Privacy Policy
Last updated: July 14, 2026
Bupples ("Bupples", "we", "us") is an expense-splitting app operated by Yousof Selim, an individual developer based in Subang Jaya, Selangor, Malaysia. This policy explains what we collect, why, and your choices. Questions: ygshuh@gmail.com.
> Bupples is a record-keeping tool for splitting shared costs between friends. It does not move, hold, or transfer money.
1. Who we are
- Data controller: Yousof Selim (sole proprietor), Subang Jaya, Selangor, Malaysia.
- Contact: ygshuh@gmail.com
- Bupples runs on Google Firebase. Your data is stored on Google Cloud servers in the United States.
2. What we collect
a. Account & identity
- A Firebase user ID is created for every user (including anonymous "guest" use).
- If you sign in with Google or Apple, we receive your email address and display name. If you use Apple's Hide My Email, we only receive Apple's private-relay address.
- Guests who never sign in provide no email or name to us.
b. Content you create
- Hangout/session names, expense descriptions and amounts, the member names you and others enter, and settlement records. This is the core of the app and is shared with the other members of a session by design (see §5).
- Photos and receipts: if you add a profile picture, a hangout cover photo, a chat photo, or scan a receipt, those images are stored on Google Cloud Storage. To read a scanned receipt, the image is sent to Google's Gemini model on Google Cloud Vertex AI, which returns the items, tax, service, and total; it is used to power that feature, not to train Google's models.
c. Purchases (Pip Pro)
- If you subscribe to Pip Pro, the purchase is processed by the Apple App Store or Google Play — we never see your card or bank details. We use RevenueCat to manage subscriptions and receive your subscription status (whether it is active, its plan, and expiry) linked to your user ID, so we can unlock Pro features.
d. Device & technical data
- Firebase App Check attestation tokens (Apple App Attest / Google Play Integrity), used to verify requests come from the genuine app and block abuse.
- Push notifications: if you allow them, a Firebase Cloud Messaging token is stored so we can send reminders and updates. You can turn notifications off in your device settings at any time.
- Firebase Analytics collects anonymous usage data (e.g. screens viewed, features used, app-instance identifier, device type, app version) to help us understand and improve the app.
e. On-device only
- App preferences (appearance, accent, haptics level, default currency) and the list of sessions this device belongs to are stored locally on your device and are not sent to our servers.
We do not collect your contacts, precise location, or advertising identifiers, and we use no third-party advertising or cross-app tracking SDKs. We do not track you across other companies' apps or websites.
3. How we use your data
- Provide, sync, and maintain the service and your sessions.
- Authenticate you and keep your data backed up across devices (if you sign in).
- Protect against fraud and abuse (App Check).
- Understand usage and improve the app (Analytics).
We do not sell your data or use it for advertising.
4. Legal bases (GDPR / UK GDPR)
Where this applies, we rely on: performance of our agreement with you (providing the app), our legitimate interests (security and product improvement), and consent where required.
5. Sharing
- Other members: data you enter in a shared session — your member name, expenses, and balances — is visible to the other members of that session. That is how splitting works.
- Service providers (sub-processors): Google Firebase and Google Cloud (Authentication, Cloud Firestore, Cloud Storage, Cloud Messaging, App Check, Analytics, and Vertex AI / Gemini for reading receipts) process data on our behalf; RevenueCat manages subscriptions; and the Apple App Store and Google Play process any purchases. Each acts under its own privacy policy.
- Legal: we may disclose data if required by law or to protect rights and safety.
6. Retention
- Session and expense data persists until the session's host deletes the session or you delete your account.
- Local preferences persist until you uninstall the app.
7. International transfers
Your data is processed on Google Cloud in the United States. Where required, transfers rely on appropriate safeguards (e.g. Standard Contractual Clauses).
8. Your rights & deleting your data
- In-app deletion (free, self-serve): open Settings → Delete account. This permanently deletes your account, the hangouts you host (for everyone in them), and removes your name and balances from hangouts you joined. It cannot be undone.
- Depending on where you live, you may have rights to access, correct, delete, or port your data, and to object to or restrict processing. Malaysian users have rights under the Personal Data Protection Act 2010 (PDPA); EU/UK users under the GDPR; California residents under the CCPA/CPRA (we do not "sell" personal information). To exercise these, email ygshuh@gmail.com.
9. Children
Bupples is not directed to children under 13, and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact ygshuh@gmail.com and we will delete it.
10. Security
We protect your data with authenticated access only, App Check device attestation, and membership-scoped database rules (only members can read or write a session; sessions cannot be enumerated).
11. Changes
We may update this policy; we'll change the "Last updated" date above and, for material changes, provide additional notice.
12. Contact
Yousof Selim — ygshuh@gmail.com