Privacy Policy

Last Updated: November 15, 2025

1. Introduction

Welcome to Sunny Splits ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

We are committed to protecting your privacy and ensuring transparency about our data practices. This Privacy Policy is incorporated by reference into our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly

When you use the App, you may provide us with the following information:

• Bill and Receipt Data: Receipt images you capture or import, bill amounts, tax rates, tip percentages, item names and prices, and other financial information you enter

• Person Information: Names and emoji identifiers you assign to people splitting bills

• Group Information: Names and configurations of payment groups you create

• Gift Card Information: Gift card amounts you apply at person, group, or bill levels

• Payment Information: Payment identifiers (such as Venmo handles) you include in share messages

2.2 Information Collected Automatically

When you use the App, we automatically collect certain information:

• Usage Analytics: How you interact with the App's features, which split methods you use, session duration, and frequency of use

• Device Information: Device type, operating system version, and device identifiers

• Performance Data: App performance metrics, error logs, and crash reports

• Location Information: General location data at device or regional level (not precise location)

2.3 Information from Third-Party Services

• Microsoft Azure Document Intelligence: When you scan receipts, images are processed by Azure's AI services to extract text, items, and pricing information

• PostHog Analytics: Usage analytics data is collected and processed by PostHog in accordance with their privacy practices

3. How We Use Your Information

We use the information we collect for the following purposes:

• Core App Functionality: To process receipts, calculate bill splits, assign items to people, and generate payment breakdowns

• Service Improvement: To analyze usage patterns, identify bugs, and improve app performance and user experience

• Analytics: To understand how users interact with the App and which features are most valuable

• Communication: To respond to your inquiries and provide customer support

• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. How We Share Your Information

4.1 Third-Party Service Providers

We share information with the following third-party service providers:

• Microsoft Azure Document Intelligence: Receipt images are transmitted to Azure servers for AI-powered text extraction and receipt analysis. Azure processes this data in accordance with their data processing terms and complies with GDPR, HIPAA, SOC, and ISO standards. All data is encrypted both in transit (TLS) and at rest (AES-256).

• PostHog: Analytics data is shared with PostHog for usage analysis. PostHog implements privacy controls including data anonymization and masking of sensitive information.

4.2 Data Sharing Limitations

We do not:

• Sell your personal information to third parties

• Share your receipt images or bill data with advertisers

• Use your data to train AI models beyond the receipt processing described above

• Share your information except as described in this Privacy Policy

4.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a legal process.

5. Data Storage and Retention

5.1 Local Storage

The App stores data locally on your device using SwiftData, including:

• People, items, and bill split configurations

• Receipt processing results

• Group configurations

• App settings and preferences

This data remains on your device and is not automatically transmitted to our servers.

5.2 Cloud Processing

• Receipt Images: When you scan a receipt, the image is temporarily transmitted to Microsoft Azure for processing. Images are retained in accordance with Azure's data retention policies.

• Analytics Data: Analytics data collected by PostHog is retained according to PostHog's data retention policies.

5.3 Data Deletion

• You can delete locally stored data by uninstalling the App or clearing app data through your device settings

• To request deletion of data processed by third-party services (Azure, PostHog), contact us at the address provided in Section 10

• We will process deletion requests within 30 days, subject to any legal obligations to retain certain data

6. Your Privacy Rights

6.1 General Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: Request access to the personal information we hold about you

• Right to Correction: Request correction of inaccurate or incomplete information

• Right to Deletion: Request deletion of your personal information

• Right to Restrict Processing: Request that we limit how we use your information

• Right to Data Portability: Request a copy of your data in a portable format

• Right to Object: Object to certain types of processing

6.2 Analytics Opt-Out

You may opt-out of analytics collection at any time through the App's settings. When you opt-out:

• PostHog analytics collection will be disabled

• We will stop collecting usage analytics data

• Previously collected analytics data will be handled according to PostHog's retention policies

6.3 Exercising Your Rights

To exercise any of these rights, contact us at the address provided in Section 10. We will respond to your request within 30 days.

7. Special Provisions for EU Users (GDPR)

If you are located in the European Union, we implement the following protections:

• Legal Basis: We process your data based on your consent and our legitimate interest in providing and improving the App

• Consent: We obtain your consent before collecting analytics data

• Data Minimization: We collect only the data necessary for App functionality

• Anonymization: We use anonymized analytics where possible

• Data Protection Officer: For GDPR-related inquiries, contact us at the address in Section 10

• Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority

8. Special Provisions for California Users (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to know what personal information we collect, the sources of that information, the business purposes for collection, and the categories of third parties with whom we share information

• Right to Delete: You have the right to request deletion of your personal information (subject to certain exceptions)

• Right to Opt-Out: You have the right to opt-out of the sale of personal information (we do not sell your personal information)

• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise your CCPA rights, contact us at the address provided in Section 10.

9. Children's Privacy

The App is not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

10. Security Measures

We implement reasonable security measures to protect your information:

• Encryption: Data transmitted to Azure and PostHog is encrypted in transit using TLS

• Secure Storage: Azure stores data encrypted at rest using AES-256

• Access Controls: We limit access to your information to employees and service providers who need it to perform their duties

• Regular Updates: We regularly update the App to address security vulnerabilities

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. Specifically:

• Azure Services: Data may be processed in Microsoft Azure data centers located in various countries

• PostHog Services: Analytics data may be processed by PostHog in various locations

By using the App, you consent to the transfer of your information to these countries. We ensure that appropriate safeguards are in place, including:

• Standard contractual clauses

• Compliance with applicable data protection laws

• Encryption of data in transit and at rest

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy in the App

• Updating the "Last Updated" date at the top of this policy

• Providing notice through the App or via email for significant changes

Your continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: alyssa@sunnysplits.com
Mailing Address:
LOBSTER MAIDEN INDUSTRIES, LLC
217B 23rd Ave, Seattle, WA 98122
United States

We will respond to your inquiries within 10 business days.

14. Third-Party Privacy Policies

This Privacy Policy applies only to our App. When you use third-party services integrated with the App, their own privacy policies apply:

• Microsoft Azure Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement

• PostHog Privacy Policy: https://posthog.com/privacy

We encourage you to review these third-party privacy policies to understand how they handle your information.

15. Consent

By using the App, you consent to our Privacy Policy and agree to its terms. If you do not agree with this Privacy Policy, please do not use the App.

This Privacy Policy was last updated on November 15, 2025. Please review it periodically for changes.