Privacy Policy

1. Information We Collect

We collect the following information to provide and improve the Cost Share service:

• Account Information: Your name, email address, and profile photo when you create an account (via email/password, Apple Sign-In, or Google Sign-In).
• Expense & Group Data: Expenses you log, amounts, descriptions, categories, notes, groups you create or join, recurring expense templates, and balances between you and other users.
• Camera & Photos: If you use the receipt scanning feature, we temporarily access your camera or photo library to process the receipt image. The image is sent to Google Gemini AI for text extraction and is not permanently stored on our servers after processing.
• Receipt Scan Data: When you scan a receipt, we store the extracted data (merchant name, item descriptions, amounts, totals) in your personal receipt history to power app features like re-scanning and expense suggestions. You may also opt in to share anonymized receipt data to help us improve the service — this is strictly opt-in and can be disabled in app settings at any time. We do not collect or store payment card details.
• Biometric Data: If you enable Face ID or Touch ID, biometric authentication is handled entirely by your device's operating system (iOS). We never access or store your biometric data.
• Device Identifiers & Notifications: A push notification token and related delivery metadata so we can send you alerts (for example, when a friend adds an expense, settles up, or sends you a payment reminder). We also store reminder schedules you configure (for premium automated group reminders) and a log of reminder events to enforce rate limits and investigate abuse.
• Purchase & Subscription Data: If you subscribe to Cost Share Pro, your subscription status and purchase history are managed by RevenueCat and the App Store / Google Play. We receive confirmation of your entitlement status but do not store your payment card details.
• Usage Data: Basic analytics such as app version, device type, and crash reports to help us fix bugs. This data is anonymized and never linked to your identity.

2. How We Use Your Information

We use the collected information exclusively to operate the Cost Share service:

• To create and manage your account
• To enable expense splitting, group management, balance tracking, and recurring expenses
• To process receipt images using AI and return extracted data to you
• To send you push notifications about expense activity relevant to you, including manual and scheduled payment reminders initiated by other users
• To enforce reminder rate limits, prevent abuse, and respond to reports of harassing reminders
• To manage your subscription and premium feature access
• To allow other users you invite to find you by name within the app
• To diagnose and fix bugs and crashes
• To improve receipt parsing accuracy (only if you have opted in to data sharing)

We do not sell, trade, or rent your personal information to third parties. We do not use your data for advertising.

3. Push Notifications & Reminders

Cost Share uses push notifications to keep you informed about shared expenses. Other users may send you manual payment reminders, and premium subscribers may schedule automated reminders for group members who owe them money according to in-app balances.

What we process: Your device push token, notification preferences, reminder schedules you create, and metadata about reminder events (such as sender, recipient, group, and timestamp). Reminder notifications may include the sender's display name and the amount owed as shown in the app.

Why we process it: To deliver notifications you expect from the service, to operate scheduled reminders you authorize, and to protect users through rate limits and abuse investigation. Our lawful bases under the GDPR are performance of our contract with you and legitimate interests in operating a safe service; where local law requires consent for certain notifications, you may withdraw consent through your device settings.

• Opt out: You can disable push notifications at any time in your device's system settings. This stops delivery to your device but does not delete expense data visible in the app.
• If you receive unwanted reminders: You may contact us at support@cost-share.app to report harassment or abuse. We may investigate, apply rate limits, or restrict reminder features for the sender. We are not able to mediate personal disputes, but we take misuse of our notification system seriously.
• Third-party delivery: Push messages are delivered through Apple Push Notification service (APNs), Google Firebase Cloud Messaging (FCM), and Expo's notification infrastructure, each subject to their own privacy policies.

4. Third-Party Services

We use the following third-party services to operate Cost Share:

• Supabase — Cloud database and authentication provider. Your account data and expense records are stored securely in Supabase's infrastructure. Supabase Privacy Policy.
• Google Gemini AI — Used to process receipt images and extract expense data. Receipt images are sent to Google's Gemini API for analysis and are subject to Google's data handling policies. Google Privacy Policy.
• RevenueCat — Subscription and in-app purchase management. RevenueCat processes your subscription status and purchase events. RevenueCat Privacy Policy.
• Apple Sign-In — If you choose to sign in with Apple, Apple authenticates you and may share a pseudonymous identifier with us. Apple Privacy Policy.
• Google Sign-In — If you choose to sign in with Google, Google authenticates you and shares your name, email, and profile photo with us to create your account. Google Privacy Policy.
• Expo / Expo Notifications — We use Expo's push notification infrastructure to deliver in-app alerts. Expo Privacy Policy.

5. Data Sharing Program (Opt-In)

We offer an optional data sharing program that allows you to contribute anonymized receipt data to help improve our AI receipt parsing. This program is strictly opt-in — it is not enabled by default. You can enable or disable it at any time in the app settings under your profile.

When enabled, anonymized receipt data (merchant names, item descriptions, amounts) is stored without any link to your identity or account. Your personal information, group data, and expense assignments are never included in shared data.

6. Data Retention

We retain your personal data for as long as your account is active. Reminder schedules and abuse-investigation logs are kept only as long as needed for the feature and safety purposes, typically no longer than your account is active. If you delete your account, we will delete your personal information, expense data, and receipt history within 30 days. Anonymized, aggregated data that cannot be linked to you may be retained for service improvement purposes. Subscription and transaction records may be retained as required by applicable law.

7. Your Rights & Choices

• Access & Correction: You can update your name and profile photo at any time from the app settings.
• Delete Account: You may delete your account directly from the app settings, which will remove your personal data within 30 days. You may also request deletion by contacting us at support@cost-share.app.
• Data Sharing Opt-Out: You can disable the optional data sharing program at any time in app settings.
• Push Notifications & Reminders: You can disable push notifications at any time via your device's system settings. If you receive harassing reminders, contact us at support@cost-share.app. You may object to processing based on legitimate interests where applicable (see Section 3).
• Camera Access: Camera permissions can be revoked at any time in your device settings.
• GDPR / CCPA Rights: If you are located in the European Economic Area or California, you may have additional rights including the right to access, portability, restriction of processing, and objection to processing. Contact us at support@cost-share.app to exercise these rights.

8. Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• All data is transmitted over HTTPS/TLS encryption
• Passwords are never stored in plaintext — authentication is handled via Supabase
• Database access is protected by Row-Level Security (RLS) policies
• Sensitive app data is encrypted at rest using hardware-backed secure storage on supported devices
• API keys and secrets are stored server-side and never exposed to the client

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and encourage you to use strong, unique passwords and enable device-level security features.

9. Children's Privacy

Cost Share is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it immediately. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@cost-share.app.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by updating the "Last updated" date at the top of this page and, where appropriate, notifying you via push notification or email. Continued use of the app after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at: