Privacy Policy

1. Information We Collect

Personal Information

We collect the following personal information when you create an account and use our services:

• Phone number (required for account creation and authentication)
• Display name (optional, used for trip sharing)

Payment Information

Payment processing is handled by Stripe, Inc. We do not store your credit card numbers, CVV codes, or other sensitive payment credentials on our servers. Stripe collects and processes payment information in accordance with their own privacy policy. We retain transaction records including amounts, dates, and order references.

Trip Data

When you create and manage trips, we collect:

• Trip names, destinations, and travel dates
• Trip member information (for shared trips)
• Invite codes and sharing preferences

Expense Data

When you track expenses, we collect:

• Expense amounts, currencies, and categories
• Expense descriptions and notes
• Split details when sharing expenses with other users
• Settlement records between trip members

Device and Usage Information

We automatically collect certain technical information:

• Device model, operating system, and version
• App version and build information
• Feature usage patterns and interaction data
• Crash reports and error logs
• Push notification tokens (for sending notifications)

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our services, including trip planning and expense tracking
• To process purchases and payments through Stripe
• To enable trip sharing and collaborative expense splitting between you and your travel companions
• To send you notifications about trip reminders and expense activity
• To improve and optimize the App through anonymous usage analytics and crash reporting
• To provide customer support and respond to your inquiries
• To comply with legal obligations, resolve disputes, and enforce our agreements

3. Information Sharing

We may share your information with the following parties and in the following circumstances:

Trip Members

When you enable trip sharing, your trip details, expenses, and balance information are visible to other members of that trip. You control sharing through the trip sharing settings.

Payment Processors

We share necessary transaction information with Stripe, Inc. to process your payments. Stripe handles your payment data in accordance with PCI DSS standards and their own privacy policy.

Analytics Providers

We use analytics services to understand how users interact with the App. These services collect anonymised usage data to help us improve performance and user experience.

Legal Requirements

We may disclose your information if required to do so by law, regulation, or legal process, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.

4. Data Storage and Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it:

• Data is stored with Row Level Security (RLS) policies ensuring users can only access their own data
• All data is encrypted in transit using TLS (Transport Layer Security)
• Data at rest is encrypted using industry-standard encryption
• We use Singapore-based infrastructure where possible to minimise cross-border data transfers
• We conduct regular security assessments and code reviews
• Authentication is performed via one-time passwords (OTP) sent to your verified phone number

5. Your Rights Under the PDPA

Under the Personal Data Protection Act 2012 of Singapore, you have the following rights regarding your personal data:

Access

You may request access to your personal data that we hold, including what data has been collected, how it has been used, and to whom it has been disclosed in the past year.

Correction

You may request the correction of any inaccurate or incomplete personal data we hold about you.

Withdrawal of Consent

You may withdraw your consent for us to collect, use, or disclose your personal data at any time by contacting us. Please note that withdrawal of consent may affect our ability to provide certain services to you.

Deletion

You may request the deletion of your personal data, subject to our legal obligations to retain certain records (see Data Retention below).

Data Portability

You may request a copy of your personal data in a commonly used, machine-readable format for transfer to another service provider.

To exercise any of these rights, please contact us at support@travelwithhello.com.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required by law:

• Account data (phone number, profile): retained while your account is active and for a reasonable period after account closure
• Transaction and payment records: 7 years from the date of transaction, as required by Singapore regulatory requirements
• Trip and expense data: retained until you delete it or close your account
• Usage and analytics data: anonymised and retained indefinitely for service improvement

7. Cookies and Tracking

Hello is a mobile application and does not use browser cookies. However, we use the following technologies:

• Anonymous analytics to understand feature usage and improve the App experience
• Crash reporting via Sentry to identify and fix technical issues
• Local device storage (AsyncStorage) to cache your data for offline access and faster loading

We do not use tracking technologies that follow you across other apps or websites.

8. Children's Privacy

Hello is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete such data as soon as practicable.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@travelwithhello.com so we can take appropriate action.

9. International Data Transfers

While we primarily store data using Singapore-based infrastructure, your personal data may be transferred to and processed in countries outside of Singapore in the following circumstances:

• Payment processing by Stripe (servers located globally)
• Cloud infrastructure services for data hosting and analytics

Where data is transferred outside Singapore, we ensure that adequate safeguards are in place to protect your personal data in accordance with the PDPA, including contractual obligations on data recipients to maintain a comparable standard of data protection.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through the App via a push notification or in-app notice.

Your continued use of Hello after any changes to this Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this policy periodically.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.