Skip to content
Donget

Privacy Policy

Last updated: Jun 4, 2026

Note: This is a template prepared in good faith and should be reviewed by qualified legal counsel before launch.

Who we are

Donget (“Donget”, “we”, “us”, or “our”) is a free expense-splitting and shared-budget app for iOS and Android, together with our website at donget.com. Donget helps friends, family, roommates, and travel companions record shared costs, see who owes what, and figure out the simplest way to settle up.

This Privacy Policy explains what personal data we collect, how and why we use it, who we share it with, how long we keep it, and the rights and choices you have. It applies to the Donget app and website (together, the “Service”). If you have any questions, contact us any time at hello@donget.com.

Donget is a record-keeping tool, not a bank, payment processor, or money-transfer service. We do not move, hold, or transfer money, and we are not connected to your bank accounts. For more on that, see our Terms of Service.

What data we collect

We try to collect only what we need to make Donget work well for you and your group.

  • Account information. When you create an account we collect your email address. You may optionally add a display name or nickname, a profile photo (avatar), and a phone number. If you sign in with Google or Apple, we receive a basic identifier and the email associated with that account.
  • Content you enter. This is the information you and your group add to use the Service: groups, expenses, line items, amounts, currencies, notes, the way costs are split, settlements, receipt photos you upload for scanning, and any support tickets or feedback you send us.
  • Authentication data. To sign you in we process one-time codes (sent by email or, where offered, by SMS) and tokens from Google or Apple sign-in.
  • Device and usage data. We collect limited technical information such as device type and model, operating system version, app version, language preference, time-zone, and anonymized in-app events that tell us which features are used and where errors occur.
  • Analytics and diagnostics. We collect product-analytics and session-analytics data to understand usage patterns, diagnose crashes, and improve stability and design.
  • Push-notification tokens. If you enable notifications, we store a device token so we can deliver reminders and updates.
  • Logs. Our systems generate technical logs (for example, IP address, request timestamps, and error traces) used to operate and secure the Service.

We do not ask for, and do not want, sensitive financial credentials such as bank logins or card numbers. Donget is not connected to your bank and does not process payments.

How we use your data

We use the data above to:

  • Provide the Service — create and manage your account, store your groups and expenses, calculate balances, and suggest the simplest way to settle up.
  • Sync across your group — so every member sees the same up-to-date expenses and balances on their own device, in real time.
  • Authenticate you — verify one-time codes and sign-in tokens and keep your session secure.
  • Scan receipts — when you upload a receipt photo, send it to a third-party AI provider that extracts amounts and items for you to review (see “AI receipt scanning” below).
  • Communicate with you — send essential service messages (such as security or account notices) by email, and push notifications you have enabled. We send optional product updates only if you opt in.
  • Improve and secure the Service — diagnose crashes, fix bugs, measure which features help, prevent abuse and fraud, and protect users.
  • Comply with law — meet legal obligations and respond to valid legal requests.

Where data-protection laws such as the GDPR (EU/UK) apply, we rely on the following legal bases:

  • Performance of a contract — to provide the core features you sign up for.
  • Legitimate interests — to keep the Service secure, prevent abuse, and improve it, balanced against your rights.
  • Consent — for optional analytics or marketing messages, which you can withdraw at any time.
  • Legal obligation — where we must retain or disclose data to comply with applicable law.

AI receipt scanning

If you choose to scan a receipt, the image you upload is processed by a third-party AI provider that extracts amounts, items, and other details to pre-fill an expense. This is a convenience feature: results are best-effort and may contain errors, so you should always review and correct the extracted data before saving. The provider processes the image to perform the scan on our behalf and under contract; we do not permit it to use your images to train its own general models where that option is available to us.

How we share data

We do not sell your personal data. Ever. Donget has no advertising business, and we do not share your data with advertising networks or use it to profile you for ads. This is core to how we build the product, not a footnote.

We share data only in these limited cases:

  • Within your group. Expenses, balances, names, and related content you enter are, by design, visible to the other members of that group.
  • Service providers (sub-processors). We use a small number of trusted vendors who process data on our behalf, under contracts that require them to protect it and use it only for us. These currently include:
    • Supabase — hosting and core infrastructure (database, authentication, storage, and serverless functions).
    • Resend — sending transactional and one-time-code emails.
    • Google and Apple — sign-in and platform services.
    • PostHog — product analytics.
    • Microsoft Clarity — session analytics.
    • A third-party AI provider — receipt-scanning.
    • An SMS provider — sending phone one-time codes where phone sign-in is offered.
  • Legal reasons. If required by law, regulation, or valid legal process, or to protect the rights, property, or safety of our users, the public, or Donget.
  • Business transfers. If Donget is involved in a merger, acquisition, or sale of assets, data may transfer as part of that transaction, subject to this policy.

Storage and security

Your data is hosted on Supabase infrastructure (a managed Postgres database, with authentication, storage, and serverless functions) so your group stays in sync across devices. Data is encrypted in transit using industry-standard HTTPS/TLS, and access to data is governed by Row-Level Security policies that restrict each user to the data they are entitled to see. We apply additional access controls and safeguards to protect data at rest on our infrastructure. No system is perfectly secure, but we work hard to protect your information and limit access to it.

Data retention and account deletion

We keep your account and content for as long as your account is active or as needed to provide the Service.

You can delete your account at any time, either in the app (Profile → delete account) or on our website at /delete-account. Deletion uses a 30-day grace period, after which your personal data is anonymized or permanently removed. This grace period is aligned with the GDPR’s right to erasure (Article 17) and California’s CCPA/CPRA. During the 30 days you can cancel the deletion simply by signing back in. After the grace period, removal is permanent and cannot be undone.

Some information may be retained beyond deletion only where we must keep it to comply with legal obligations, resolve disputes, prevent fraud, or enforce our agreements. Note that content you shared within a group (for example, an expense recorded against a shared balance) may remain visible to other members of that group even after you leave or delete your account, in anonymized or pseudonymized form.

Your rights and choices

Depending on where you live, you may have the right to access, correct, export (portability), or delete your personal data, and to object to or restrict certain processing.

  • GDPR (EU/UK). EEA and UK residents have the rights above, plus the right to withdraw consent and to lodge a complaint with a supervisory authority.
  • CCPA/CPRA (California). California residents have the right to know what personal information we collect, to access and delete it, to correct it, and to opt out of “sale” or “sharing” — and we do not sell or share personal information for cross-context behavioral advertising in the first place. We will not discriminate against you for exercising these rights.

You can exercise these rights:

  • In the app — review and edit your profile, and permanently delete your account from account settings (subject to the 30-day grace period above).
  • By email — contact hello@donget.com. We may need to verify your identity before acting on a request, and we will respond within the timeframes required by applicable law.

Children

Donget is not directed to children under 13 (or under 16 in the European Economic Area, where required), and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please contact us and we will delete it.

International data transfers

Donget is available in multiple countries, and your data may be processed on servers located outside your home country, including by the sub-processors listed above. Where we transfer personal data internationally, we use appropriate safeguards — such as standard contractual clauses — to protect it consistent with this policy and applicable law.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, notify you in the app or by email. Continuing to use Donget after a change takes effect means you accept the updated policy.

Contact

Questions, requests, or concerns about your privacy? Email us at hello@donget.com and we’ll be glad to help.