Last updated: March 14, 2026
Your privacy is important to us. This policy explains how we collect, use, and protect your data.
PureSplit is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable privacy laws. This policy describes how we handle your personal information. The data controller under GDPR is Maksymilian Olowski operating as a private individual (see Imprint). No data protection officer has been appointed.
We collect the minimum data necessary to provide our service:
Your data is used exclusively to:
Processing is based on Art. 6(1)(b) GDPR (contract performance) for providing the service, Art. 6(1)(f) GDPR (legitimate interest) for security measures such as Turnstile, and Art. 6(1)(c) GDPR where statutory retention obligations apply.
We do not sell, rent, or trade your personal information. Your expense data is only visible to members of groups you create or join. We only share data with third parties when required by law.
The application and database are hosted in Germany (Nuremberg). Your data is stored on secure servers. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, or destruction.
Under GDPR, you have the following rights:
You can exercise these rights through the Settings page in your account.
You have the right to lodge a complaint with a supervisory authority (e.g., your local data protection authority).
We retain your data only as long as necessary to provide our services. When you delete your account, all your personal data is permanently removed from our systems.
We use only essential cookies required for authentication and session management. We do not use tracking cookies, analytics, or advertising cookies.
We use Cloudflare Turnstile on our login and registration pages to protect against bots and automated abuse. Turnstile is a privacy-preserving CAPTCHA alternative that may collect minimal client-side signals (such as IP address, TLS fingerprint, and browser data) solely to distinguish human users from bots. This data is processed by Cloudflare, Inc. and is used exclusively for security purposes—not for advertising or profiling. As the website operator, we act as the data controller for this processing. For more information about Turnstile and Cloudflare's data practices, see Cloudflare's Turnstile Privacy Policy: https://www.cloudflare.com/privacypolicy/
If you choose "Continue with Google" when signing in or registering, Google will process authentication data and provide us with basic profile information (such as your name, email address, and profile image) needed to create or access your account. We do not receive your Google password. This processing only occurs when you actively choose Google Sign-In. For more information, see Google's Privacy Policy: https://policies.google.com/privacy
We use Resend (Resend, Inc., USA) to send emails such as verification emails, group invitations, settlement notifications, and payment reminders. Recipient addresses and email content are transmitted to Resend. Resend processes this data solely as a processor on our behalf. When data is transferred to the USA, appropriate safeguards (e.g., Standard Contractual Clauses) apply. For more information: https://resend.com/legal/privacy-policy
We use selected subprocessors to deliver the service: - Cloudflare Turnstile (Cloudflare, Inc., USA) for bot protection - Google OAuth / Sign-In (Google LLC, USA) when you choose Google authentication - Resend (Resend, Inc., USA) for transactional email delivery - Hosting infrastructure operated by us via Coolify on servers in Germany (Nuremberg) Where personal data is transferred to countries outside the EU/EEA (such as the USA), we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) where required, and additional technical/organizational protections.
We may update this policy from time to time. We will notify you of any significant changes via email or through the application.
For any privacy-related questions or to exercise your GDPR rights, please use the data management tools in your account settings or contact us directly (email: maksolowski@live.de).