Skip to content
Expensplit

Legal

Privacy Policy

Effective date: 2026-05-24. This Privacy Policy explains how Expensplit (a product of Futureox Tech) ("Expensplit", "we", "us", "our") collects, uses, shares and protects information when you use the Expensplit mobile application, website and related services (collectively, the "Service").

Your privacy is fundamental to how we build Expensplit. We designed the Service to collect the minimum amount of personal information necessary to make expense splitting work, and we never sell your personal information.

This Privacy Policy applies to all users of Expensplit worldwide and is intended to comply with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, the California Consumer Privacy Act (CCPA/CPRA), the Children's Online Privacy Protection Act (COPPA), and the Google Play Developer Program Policies and Data Safety requirements.

1. Information we collect

We collect information in three categories:

1.1 Information you give us

  • Account information: name, email address, password (stored as a salted hash, never in plain text), and optional profile photo.
  • Expense & group content: the groups you create or join, the expenses and settlements you record, descriptions, categories, amounts, currencies, dates, notes, and (optionally) attached receipt images.
  • Contact data: if you invite others by email, we use that email solely to send the invite. We do not import your phone's contact list.
  • Support communications: if you contact us, we receive your email address and any information you choose to send.

1.2 Information collected automatically

  • Device & technical data: device model, operating system version, app version, language, time zone, and a non-resettable installation ID we generate ourselves (we do not use Google Advertising ID).
  • Log & diagnostic data: IP address (stored only transiently for rate-limiting and security), request timestamps, HTTP status codes, and crash reports.
  • Authentication tokens: JWT access and refresh tokens stored securely on your device (Android Keystore on mobile, browser secure storage on web) so you stay signed in.

1.3 Information from third parties

We do not buy personal information from data brokers. If you sign in using a third-party provider in future (e.g., Google Sign-In), that provider will share basic profile information (name, email) per the consents you grant.

2. How we use your information

We use the information we collect to:

  • provide, operate, maintain and improve the Service;
  • create and secure your account and authenticate you;
  • show you groups, expenses, balances, settlements and analytics;
  • send transactional emails (invites, password reset, account changes);
  • respond to your support requests and feedback;
  • detect, prevent and address fraud, abuse, security and technical issues;
  • comply with legal obligations and enforce our Terms & Conditions.

We do not use your data for advertising or behavioural profiling. The app shows no third-party ads and uses no ad-tech SDKs.

3. Legal bases for processing (GDPR)

  • Performance of a contract (Art. 6(1)(b)) — to deliver the Service you signed up for.
  • Legitimate interests (Art. 6(1)(f)) — to keep the Service secure, prevent abuse, and improve features. We balance this against your rights and freedoms.
  • Consent (Art. 6(1)(a)) — for any optional features that explicitly request consent (e.g., crash reporting on iOS, push notifications).
  • Legal obligation (Art. 6(1)(c)) — when required by law.

4. How we share information

We share personal information only in the limited circumstances below, and never sell it.

  • With other group members: when you add an expense or settlement, the other members of that group can see your name, profile photo, the amount, description, category and date. This is the inherent purpose of a shared expense.
  • Service providers (sub-processors): cloud hosting (e.g., AWS / DigitalOcean), transactional email (e.g., Postmark / SendGrid), and crash reporting. They process data only on our instructions, under data-processing agreements.
  • Legal & safety: if required by law, regulation, legal process, governmental request, or to protect rights, property or safety.
  • Business transfers: if Expensplit is involved in a merger, acquisition or asset sale, your information may transfer subject to this Privacy Policy.

5. Data retention

We retain account and expense data for as long as your account is active. If you delete your account, we delete or anonymise your personal information within 30 days, except where we are required to retain it for legal or accounting purposes (in which case it is restricted from active use). Backups are purged on a rolling cycle that does not exceed 90 days.

6. Data security

  • All network traffic between the app and our servers uses TLS 1.2+.
  • Passwords are hashed using bcrypt with per-user salts.
  • Authentication uses short-lived JWT access tokens with refresh-token rotation.
  • Database access is restricted to authorised personnel and audited.
  • We follow the principle of least privilege internally.

No method of transmission or storage is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security.

7. International data transfers

Expensplit operates globally. Your information may be processed in countries other than your own. When we transfer personal data out of the EEA/UK, we rely on Standard Contractual Clauses (SCCs) and equivalent safeguards approved by the European Commission and the UK ICO.

8. Your rights & choices

Subject to local law, you have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erase your data (the “right to be forgotten”);
  • restrict or object to processing;
  • port your data to another service in a machine-readable format;
  • withdraw consent at any time (where processing is based on consent);
  • lodge a complaint with your local data protection authority.

California residents have additional rights under the CCPA/CPRA, including the right to know what categories of personal information we collect and disclose, the right to deletion, the right to correct, the right to opt out of “sales” and “sharing” (we do neither), and the right not to be discriminated against for exercising these rights.

To exercise any of these rights, email privacy@futureoxtech.com or use the in-app settings. We respond within 30 days.

9. Account & data deletion

You can permanently delete your Expensplit account and associated personal data at any time:

Deletion removes your account credentials, profile, personal expenses, settlement history, notifications and support tickets. Expenses you authored within groups you shared with others may be retained in those groups (with your name replaced by “Deleted user”) so other members' records remain balanced. Backups are purged on a rolling cycle within 90 days.

10. Children's privacy

Expensplit is not directed to children under 13 (or under 16 in the EEA / UK where applicable). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at privacy@futureoxtech.com and we will promptly delete it.

11. Permissions we request on Android

The Expensplit Android app requests the following permissions. Each is requested only when needed for the feature you use, and you may decline or revoke at any time in your device settings.

  • Internet — required to sync your data with our servers.
  • Camera (optional) — to scan a QR code to join a group, or to capture a receipt photo to attach to an expense. Images are stored only with the expense and only shared with members of that group.
  • Photos / Storage (optional) — to pick a profile picture or attach a receipt from your gallery.
  • Notifications (optional) — to alert you when someone adds an expense, settles up, or invites you to a group.
  • Biometric (optional, future) — for app-lock convenience. Biometric data never leaves your device.

12. Google Play Data Safety summary

For transparency, the table below summarises what we declare in Google Play Data Safety.

  • Data collected: Name, Email, User IDs, App interactions, Crash logs, Diagnostics, Photos (optional, only if you attach), Financial info (expense amounts and currency — not payment card or bank account data).
  • Purpose: App functionality, Account management, Analytics (own service only), Fraud prevention & security, Personalisation of your own data view.
  • Sharing: No data sold to third parties. Limited sharing with sub-processors strictly to operate the Service.
  • Security practices: Data encrypted in transit, data encrypted at rest, you can request deletion, we follow Play Families Policy if applicable.

13. Third-party services

We use the following service providers. Each is bound by a data-processing agreement and handles data only on our instructions:

  • Cloud hosting & database — for storing your account and expense data.
  • Transactional email — for invites, password resets, and account notifications.
  • Push notifications — for real-time alerts (Firebase Cloud Messaging on Android).
  • Crash reporting — to detect and fix crashes (anonymised stack traces only).

Our website (this site) does not use third-party advertising trackers. We may use privacy-respecting, cookieless analytics for aggregate site metrics.

14. Cookies & similar technologies

Our website uses only strictly necessary cookies for security and preferences. For details, see our Cookie Policy.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you in the app and/or by email at least 14 days before the changes take effect. The “Effective date” at the top of this page indicates when the latest version became effective. Continued use of the Service after the effective date constitutes acceptance.

16. Contact us

For any questions, requests, or complaints about this Privacy Policy or our handling of your personal information, please contact:

If you are in the EEA/UK and we have not addressed your concern to your satisfaction, you may lodge a complaint with your local Data Protection Authority.