Legal

Privacy Policy

Last updated: April 1, 2026

Split is a product of Ramiro Labs LLC (“Ramiro Labs,” “we,” “us,” or “our”). This Privacy Policy explains what data we collect when you use Split, why we collect it, how we protect it, and what rights you have over it.

We wrote this to be read by a real person, not just a lawyer. If something is unclear, email us at usesplit.noreply@gmail.com.

1. Who This Policy Applies To

This policy applies to all users of Split — the web app and the Split mobile app for iOS and Android — as well as anyone who contacts us for support or submits feedback.

2. Information We Collect

We collect only what is necessary to make Split work. Here is a precise account of what that means.

2.1 Account Data

When you create a Split account via Clerk, we receive:

  • Email address
  • First name and last name
  • A unique Clerk user ID

2.2 Profile Data (Optional)

You may optionally add to your profile:

  • Display name
  • Job title
  • Short bio or description
  • Website URL, GitHub URL, LinkedIn URL
  • Avatar image

None of these fields are required to use Split.

2.3 Productivity Data

The core of what Split stores on your behalf:

  • Todos: title, priority, deadline, tags, subtasks, recurrence settings, completion status, timestamps
  • Habits: name, description, duration, frequency, location, completion history, overrides
  • Events: name, date, time, duration, location, description, recurrence rules, calendar association
  • Items and notes: user-created notes, snippets, recipes, and excerpts with tags and metadata

This data belongs to you. We store it to power the app.

2.4 Calendar Integration Tokens

If you connect Google Calendar or Microsoft Outlook:

  • OAuth access tokens and refresh tokens for each provider
  • The list of calendar IDs you have selected to sync

These tokens are used exclusively to read and write calendar events on your behalf. We do not use them for any other purpose.

2.5 Settings and Preferences

  • Theme (light/dark/system)
  • Timezone and working hours
  • Notification preferences
  • Display density, section order, and layout preferences
  • Todo display format and prioritization framework
  • Daily brief preferences

2.6 AI Usage Data

We track a daily session count per user to enforce fair-use limits on AI features. We do not log the content of individual AI requests.

2.7 Communication Debt Data

If you use the communication triage feature with Gmail or Outlook, we process:

  • Email thread metadata: sender name, sender email, subject line, message count, and timestamps
  • Thread IDs and deep links back to the original threads in your inbox

We do not store the body or full content of your emails. We read message metadata to generate a priority score. That score is shown to you; the raw metadata is not retained beyond the processing window.

2.8 Push Notification Tokens

If you enable push notifications, we store a device token for your iOS, Android, or web browser. These are used only to deliver notifications you have requested. You can revoke this at any time.

2.9 Bug Reports and Feedback

When you submit a bug report or feedback, we receive:

  • The content of your report
  • Optional screenshots you attach
  • Device type, OS version, and browser version (auto-collected)

2.10 Billing Data

If you subscribe to Split Pro:

  • Subscription status (active, canceled, paused)
  • Subscription start date
  • A Stripe subscription ID

Payment card details, billing address, and payment history are held exclusively by Stripe. We never see or store your raw payment information.

2.11 Crash and Error Reports

Anonymized crash reports are sent to Sentry, including the error message, stack trace, and basic device/browser context. Sentry is configured to scrub common PII patterns.

2.12 Standard Server Logs

Our hosting provider (Vercel) collects standard web server logs (IP addresses, request paths, HTTP status codes, timestamps). These are retained for a short period and are not linked to your Split account.

What We Do Not Collect

  • Calendar event titles, attendees, or notes from external calendars
  • Contacts or address book
  • Location data beyond what you voluntarily type into an event or habit
  • Browsing history
  • Biometric data
  • We do not sell data to advertisers or third parties

3. How We Use Your Information

  • Operate the app: storing and syncing your todos, habits, events, notes, and settings across devices
  • Smart scheduling: CalendarScheduler reads your calendar availability to place todos and habits into open time slots
  • Notifications: task reminders, habit nudges, daily brief delivery
  • AI daily briefs: summarizing your upcoming tasks and events into a narrative (see Section 6)
  • Process payments: managing your Pro subscription via Stripe
  • Improve reliability: Sentry crash reports help us fix bugs
  • Rate limiting: Upstash Redis temporarily records request counts to prevent abuse
  • Respond to you: when you contact us or submit a bug report

We do not use your data for advertising, profiling, or selling to third parties.

4. Third-Party Services

Split is built on several third-party services. Each one receives only the data necessary for its function.

ServicePurposeWhat They Receive
ClerkAuthenticationEmail, name, OAuth session data
ConvexDatabase & backendAll app data (stored on your behalf)
StripePayment processingBilling info, payment methods
SentryError monitoringAnonymized crash reports
Google Calendar APICalendar syncOAuth tokens, calendar read/write
Microsoft Graph APIOutlook calendar syncOAuth tokens, calendar read/write
Google Gemini APIAI daily briefsAnonymized task/event summaries
Upstash RedisRate limitingTemporary counters by user ID
VercelHostingStandard web server logs

5. Calendar and Email Integration

Google Calendar and Microsoft Outlook

Connecting your calendar is optional. If you do:

  • Split requests OAuth2 authorization scoped to calendar read and write.
  • We use your access token to read free/busy information and write events you schedule through Split.
  • We store the access token and refresh token to maintain the connection.
  • You can disconnect at any time from settings. We delete stored tokens immediately.

We do not read event titles, attendee lists, or event notes from external calendars.

Gmail and Microsoft Outlook (Communication Triage)

If you use the communication debt feature:

  • Split reads email thread metadata only: sender name, email, subject, message count, timestamps.
  • We do not store email bodies, attachments, or full message content.
  • Thread IDs and deep links are stored so you can navigate to the thread.
  • You can disconnect email access at any time, and we delete all associated metadata.

6. AI Features and Google Gemini

Split's daily brief feature uses Google's Gemini API to generate a personalized narrative summary of your day.

What we send to Google Gemini

  • A list of your upcoming tasks (titles and deadlines)
  • A list of your upcoming calendar events (titles and times)
  • Your preferences for brief format and focus area

What we do not send to Google Gemini

  • Your name, email, or account identifiers
  • Task notes or descriptions beyond the title
  • Email content or calendar event details from connected external accounts
  • Information from previous briefs or sessions

Google processes this data under their Gemini API data usage terms. API inputs sent via the paid API are not used to train Google's models by default.

7. Cookies and Tracking

Split uses essential cookies only. The only cookies we set are authentication session cookies managed by Clerk. We do not use:

  • Advertising or retargeting cookies
  • Analytics cookies (e.g., Google Analytics)
  • Third-party tracking pixels
  • Fingerprinting or behavioral tracking

8. Data Retention

While your account is active

We retain your data for as long as your account exists and you have not requested deletion.

When you delete your account

You can delete your account at any time from Split's settings. When you initiate account deletion:

  • Your productivity data is scheduled for permanent deletion within 30 days.
  • Your Clerk authentication record is deleted immediately.
  • Your Stripe subscription is canceled (Stripe retains billing records per their own policy).
  • Anonymized crash reports in Sentry are not linked to your account.

We do not keep backups of deleted user data beyond the 30-day purge window.

9. Data Security

  • Encryption in transit: all data is transmitted over HTTPS/TLS
  • Encryption at rest: data is stored in Convex, which encrypts at rest
  • Access controls: production infrastructure uses least-privilege access
  • Rate limiting: API endpoints are rate-limited to prevent abuse
  • Error monitoring: Sentry scrubs PII from crash reports

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at usesplit.noreply@gmail.com.

10. International Data Transfers

Ramiro Labs LLC is based in the United States. Your data will be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) maintained by our sub-processors and applicable data transfer frameworks.

11. Children's Privacy

Split is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us at usesplit.noreply@gmail.com and we will delete it promptly.

12. Your Rights — GDPR (EU/EEA/UK Users)

Lawful Basis for Processing

Processing ActivityLawful Basis
Account creation & authenticationContract
Storing productivity dataContract
Calendar & email syncConsent (OAuth authorization)
AI daily briefsLegitimate interests
Payment processingContract
Error monitoringLegitimate interests
Rate limitingLegitimate interests

Your Rights

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion (“right to be forgotten”)
  • Data portability: receive your data in a machine-readable format
  • Restriction: ask us to stop processing while a dispute is resolved
  • Objection: object to processing based on legitimate interests
  • Withdraw consent: disconnect integrations in settings at any time

Email usesplit.noreply@gmail.com with subject “GDPR Data Request.” We respond within 30 days.

You also have the right to lodge a complaint with your local supervisory authority.

13. Your Rights — CCPA (California Users)

Categories of Personal Information

  • Identifiers: email address, name, Clerk user ID
  • Personal information (Cal. Civ. Code § 1798.80): name, email
  • Internet activity: server logs, AI session counts
  • Professional information: optional job title

Your Rights

  • Right to know: what we collect, why, and who we share it with
  • Right to delete: use account deletion or email us
  • Right to correct: request correction of inaccurate data
  • Right to opt out of sale: we do not sell personal information — there is nothing to opt out of
  • Non-discrimination: exercising your rights will not affect your access or pricing

Email usesplit.noreply@gmail.com with subject “CCPA Request.” We respond within 45 days.

14. Changes to This Policy

We may update this Privacy Policy as we add features or change vendors. For material changes, we will notify you via in-app notice or email at least 14 days before they take effect. Your continued use of Split after the effective date constitutes acceptance.

15. Contact Us

For any questions, requests, or concerns about this Privacy Policy or your data:

Ramiro Labs LLC
Split Privacy Inquiries
usesplit.noreply@gmail.com

  • GDPR requests — subject line: “GDPR Data Request”
  • CCPA requests — subject line: “CCPA Request”
  • General privacy questions — subject line: “Privacy Inquiry”

We aim to respond within 5 business days. Data rights requests are fulfilled within 30 days (45 days for CCPA).

← Back to home