Security & Privacy

Your data is yours. Full stop.

Split was built with a simple belief: your schedule is personal. We collect what we need to make the app work and nothing more. Here's exactly how we handle your data.

Encryption in transit and at rest
Zero data selling
In-app account deletion

Data Protection

Encrypted everywhere it travels.

Split relies on Convex for encryption in transit and at rest. We do not run custom cryptography or claim proprietary security controls.

Our current focus is clear data boundaries, scoped permissions, and fast revocation paths. Calendar access is optional and can be disconnected from settings at any time.

We'll publish additional technical and compliance detail as those controls are formally implemented.

Encryption Stack

+

Transport encryption

Provided by Convex infrastructure

+

Storage encryption

Provided by Convex infrastructure

+

Key management

Managed by infrastructure provider controls

Industry-standard baseline

Calendar Access

Read-only, scoped, revocable.

Split asks for read access to your calendar to find open slots and avoid conflicts. It never writes to your calendar without explicit action from you. It never reads event content beyond what's needed for scheduling — we see start and end times and busy / free status, not meeting names or attendees.

You can revoke calendar access at any time from your device settings or from Split's settings screen. The app continues to work; it just schedules without calendar context.

What Split reads

Time slots, busy / free status

What Split ignores

Event titles, attendees, notes

What you control

Access, revocation, deletion

What We Collect

We collect what the app needs. Nothing extra.

We collect

+

Account email address

+

Tasks and habits you create

+

Calendar busy / free slots

+

Push token for notifications

+

Crash reports (anonymized)

We do NOT collect

Calendar event details or titles

Contacts or messages

Location data

Browsing history

Usage data sold to advertisers

Biometric data

Your Rights

Delete everything. In one tap.

You can permanently delete your account and all associated data from Settings → Account → Delete account. Deletion is immediate and irreversible. We do not retain backups of deleted user data beyond our 30-day disaster recovery window, after which it is purged completely from all systems.

01

Open Settings

02

Tap Account

03

Delete account

04

Data purged within 30 days

We have never sold user data.
We never will.

Our business model is subscriptions. Your data is not a product.

Infrastructure

Built on infrastructure you already trust.

Split runs on Convex-managed infrastructure. We avoid overstating certifications and only publish controls that are currently in place.

Convex-hosted backend

Application data is stored and served through Convex.

Least-data approach

We collect what the product needs and avoid unnecessary data.

User controls

Calendar access is revocable and account deletion is in-app.

Security roadmap

Additional controls will be added as the product matures.

Security Researchers

Found something? We want to know.

If you find a potential security issue, report it through the in-app bug report flow so it reaches the engineering queue. We review and triage security reports as quickly as possible.

Report security issues via

Use Settings to submit a bug report