Privacy Policy

    Last updated: 2/18/2026

    1. Introduction

    XpensePal ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our expense management and splitting application.

    By using our Service, you agree to the collection and use of information in accordance with this policy.

    2. Information We Collect

    2.1 Personal Information

    We may collect the following personal information:

    • Name and email address (for account creation)
    • Profile information (avatar, currency preferences)
    • Group membership and expense data
    • Payment and settlement information
    • Communication preferences

    2.2 Usage Information

    We automatically collect certain information about your use of the Service:

    • Log data (IP address, browser type, access times)
    • Device information (device type, operating system)
    • Usage patterns and feature interactions
    • Error reports and performance data

    2.3 Financial Information

    We collect financial data related to expense management:

    • Expense amounts and descriptions
    • Group expense allocations
    • Settlement transactions
    • Currency preferences and exchange rates

    3. How We Use Your Information

    We use the collected information for the following purposes:

    • Provide and maintain the Service
    • Process expense calculations and settlements
    • Send notifications and updates
    • Improve and personalize user experience
    • Ensure security and prevent fraud
    • Comply with legal obligations
    • Send marketing communications (with consent)

    4. Information Sharing and Disclosure

    4.1 Within Your Groups

    Expense information is shared with members of your expense groups to facilitate expense splitting and settlement calculations.

    4.2 Service Providers

    We may share information with trusted third-party service providers who:

    • Host our application and databases
    • Process payments and transactions
    • Send emails and notifications
    • Provide analytics and monitoring

    4.3 Legal Requirements

    We may disclose your information if required by law or in response to valid legal requests, such as subpoenas or court orders.

    4.4 Business Transfers

    In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

    5. Data Security

    We implement appropriate security measures to protect your information:

    • Encryption of data in transit and at rest
    • Secure authentication and access controls
    • Regular security audits and updates
    • Employee training on data protection
    • Incident response procedures

    However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

    6. Data Retention

    We retain your information for as long as necessary to:

    • Provide the Service to you
    • Comply with legal obligations
    • Resolve disputes and enforce agreements
    • Improve our services

    You may request deletion of your account and associated data at any time.

    7. Your Rights and Choices

    7.1 Access and Control

    You have the right to:

    • Access your personal information
    • Update or correct your information
    • Delete your account and data
    • Export your data
    • Opt-out of marketing communications

    7.2 Cookies and Tracking

    We use cookies and similar technologies to enhance your experience. You can control cookie settings through your browser preferences.

    7.3 Third-Party Services

    Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites.

    8. International Data Transfers

    Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable laws.

    9. Children's Privacy

    Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

    10. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

    11. Contact Us

    If you have any questions about this Privacy Policy or our data practices, please contact us:

    Email: privacy@xpensepal.com

    Data Protection Officer: dpo@xpensepal.com

    12. GDPR Compliance (EU Users)

    If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

    • Right to data portability
    • Right to erasure ("right to be forgotten")
    • Right to restrict processing
    • Right to object to processing
    • Right to withdraw consent
    • Right to lodge a complaint with supervisory authorities