SplittamoSplittamo← Back to Home

Privacy Policy

Last updated: February 2025

1. Introduction

Welcome to Splittamo ("we", "our", "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our group food ordering platform at splittamo.com and its subdomains (the "Service").

By using Splittamo, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information you provide directly

  • Account information: name, email address, password (hashed), and optional phone number.
  • Restaurant information: business name, address, cuisine type, and delivery details (restaurant owners only).
  • Order data: items selected, quantities, special requests, notes.
  • Payment information: processed entirely by Stripe. We never store your card number, CVV, or bank details.

2.2 Information collected automatically

  • Log data: IP address, browser type, pages visited, timestamps.
  • Cookies: session token, language preference, theme preference. No advertising or tracking cookies.
  • Device data: operating system, device type (for PWA functionality).

2.3 Information from third parties

  • Google OAuth: If you sign in with Google, we receive your name, email, and profile picture from Google.
  • Stripe: Payment status, Stripe customer ID, and payout information for restaurant owners.

3. How We Use Your Information

  • To provide, operate, and improve the Service.
  • To process payments and send order confirmations.
  • To send in-app and push notifications about your orders.
  • To enable real-time collaboration within your group (spaces).
  • To detect and prevent fraud or abuse.
  • To comply with legal obligations.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Data Sharing and Disclosure

We share data only in these limited circumstances:

  • Stripe: Payment processing. Stripe's privacy policy applies to payment data.
  • Google: Only if you choose to sign in with Google.
  • Restaurant owners: Your name and order details are visible to the restaurant you order from.
  • Space members: Your name and order items are visible to members of the same space.
  • Legal requirements: If required by law, court order, or to protect rights and safety.

5. Data Retention

We retain your personal data as long as your account is active or as needed to provide the Service. Order history is retained for accounting and legal compliance (typically 7 years in the EU). You may request deletion of your account and associated data at any time (see Section 7).

6. Security

We use industry-standard security measures including HTTPS encryption, bcrypt password hashing, JWT authentication with short expiry, and rate limiting. Payment data is handled entirely by Stripe and never touches our servers. We regularly review our security practices, but no system is 100% secure.

7. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate data.
  • Erasure: Request deletion of your data ("right to be forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request that we limit processing of your data.

To exercise any of these rights, contact us at privacy@splittamo.com. We will respond within 30 days.

8. Cookies

We use only essential cookies:

  • locale — stores your language preference (en/it)
  • theme — stores your dark/light mode preference
  • access_token / refresh_token — authentication session

No advertising, analytics, or third-party tracking cookies are used.

9. Children's Privacy

Splittamo is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions or to exercise your rights:

Splittamo

Email: privacy@splittamo.com