Dulio Privacy Policy

Last updated: June 12, 2026

Dulio is operated by Kevin Maklouf ("we", "us"). Questions: use the support page, Account → Support in the app, or email support@dulio.ai.

The short version: Dulio syncs your account and the expenses you split to our secure cloud so they work across your devices and with the people you split with. We do not sell your data, share it with advertisers, or use it to train AI.

Information we collect

Account information — when you create an account, our authentication provider (Clerk) collects your name and email address, and, if you sign in with Apple or Google, the basic profile they return (name, email, and an optional profile photo). This is how we know it's you across devices. Dulio also asks for a profile phone number so friends can recognize and find you.

Your splits — the pools (groups), friends, expenses, settlements, notes, categories, and auto-split rules you create — including the names of people you add manually and any payment handles (Venmo / Cash App) you enter so you can pay each other back. This is stored in our cloud backend so it stays in sync and the people in your pools see shared balances.

Linked bank information — if you use the free bank-sync trial, subscribe to Dulio Basic, or subscribe to Dulio Plus and choose to link a bank or card, Dulio receives account metadata and transactions from Plaid so you can split charges. Bank linking is optional. Dulio imports and retains about 9 months of raw bank transaction history on a rolling basis. If you unlink a bank, your trial expires, or your plan no longer includes bank sync, Dulio removes the Plaid connection and stops future imports. Unsplit bank-inbox rows may be removed from the active inbox, but expenses, splits, settlements, and pool history you already created from an imported charge remain as Dulio app records unless you delete your account.

On-device cache — a copy of your data is kept on your device so the app is fast and works offline; it re-syncs when you're back online.

Diagnostics — if the app shows a "Something went wrong" screen, Dulio sends a limited crash report to our cloud backend with the error message, stack, app version, platform, OS version, and your account id when available. This helps us debug production issues and is not used for advertising or tracking.

Purchases — Dulio offers optional in-app purchases. Apple processes payments. Dulio stores your plan tier, subscription/entitlement state, and paid scan credit counts so the right features are available.

Permissions Dulio asks for

• Contacts (optional): if you tap "Add from Contacts", iOS shows a contact picker and Dulio receives only the name and phone number of the one contact you pick. Dulio never reads, scans, or uploads your full address book.
• Photo Library (optional): if you set a profile photo, Dulio uses the image you select. If you attach or scan a receipt, Dulio uses the receipt image you select.
• Camera (optional): if you choose "Take photo" for a receipt, Dulio uses the camera only to capture that receipt image.

You can decline these permissions and still use the app; only that feature is unavailable.

Service providers (sub-processors)

We use trusted providers to run Dulio. They process your data only to provide their service to us:

• Clerk — sign-in and account management (clerk.com/privacy).
• Convex — secure cloud database that stores and syncs your pools, expenses, and settlements (convex.dev/legal/privacy).
• OpenAI — when you scan a receipt, the photo is sent to OpenAI to read the merchant, total, and line items. OpenAI processes the image only to return that result and does not use API data to train its models (openai.com/policies/privacy-policy). If you never scan a receipt, no image is ever sent.
• Plaid — if you link a bank or card during the free trial, with Dulio Basic, or with Dulio Plus, Plaid connects to that financial institution and returns account metadata and transactions so you can split charges (plaid.com/legal). Bank linking is optional.

What Dulio does not do

• We do not sell or rent your data, or share it with advertisers.
• We do not use your data to train AI models.
• We do not show third-party ads or include advertising/tracking SDKs in this version.
• We do not collect your location, health data, or advertising identifiers.
• We do not link bank or card accounts unless you choose to connect one.

Analytics

Dulio includes an internal analytics seam so we can add first-party product analytics later, but the public 1.0.0 app does not send product-usage analytics to a backend or third-party analytics provider. Crash diagnostics described above may still be sent when an error screen appears.

Your choices and rights

• Export your data: Account → Export creates a JSON copy you can save or share.
• Delete your account: Account → Delete account permanently erases your account and personal data from our cloud and signs you out. Balances you shared with others remain in those shared pools as an anonymized participant so your friends' records stay intact.

Children

Dulio is not directed at children under 13, and we do not knowingly collect data from them.

Security

Data in transit is encrypted (HTTPS), and your cloud data is stored with our providers' standard protections. No method of storage or transmission is 100% secure, but we work to protect your information.

Receipt scanning

When you choose to scan a receipt, Dulio sends that photo to OpenAI (see sub-processors above) to extract the merchant, total, and line items so you can split it. This only happens when you tap to scan a receipt — it is never automatic, and the rest of the app works without it.

Bank linking

If you choose to connect a bank or card during the free bank-sync trial, with Dulio Basic, or with Dulio Plus, Dulio uses Plaid to pull in account metadata and transactions so you can split charges. Dulio keeps about 9 months of raw bank transaction history; saved expenses, settlements, and pool history are kept as Dulio records. You can use Dulio without linking a bank, and you can unlink a connected institution from Account. Unlinking removes the Plaid connection and stops new imports; it does not delete saved expenses or split history that you already created from imported charges.

Changes

We'll update this page when our practices change and revise the "Last updated" date above.

Use the support page, Account → Support, or support@dulio.ai for privacy questions or requests. See also the Terms of Service.