Privacy Policy

Last updated: 28 April 2026

Monkey Split is built privacy-first. No ads. No third-party analytics. No cross-site tracking. No selling or sharing of data. The section below spells out what we do process, why, and under which legal basis.

1. Controller

The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR / DSGVO) is listed in our Imprint.

2. What data is processed

Monkey Split is a shared-expense app. We only process the data strictly necessary to operate your account and share expenses with the people you invite into a group.

2.1 Account data

When you create an account, we store your email address (for authentication and password recovery) and, optionally, a display name and profile picture.

Legal basis: Art. 6(1)(b) GDPR — performance of the contract (providing the service you signed up for).

2.2 Expense and group data

Expenses, groups, participants, splits, and settlements you create are stored so that everyone in the group sees the same shared tab. This data is only visible to members of the group.

Legal basis: Art. 6(1)(b) GDPR — performance of the contract.

2.3 Authentication cookies

We set a first-party session cookie so you stay signed in between visits. This is the only cookie we set. It contains an opaque session token — no personal information.

Legal basis: Art. 6(1)(f) GDPR — legitimate interest in keeping you signed in (essential cookie, no consent required).

2.4 Hosting (Cloudflare)

The app and its database are hosted on Cloudflare (Workers, D1, KV, Pages). When your browser connects to our servers, Cloudflare necessarily processes your IP address, request URL, and user-agent. Cloudflare may retain security logs for up to 72 hours.

Legal basis: Art. 6(1)(f) GDPR — legitimate interest in serving and protecting the service.

3. Data we do NOT collect

• No analytics (no Google Analytics, no Matomo, no Plausible)
• No advertising, retargeting, or marketing pixels
• No cross-site tracking or browser fingerprinting
• No sale or sharing of data with third parties
• No behavioural profiling

4. Third-party services

Cloudflare, Inc. and Google LLC are based in the United States and participate in the EU-US Data Privacy Framework.

5. Your rights (Art. 15–21 GDPR)

• Access (Art. 15) — request information about your data
• Rectification (Art. 16) — correct inaccurate data
• Erasure (Art. 17) — delete your account and data
• Data portability (Art. 20) — export your data
• Objection (Art. 21) — object to processing

To exercise any of these rights, contact us via the information in the Imprint. We respond within 30 days.

6. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

7. Data retention

Account data is kept while your account is active. When you delete your account, the following happens in a single transaction:

• Erased immediately (Art. 17 GDPR): your email address, password hash, OAuth identifiers, profile picture, display name, and all sessions.
• Groups you own: if other active members exist, ownership is transferred to a remaining admin (or another member is promoted). If you are the last member, the group, its memberships, and its expenses are deleted.
• Groups you participate in: your membership row is tombstoned as [Deleted User] with no email, avatar, or PayPal handle. Expense entries you created remain in the shared ledger so balances stay correct for the other members. Legal basis: Art. 6(1)(f) GDPR — legitimate interest of co-members in an accurate shared ledger.
• Cloudflare security logs: retained by Cloudflare for up to 72 hours.
• Email-delivery logs: retained by Cloudflare Email for up to 30 days.

You can request a copy of your data (Art. 20 GDPR) at any time from your profile, or by contacting us via the Imprint.

8. Changes to this policy

We may update this policy to reflect changes in practice or legal requirements. The "Last updated" date above marks the most recent revision.