Privacy Policy

Your privacy and data security are our top priorities. This policy explains how we handle your information.

Last updated: 6/6/2025

Important Disclaimers

YNAB: We are not affiliated, associated, or in any way officially connected with YNAB, or any of its subsidiaries or its affiliates. The official YNAB website can be found at https://www.ynab.com. The names YNAB and You Need A Budget as well as related names, marks, emblems and images are registered trademarks of YNAB.

Splitwise: We are not affiliated, associated, or in any way officially connected with Splitwise, or any of its subsidiaries or its affiliates. The official Splitwise website can be found at https://www.splitwise.com. The name Splitwise as well as related names, marks, emblems and images are registered trademarks of Splitwise, Inc.

What Data We Collect

To provide our service, we collect and process the following information:

YNAB Data: Transaction details, account information, and budget categories accessed through the YNAB API
Splitwise Data: Expense information, group memberships, and settlement details accessed through the Splitwise API
Account Information: Email address and basic profile information for authentication
Usage Data: Application logs and error reports to improve our service

How We Handle and Store Your Data

Data obtained through the YNAB and Splitwise APIs is handled with the utmost care:

Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
Secure Storage: Data is stored in secure, SOC 2 compliant cloud infrastructure with regular security audits
Access Controls: Strict access controls ensure only authorized systems can access your data
Data Minimization: We only store the minimum data necessary to provide our synchronization service
Regular Backups: Encrypted backups are maintained to ensure data availability and recovery
API Rate Limiting: We respect both YNAB and Splitwise API rate limits to ensure service stability

Important: We do not directly request, handle, or store any financial account credentials. We only use OAuth access tokens obtained directly from YNAB and Splitwise through their official authorization flows.

Splitwise Data Handling:

• We only access Splitwise data necessary for expense synchronization
• We respect Splitwise's terms of service and API usage guidelines
• Splitwise data is processed in real-time and not stored longer than necessary
• We maintain separate security protocols for each API integration

Third-Party Data Sharing

Data Protection Guarantees:

• YNAB Data: Will not unknowingly be passed to any third-party
• Splitwise Data: Will not unknowingly be passed to any third-party
• Cross-Platform: Data flows only between YNAB and Splitwise as you explicitly direct

Here's exactly how we handle third-party interactions:

YNAB ↔ Splitwise Sync: We only send transaction data to Splitwise that you explicitly flag for sharing in YNAB, and vice versa
No Data Brokers: We never sell, rent, or share your data with data brokers or marketing companies
Service Providers: We only work with trusted service providers (hosting, monitoring) who are bound by strict data protection agreements
Legal Requirements: We will only disclose data if required by law, and we will notify you unless legally prohibited
API Compliance: We strictly adhere to both YNAB and Splitwise API terms of service and data usage policies

Transparency Promise:

Any data sharing will always be with your explicit consent and for the direct purpose of providing our synchronization service. You maintain full control over what data is shared and can revoke access at any time.

Your Rights and Controls

You have complete control over your data:

Access: Request a copy of all data we have about you from both YNAB and Splitwise integrations
Correction: Update or correct any inaccurate information in our system
Deletion: Request deletion of your account and all associated data from our systems
Portability: Export your synchronization history and settings in a machine-readable format
Revoke Access: Disconnect YNAB or Splitwise integrations independently at any time
Selective Control: Choose which transactions to sync and which to keep private

To exercise any of these rights, please contact us at privacy@splitwiseforynab.com

Data Retention

Active Accounts: We retain your data as long as your account is active and you're using our service
Account Deletion: When you delete your account, we permanently delete all your data within 30 days
Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention)
Anonymized Analytics: We may retain anonymized usage statistics that cannot be linked back to you

Security Measures

We implement industry-standard security measures:

OAuth 2.0: Secure authorization without storing your YNAB or Splitwise passwords
HTTPS Everywhere: All communications with YNAB, Splitwise, and our servers are encrypted using TLS 1.3
Token Security: API tokens are encrypted and stored securely with automatic rotation
Regular Security Audits: Periodic security assessments and penetration testing
Incident Response: Comprehensive plan for handling any security incidents affecting either platform
Employee Training: All team members receive regular security and privacy training
API Monitoring: Real-time monitoring of all YNAB and Splitwise API interactions for anomalies

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@splitwiseforynab.com
Support: support@splitwiseforynab.com

We will respond to all privacy-related inquiries within 30 days.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

We will notify you via email of any material changes
We will update the “Last updated” date at the top of this page
We will maintain previous versions for your reference
Continued use of our service after changes constitutes acceptance of the new policy

← Back to Home