Privacy Policy
Effective Date: [DATE_OF_FIRST_PUBLICATION] Last Updated: [DATE_OF_FIRST_PUBLICATION] Version: 1
Friend & Finances ("Friend & Finances", "we", "us", or "our") is a mobile application that helps you split bills with friends. This Privacy Policy describes the personal information we collect, how we use it, who we share it with, and the choices you have. This policy applies to your use of Friend & Finances on iOS.
Friend & Finances is currently available only in the United States and is intended only for users physically located in the United States.
1. Quick summary
- What we collect: information you provide when you create your profile (name, username, phone number, optional payment-app handles), the bills you create and the people you share them with, and basic device information needed to make the app work.
- What we don't: advertising identifiers, browsing history outside the app, contact lists, photos, location, health data, biometrics, or any payment card / bank account information.
- Why we collect it: to operate the app — let you sign in, find friends, split bills, and keep them in sync across your devices.
- Who we share it with: the cloud provider that hosts our database (Supabase) and the sign-in providers you choose (Apple or Google). We never sell or rent your personal information to anyone, and we don't share it with advertisers.
- What rights you have: you can view what we have about you, correct it, download a copy, or delete your account entirely from within the app.
- How to contact us: support@friendsandfinances.app.
The rest of this document fills in the details.
2. Information we collect
Information you provide
When you create an account:
- Sign-in identifier — either an Apple ID (the email Apple shares with us, which may be a relay address) or a Google account email. We do not see your Apple ID password or Google password.
- Profile information — display name, unique username (the @handle others use to find you), profile emoji, and your phone number (verified via a one-time SMS code).
- Payment-app handles (optional) — your Venmo username and/or Cash App $cashtag, if you choose to add them. We never receive or store your payment card numbers, bank account information, or balances. The handles are used only to construct deep-link URLs (e.g. "open Venmo prefilled to pay this friend $24.50"); the actual payment happens in the third-party app, outside of Friend & Finances.
When you use the app:
- Bills you create — the bill name, date, subtotal/tax/tip amounts, who was at the bill, who hosted it, line items (for itemized splits), coverage between people, and settlement state.
- People you split with — for friends already on Friend & Finances we store the friendship relationship. For people you add as guests we store a guest profile that you own (name, optional phone, emoji) so you can include them on bills.
- Friend requests — incoming and outgoing.
- Soft IOUs — informal records that someone covered someone else's share on a bill. Settling these is optional.
- Reports and blocks — if you report or block another user, we store the report (your account, the reported account, your stated reason) and the block relationship so we can hide the blocked user from your view.
Information collected automatically
- Device identifier — a Supabase-managed authentication token tied to your sign-in session. This isn't a hardware identifier and we don't use it for advertising.
- Basic operational logs — error reports and the timestamps of API requests, used to diagnose failures and protect against abuse. These do not include the contents of your bills or your friends list.
Information we do not collect
- Your location, your contacts, your photo library, your microphone, your camera, your health data, your motion data, or anything tied to advertising identifiers.
- Your payment card numbers, bank account information, debit/credit card data, or balances in any payment app.
- The contents of SMS messages sent through Friend & Finances (those go from your phone to your friend's phone through Apple's Messages app — we never see them).
3. How we use your information
We use the information we collect only to:
- Operate, maintain, and improve Friend & Finances — show you your bills, sync them across your devices, find friends by handle or phone, send and receive friend requests, present settle and reminder actions.
- Verify your phone number at signup so other users can find you by their contacts (and so that the same person can't claim multiple accounts with the same number).
- Protect the service — detect and respond to abuse, enforce our Terms of Service, respond to reports about other users, and honor blocks you've created.
- Comply with legal obligations — respond to lawful requests from government authorities and to enforce our agreements.
We do not use your information for advertising, behavioral profiling, cross-app tracking, or to train machine-learning models.
4. How we share your information
We share information only with the small set of service providers we need to operate the app, and never with advertisers or data brokers.
| Recipient | What they receive | Why |
|---|---|---|
| Supabase Inc. (our cloud database + authentication provider) | All the data described in §2 above. | Stores your profile and bills. Their privacy practices are governed by Supabase's own privacy policy. |
| Apple (if you sign in with Apple) | Your sign-in event and the relay email Apple shares with us. | Authentication only — we don't share your bill data with Apple. |
| Google (if you sign in with Google) | Your Google email and basic OAuth profile information. | Authentication only — we don't share your bill data with Google. |
| Twilio (or our SMS provider as it stands at launch) | Your phone number, for the duration of the one-time SMS code at signup. | Phone verification only — we don't send marketing messages via SMS. |
| You and people you choose | The bills you share with them and your profile information. | The whole point of the app. |
We may also share information:
- In a merger, acquisition, or business transfer — if Friend & Finances is acquired or merged, your information may be transferred to the new owner subject to this Privacy Policy (or one substantially similar).
- In response to legal process — if we receive a valid subpoena, court order, or other legal demand we believe we must comply with.
- To protect rights and safety — to investigate potential violations of our Terms of Service, or to protect you, other users, or the public from harm.
We do not sell your personal information and we do not share it for cross-context behavioral advertising under the CCPA, VCDPA, CPA, CTDPA, UCPA, TDPSA, or any comparable state law. We have not sold personal information in the preceding 12 months and have no plans to.
When you tap "Settle" or "Remind"
- Settle opens Venmo or Cash App with the payment details prefilled. From that point on Venmo or Cash App receives the recipient, amount, and memo. Their privacy policies (not ours) govern that interaction.
- Remind opens Apple's Messages app with the reminder text prefilled. You manually tap send. Apple processes the message according to their SMS routing; we do not see the contents.
5. Your privacy rights
You have the following rights regardless of which state you live in, and U.S. state privacy laws (California's CCPA/CPRA, Virginia's CDPA, Colorado's CPA, Connecticut's CTDPA, Utah's UCPA, Texas's TDPSA, and similar acts) reinforce them for residents of those states.
- Right to know — you can ask us what personal information we have about you and how we use it. Use Account → Download my data in the app to receive a JSON export containing every record tied to your account.
- Right to access (data portability) — the same "Download my data" action gives you a machine-readable JSON file you can move to another service.
- Right to correct — go to Edit Profile to update your display name, emoji, and payment handles. Your username and phone number are locked after registration to prevent account-takeover and to keep friend-finding stable; contact us at support@friendsandfinances.app if you need to change them.
- Right to delete — go to Edit Profile → Delete Account. This permanently removes your profile, the bills you hosted, and the IOU records other people have with you. Friends will still see settled bills you shared with them, but your name will be removed.
- Right to opt out of sale or sharing — we don't sell or share your personal information for cross-context behavioral advertising. There is nothing to opt out of.
- Right to non-discrimination — Friend & Finances doesn't offer different pricing or features based on whether you exercise these rights.
- Right to appeal — if we deny one of your requests, you can appeal by emailing support@friendsandfinances.app with the subject "Privacy rights appeal." We will respond within 45 days.
To exercise any of these rights, use the in-app actions where available or email us at support@friendsandfinances.app. We may need to verify that the request is actually coming from you — typically by confirming you can log in to the account in question.
6. Data retention
We keep your personal information for as long as you have an active account. When you delete your account:
- Your profile (name, username, phone, payment handles) is removed within 30 days.
- Bills you created are removed; the bills you participated in on someone else's account remain visible to that host, but your name is anonymized.
- Reports you filed remain in our system for safety review for up to 12 months.
- Backups containing your data are aged out within 90 days of deletion.
We may retain a minimal record of the fact that your account was deleted (the account ID and a deletion timestamp) for compliance and to prevent the same identifier from being reused.
7. Security
We host our data with Supabase, which provides encryption in transit (TLS 1.2+) and encryption at rest (AES-256). We restrict access to the production database to a small number of authorized administrators. We use Row Level Security policies so that each user can read only their own data and the data they're entitled to see.
No system is 100% secure. If you suspect your account has been accessed without your authorization, please email us immediately at support@friendsandfinances.app.
8. Children
Friend & Finances is not intended for and is not directed at children under 13. Our Terms of Service require all users to be at least 13 years old. We do not knowingly collect personal information from a child under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@friendsandfinances.app and we will delete the information promptly.
9. International users
Friend & Finances is intended only for users in the United States. We do not offer the service in the European Economic Area, the United Kingdom, Switzerland, Canada, or any other jurisdiction outside the U.S., and we have not designed the app to comply with the privacy laws of those regions. If you are outside the United States, please do not use Friend & Finances.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top and, for material changes, we will require you to acknowledge the new version the next time you open the app. Your continued use of Friend & Finances after the new policy takes effect constitutes your agreement to it.
11. Contact us
If you have questions or want to exercise a privacy right:
Friend & Finances support@friendsandfinances.app
We will respond to verifiable consumer requests within 45 days, as required by U.S. state privacy laws.