
Usage Data: How you interact with the Service for improving user experience.
Log Data: Server logs including IP addresses, timestamps, and API requests for security and debugging purposes.

3. How We Use Your Information

We use your information to:

Provide, maintain, and improve our Service
Process and track expense sharing between users
Send transactional emails (account verification, password resets)
Respond to your comments, questions, and support requests
Monitor and analyze usage patterns to improve the Service
Detect, prevent, and address technical issues and security threats
Comply with legal obligations

4. Email Communications

We send the following types of emails:

Account Verification: One-time email when you sign up to verify your email address.
Password Reset: Email sent only when you explicitly request to reset your password.

We do not send marketing emails or newsletters. All emails from Splitorium are transactional and directly related to your account security.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

With Your Consent: When you explicitly agree to share information.
With Other Users: Expense and group information is shared with other members of your expense groups.
Service Providers: We use AWS for hosting and email delivery. These providers are bound by data protection agreements.
Legal Requirements: When required by law or to protect our rights and safety.

6. Data Security

We implement appropriate security measures including:

Encryption of data in transit (TLS/HTTPS)
Secure password hashing using bcrypt
JWT-based authentication with secure token management
Rate limiting to prevent abuse
Regular security audits and updates

7. Receipt Data & Scanning

Splitorium allows you to scan receipts and attach receipt images to expenses. Here's how we handle your receipt data:

Data Extracted: When you scan a receipt, we extract information such as merchant name, transaction date, amounts, and individual line items using optical character recognition (OCR) technology powered by AWS Textract.
Temporary Processing: Receipt images submitted for scanning are processed in real-time. The scanning service does not retain your receipt images after processing is complete—only the extracted text data is returned to you.
Receipt Attachments: If you choose to attach a receipt to an expense, the image is stored securely in Amazon S3 with restricted access. Only you and members of the associated expense group can view the receipt.
Retention Period: Receipt attachments are stored only for as long as the associated expense exists. When you delete an expense, the attached receipt image is automatically and permanently deleted from our servers.
Manual Removal: You can remove a receipt attachment from any expense at any time through the app. Removed receipt images are permanently deleted and cannot be recovered.
No Third-Party Sharing: We do not share, sell, or provide your receipt images or extracted data to any third parties, except as necessary for processing (AWS services) or as required by law.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

Unverified accounts are automatically deleted after 1 hour if email verification is not completed.

9. Account Deletion

You can delete your account at any time through the app settings. When you delete your account:

Your profile is anonymized – Your name and profile photo are replaced with generic placeholders ("Deleted Account"). This allows other group members to see that a former participant has deleted their account.
Your credentials are removed – Your password is deleted and you will no longer be able to log in.
Your expense history is preserved – To maintain accurate financial records for other group members, your participation in expenses and payments remains visible under the anonymized "Deleted Account" name.
Your groups continue functioning – Groups you created or belong to remain active for other members.

30-Day Revival Period

We retain your email address for 30 days after account deletion. During this period:

You can revive your account by signing up again with the same email address.
Your previous account data will be restored upon successful email verification.

After 30 days, your email address is permanently removed from our systems. Any new signup with that email will create a fresh account with no connection to your previous data.

10. Your Rights

You have the right to:

Access your personal data
Correct inaccurate data
Delete your account and associated data
Remove receipt attachments at any time
Opt out of using receipt scanning (manual expense entry is always available)

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: support@splitorium.com