Legal

Privacy Policy

Last updated: June 9, 2026 · Effective: June 9, 2026

1. Who we are

This Privacy Policy describes how Settl ("Settl," "we," "us," or "our") collects, uses, and shares information about you when you use the Settl mobile application, our website at settl.fyi, our API at api.settl.fyi, and any related services (collectively, the "Services").

If you have questions about this policy, contact us at hello@settl.fyi.

2. Information we collect

2.1 Information you provide directly

• Account information. When you sign up, we collect your name, email address, profile photo (if you choose to add one), and the authentication identifier issued by your sign-in provider (Apple, Google, or Firebase email/password).
• Expenses and groups. Titles, amounts, currencies, categories, dates, notes, comments, and the people you split with. We also store the calculated balances and any settlements you record.
• Voice transcripts. When you create an expense by voice, we send the audio recording to our AI providers (see §4) to transcribe it and extract the expense fields. We do not store the audio — it is held transiently in memory during the request and discarded. The transcript (the words you spoke) is saved on the resulting expense row so you can see what was heard, and it is shown on the confirm sheet, the expense detail screen, and your activity feed. Delete the expense to delete the transcript.
• Receipts and profile photos. Images you upload (receipts attached to expenses, your profile picture) are stored on Cloudflare R2 in private buckets accessible only via short-lived signed URLs.
• Communications. Messages you send us (e.g. via hello@settl.fyi).

2.2 Information collected automatically

• Device and identifiers. Device model, operating system version, app version, language and locale, time zone, an installation identifier, and (when you enable push notifications) a Firebase Cloud Messaging device token.
• Usage data. Events such as mic taps, screen views, settlement actions, and feature interactions, aggregated for analytics and product improvement. Performance metrics such as request latency and error rates.
• Voice telemetry. For each voice-created expense we log a telemetry row with the verbatim transcript, the AI model used, and timing/usage metrics. This is what powers the admin "Insights" dashboard so we can spot regressions in voice quality. It is stored in the same database as the rest of your account data and is governed by the retention rules in §6.
• Diagnostics. Crash logs, stack traces, non-fatal error reports, and performance traces collected by Sentry and Firebase Crashlytics. These help us reproduce and fix bugs and monitor reliability.
• Log data. Standard request metadata including IP address, request path, and timestamps. Used for security monitoring and operational diagnostics.

2.3 Information from other users

If another Settl user adds you to a group or invites you by email, we may receive your email address or display name from them so we can show you the group invitation when you sign up. If you don't sign up, this information is treated as a placeholder member and is not linked to a real identity.

3. How we use information

• To create and maintain your account, authenticate you, and prevent unauthorized access.
• To run the core product features: split expenses, track balances, settle up, log activity, and synchronize state across your devices and group members.
• To process voice input — sending the audio recording to our AI providers so you can speak expenses instead of typing. Audio is transient; the resulting transcript is stored on the expense.
• To send transactional emails (verification, password reset, account-deletion confirmations).
• To send push notifications about activity in your groups (settlement requests, new expenses) — you can disable these in your device settings.
• To detect, prevent, and respond to fraud, abuse, security incidents, and other illegal activity.
• To analyze how the app is used so we can improve it. Aggregated and de-identified analytics may be retained indefinitely.
• To comply with legal obligations and enforce our Terms of Service.

4. AI and voice processing

Settl is a voice-first product. When you tap the mic and speak:

• Where your voice goes. The audio recording is sent to one or more of our AI providers (described by category in §5.2) to turn it into text and to extract the expense details — what was spent, who paid, how to split it. The set of providers we use may change as we improve the product; in every case it's a paid commercial tier whose contract prohibits the provider from using your data to train their models.
• Audio is transient. We don't keep the audio recording. It exists only in memory during the round-trip to our providers and is discarded once the response is returned. Only the transcript — the words you spoke — is saved alongside the resulting expense, so you can see what was heard.
• Multi-language. Settl understands many languages natively (English, Hindi, Telugu, Tamil, Spanish, French, German, Japanese, Mandarin, and others). Speak in whichever feels natural — the transcript is preserved verbatim.
• Receipts. When you attach a photo of a receipt, the image is uploaded to our storage provider (see §5.2) and read by an AI provider to pull out fields like merchant, total, and currency. The image stays in storage; only the extracted text reaches the expense.
• Output is not authoritative. AI-parsed expenses, balances, and suggestions are informational. You are responsible for verifying every entry before relying on it for any settlement, payment, or other action. See our Terms of Service.

5. How we share information

5.1 With other users in your groups

When you create or join a group, the other members of that group can see your display name, profile photo, and the expenses, settlements, comments, and balances you record in that group. They cannot see your email address, phone number, or activity in groups they're not part of.

5.2 With service providers (data processors)

We use trusted third-party vendors to operate the Services. They process your data under contractual privacy and security obligations. They are not permitted to use it for their own purposes.

Each provider receives only the data needed for the role above and is bound by a data-processing agreement that prohibits using your data for their own purposes or for training AI models.

5.3 For legal reasons

We may disclose information if we believe in good faith that it's required by law, regulation, legal process, or governmental request; or to protect the rights, property, or safety of Settl, our users, or others. Where legally permitted, we will notify you of such requests before disclosure.

5.4 Business transfers

If Settl is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you (e.g. via email or in-app notice) before your information becomes subject to a different privacy policy.

5.5 With your consent

We may share information for any other purpose disclosed to you and with your consent.

5.6 What we do not do

• We do not sell or rent your personal information.
• We do not share your data with third-party advertisers or data brokers.
• We do not use your content (expenses, voice transcripts, receipts) to train AI models — neither ours nor our vendors'. Our AI providers are bound by data-processing agreements that prohibit them from training on your data.
• We do not engage in cross-app or cross-site tracking.

6. Data retention

• Account and content. We retain your account and the content you create until you delete your account. Deleted accounts are scrubbed of personally identifiable information; aggregate and anonymized derivatives may persist.
• Voice transcripts. Stored on the corresponding expense row (we do not retain the audio itself). Deleting an expense removes the transcript.
• Voice telemetry. Logged with each voice-created expense (transcript, model, latency). Retained for up to 90 days for product analytics, then aggregated/deleted.
• Diagnostics and logs. Retained for up to 90 days, then deleted or anonymized.
• Backups. Encrypted backups are retained for up to 30 days for disaster recovery.
• Legal holds. If we receive a valid legal demand, we may retain information longer than these defaults to comply.

7. International data transfers

Settl is operated from the United States. By using the Services, you consent to the transfer of your information to and processing in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country. Where required, we rely on Standard Contractual Clauses or other approved transfer mechanisms.

8. Your rights and choices

8.1 In-app controls

• Export your data. The app provides a full JSON export of your profile, groups, expenses, settlements, comments, recurring rules, activity log, and AI memory.
• Delete your account. Deletes your data and revokes all sessions. Some derived analytics may persist in anonymized form.
• Push notifications. Toggle in your device's system settings.

8.2 California residents (CCPA / CPRA)

You have the right to know what personal information we collect, the right to delete it, the right to correct inaccurate information, the right to opt out of sale or sharing (we don't sell or share for cross-context behavioral advertising), and the right to limit the use of sensitive personal information. We do not discriminate against you for exercising these rights. To exercise them, contact hello@settl.fyi.

8.3 European Economic Area, United Kingdom, and Switzerland (GDPR)

You have the right to access, correct, delete, restrict, or port your personal data, and to object to its processing. Where we process your data based on consent, you can withdraw consent at any time. You can also lodge a complaint with your local supervisory authority. To exercise these rights, contact hello@settl.fyi.

The legal basis for our processing is generally: (a) performance of a contract with you (running the app); (b) our legitimate interests in operating, improving, and securing the Services; (c) compliance with legal obligations; or (d) your consent.

8.4 Other jurisdictions

If your jurisdiction grants you privacy rights not listed here, contact us and we will honor them where required by law.

9. Children's privacy

Settl is not directed to children under 13 (or 16 in the EEA / UK). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Security

We use reasonable technical and organizational measures designed to protect your information, including encryption in transit (HTTPS/TLS), encryption at rest for backups and stored credentials, access controls, audit logging, and regular dependency scanning. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

If we become aware of a breach affecting your personal information, we will notify you and the appropriate authorities as required by applicable law.

11. Third-party services and links

The Services may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those services. Review their privacy policies before providing them with information.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, by sending you an in-app or email notice. Your continued use of the Services after the changes take effect constitutes acceptance of the revised policy.

13. Contact

For privacy questions, requests, complaints, or general support, email hello@settl.fyi.

© 2026 Settl. Terms of Service · settl.fyi