Privacy & Cookies · Split the List

Split the List ("the Service") is a free app for tracking your own and shared expenses. We try to handle your data the way we'd want our own data handled — collect as little as we can, keep it secure, and never sell or trade it. This page explains exactly what we collect, why, and what we don't do with it.

1. What we collect

We collect only what the Service needs to work:

Account info: the email address you sign up with, a password (stored hashed — we never see your real password), and a display name you choose.
What you type into the app: the lists, expenses, items, dates, notes, and any other text or numbers you enter. This is the whole point of the app.
Receipt images you choose to upload (up to 5 per expense). Stored privately and visible only to members of the list the receipt belongs to.
Basic technical info sent by your browser on every request — IP address, browser version, referring URL. We don't store these long-term; they appear in server logs and rotate out within days.

We do not collect or store anything you didn't type or upload — no contacts, no calendar, no location, no microphone, no biometric data.

2. How we use it

To run the app: showing you your lists, your shares, your bucket items.
To sign you in: matching your email + password against our auth records.
To send you transactional emails — sign-up confirmation, password reset, list-invite delivery. That's it.
To enforce free-tier and Pro-tier limits, when applicable.

3. What we don't do

We want to be loud about this part because it matters:

We don't sell, rent, trade, or share your data with advertisers.
We don't run ads.
We don't use your data to train AI models.
We don't embed third-party analytics, tracking pixels, or behavioral trackers.
We don't send marketing emails — only transactional ones related to your account.
We don't share your data with anyone outside the sub-processors listed in section 5, all of which exist only to keep the app running.

4. Receipt scanning runs on your device

When you attach a receipt to an expense, the app uses an open-source library (Tesseract.js) to read the receipt and auto-fill the vendor and amount. The OCR happens in your browser — the image is never sent to a third-party recognition service. If you choose to save the receipt with the expense, the file itself is uploaded to our private storage so you (and other members of that list) can view it later.

5. Who else handles your data

To run the app we use the following sub-processors. Each one only gets the data it needs to do its job, and is bound by its own privacy and security obligations:

Supabase (database, authentication, file storage). Your account credentials, app data, and receipts live in a Supabase project we manage.
Vercel (web hosting). Vercel serves the app to your browser and keeps short-lived request logs for reliability and security.
Your email provider receives transactional emails we send (sign-up confirmation, password reset, list invites) via Supabase's built-in email delivery.

6. Cookies

We use the minimum set of cookies the app needs to keep you signed in. No analytics cookies, no marketing cookies, no third-party cookies.

Authentication cookies (set by Supabase's session SDK). They're marked HttpOnly and Secure so they aren't accessible to JavaScript and only travel over HTTPS. Without them you'd have to sign in on every page load. They expire when your session ends or you sign out.
A small preference cookie may be used to remember non-sensitive UI state (e.g. whether you've already seen the welcome guide). No personal data is stored in it.

You can clear these at any time from your browser settings — clearing them just signs you out. Because none of our cookies are used for advertising or cross-site tracking, we don't show a cookie consent banner: there's nothing for you to consent to beyond "please keep me signed in."

7. Your rights

Access: everything we have about you is visible in the app. There's no hidden profile.
Edit: you can change your display name, email, and password from the profile menu.
Delete: from your profile menu, choose Delete account. Your personal data (private lists, entries, receipts) is permanently removed; shared lists you own transfer ownership to the longest-tenured other member so the group history isn't destroyed. Your email is released so you (or anyone else) can sign up with it again later.

8. Children's privacy

The Service is intended for users aged 13 and over. We don't knowingly collect data from children under 13. If you believe we have collected data from a child under 13, please reach out so we can delete it.

9. Changes

We may update this policy as the app evolves. The Last updated date above always reflects the most recent change. We won't suddenly start collecting more data without saying so here first.

10. Contact

Questions about this policy, or a request to delete data: open the app's profile menu → Delete account for the self-serve path, or contact us through the GitHub repository.