Privacy Policy

What we collect when you use Syndic, why we collect it, how we keep it safe, and the choices you have over your information.

1. Overview

1.1 Who this policy is from

This Privacy Policy is issued by Syndic Ltd, a company registered in England and Wales ("Syndic", "we", "us"). It explains how we handle personal data when you use our software platform to split, track, and reconcile shared expenses with your group.

1.2 Our role

For information about you that you give us directly — your account details, the expenses you log, the groups you create — we act as the data controller. For information that another member of your group enters about you, that member is the controller and Syndic processes the data on their behalf.

1.3 What we are not

Syndic is a technology company, not a financial services provider. We do not receive, hold, transmit or settle money. We therefore do not collect bank account numbers, card numbers, or other payment credentials in order to move funds between members.

1.4 Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email (if you have an account) or through an in-app notice at least fourteen days before they take effect. Continuing to use Syndic after the effective date constitutes acceptance of the updated policy.

2. Data We Collect

2.1 Account information

When you sign up we collect your name and email address. You may optionally add a display photo, a phone number for invitations, and a preferred currency.

2.2 Group and expense data

We store the groups you create or join, the names you give them, the expenses entered, the way each expense is split, the comments members add, and any receipts you upload. This is the working ledger your group needs in order to see who owes what.

2.3 Settlement markers

When a member marks a balance as paid, we record that the entry was settled, by whom, and when. We do not see, store, or process the payment itself — that happens entirely between the members on whichever payment rail they use.

2.4 Technical data

Like most online services we automatically receive technical information when you use the platform: your IP address, browser type, device type, operating system, the pages you visit, and timestamps. We use this to keep the service working and secure.

2.5 Communications

If you contact us — by email, the in-app help, or through a contact form — we keep a copy of the conversation and any information you supply so that we can respond and follow up.

2.6 What we do not collect

We do not collect bank account numbers, debit or credit card numbers, government identifiers, biometric data, or any special-category personal data. If you accidentally enter such information into a free-text field, please remove it and let us know.

3. How We Use Your Data

3.1 Operating the service

We use your data to provide Syndic to you and your group: showing balances, calculating shares, sending invitations, delivering reminders you have configured, and keeping a transparent log of changes.

3.2 Security and fraud prevention

We use technical data and account activity to detect unusual access patterns, block abuse, and protect members from impersonation or unauthorised changes to a group ledger.

3.3 Improving the platform

We look at aggregated, de-identified usage to understand which features are useful, where people get stuck, and where the platform should grow next. This analysis does not identify individual users.

3.4 Communicating with you

We send transactional messages (sign-up confirmations, password resets, invitations, reminders you have asked for, important service notices). We will only send marketing messages where you have opted in, and you can opt out at any time from the link in those emails.

3.5 Legal basis

We process your personal data on the basis of: performing the contract you have with us (giving you the service); our legitimate interest in keeping the platform secure, reliable and improving over time; complying with legal obligations; and, where required, your consent.

4. Sharing & Disclosure

4.1 Within your group

Information you contribute to a group — your name, the expenses you log, the comments you make, your share of each balance — is visible to the other members of that group. Anyone holding a shareable split link can also see the contents of that split.

4.2 Service providers

We use a small number of trusted providers to host the platform, send email, monitor errors, and deliver reference exchange-rate data. These providers process your data only on our instructions and under contractual confidentiality and security obligations.

4.3 Legal disclosure

We may disclose data where we are legally required to — for example, in response to a valid court order — or where we believe in good faith that disclosure is necessary to protect the safety of a member or the integrity of the platform. We push back on over-broad requests.

4.4 We never sell your data

We do not sell, rent, or trade your personal data to advertisers or data brokers. The platform is not funded by surveillance.

4.5 International transfers

Some of our service providers may process data outside your country of residence. Where that happens, we put in place appropriate safeguards — such as Standard Contractual Clauses — so that your data continues to receive a comparable level of protection.

5. Your Rights, Retention & Security

5.1 Your rights

Subject to local law, you have the right to access the personal data we hold about you, to correct inaccurate data, to ask us to delete data we no longer need, to restrict or object to certain processing, to receive a copy of your data in a portable format, and to withdraw consent where we rely on it. To exercise any of these rights, get in touch via our contact page.

5.2 Retention

We keep your account data for as long as your account is active. After deletion, we remove personal data within ninety days, except where: (a) a record is needed to preserve the integrity of a group ledger in which other members still have an interest; or (b) we are required by law to retain it for longer.

5.3 Security

We protect your data with encryption in transit and at rest, role-based access controls, audit logging, and regular review of our infrastructure. No system is perfectly secure, but we work to make a breach unlikely and to detect and respond to one quickly if it ever occurs.

5.4 Cookies and similar technologies

We use a small number of strictly necessary cookies to keep you signed in and to keep the platform working. We do not use advertising cookies. Where we use analytics, the data is aggregated and does not identify you personally.

5.5 Children

Syndic is not intended for anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has created an account, contact us and we will remove it.

5.6 Complaints

If you are unhappy with how we have handled your data, please contact us first so we can put it right. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the United Kingdom or with your local data-protection supervisory authority.

5.7 Contact

Questions about this policy or your data can be sent through our contact page. We aim to respond within five working days.

Questions about your data?

Get in touch and we'll walk you through what we hold, how we use it, and the choices you have.

Contact Us Read the Terms