Privacy Policy - EasiSplit

1. Introduction

EasiSplit operates the EasiSplit expense splitting platform ("Service"). This Privacy Policy describes how we collect, use, and protect your personal information when you use our Service. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

EasiSplit is operated as a sole trader business registered in England and Wales. For data protection purposes, we act as the data controller of your personal information.

2. Information We Collect

2.1 Information You Provide

Account information: name, email address, username, password
Profile information: display name, profile picture, default currency
Expense data: transaction amounts, descriptions, categories, dates
Group information: group names, member details, expense sharing arrangements
Payment information: processed securely through Stripe (we do not store full payment card details)
Communications: messages sent through our support channels

2.2 Information We Collect Automatically

Device information: IP address, browser type, operating system
Usage data: pages visited, features used, time spent on the platform
Technical data: error logs, performance metrics
Cookies and similar technologies (see our Cookie Policy below)

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Provision (Legal Basis: Contract Performance)

Creating and managing your account
Processing and tracking expenses and settlements
Enabling group creation and member management
Processing payments through Stripe
Providing customer support

3.2 Legal Obligations (Legal Basis: Legal Obligation)

Compliance with tax and accounting requirements
Fraud prevention and security
Compliance with payment regulations

3.3 Legitimate Interests (Legal Basis: Legitimate Interest)

Improving our Service through analytics
Sending service-related communications
Maintaining system security and integrity

3.4 With Your Consent (Legal Basis: Consent)

Marketing communications (you may opt out at any time)
Optional analytics and performance tracking

4. Information Sharing

We share your information only in the following circumstances:

4.1 With Other Users

Within expense groups, your name, expenses, and settlement information are visible to other group members as necessary for the expense splitting functionality.

4.2 Service Providers

Stripe: Payment processing (subject to Stripe's Privacy Policy)
Supabase: Database and hosting services
Email providers: For transactional emails only

4.3 Legal Requirements

We may disclose your information if required by law, regulation, or legal process, or to protect the rights, property, or safety of EasiSplit, our users, or others.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

Data encryption in transit and at rest
Regular security assessments and updates
Access controls and authentication requirements
Secure payment processing through Stripe's PCI DSS compliant infrastructure
Regular backups and disaster recovery procedures

6. Data Retention

We retain your personal information for as long as necessary to:

Provide our Service to you
Comply with legal obligations (typically 7 years for financial records)
Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal information:

Right of access: Request a copy of your personal information
Right to rectification: Correct inaccurate or incomplete information
Right to erasure: Request deletion of your personal information
Right to restrict processing: Limit how we use your information
Right to data portability: Receive your data in a machine-readable format
Right to object: Object to processing based on legitimate interests
Right to withdraw consent: Where processing is based on consent

To exercise these rights, contact us at hello@easisplit.com. We will respond within one month of your request.

8. International Data Transfers

Our Service infrastructure is primarily located within the UK and EU. Where we transfer data outside the UK/EU, we ensure appropriate safeguards are in place, including:

Data Processing Agreements with adequate protection clauses
Transfers only to countries with adequate protection decisions
Standard contractual clauses where required

9. Cookies and Tracking

We use cookies and similar technologies to:

Keep you logged in to your account
Remember your preferences and settings
Analyze usage patterns to improve our Service
Ensure security and prevent fraud

You can control cookies through your browser settings. However, disabling certain cookies may affect your ability to use some features of our Service.

10. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email.

12. Contact Information

Data Controller: EasiSplit (Sole Trader)
Email: hello@easisplit.com
Subject Line for Privacy Matters: "Privacy Policy Inquiry

If you have concerns about how we handle your personal information, you also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection authority.

ICO Contact:
Website: ico.org.uk
Helpline: 0303 123 1113