Privacy Policy

1. Introduction

TribeBills ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, how it is shared, and the choices you have. It applies to the TribeBills web application and related services (the "Service").

2. Information We Collect

We collect the following categories of information, depending on how you use the Service:

• Account Information: name, email, and credentials for account creation and authentication.
• Third‑Party Sign‑In: when you use Google or Apple to sign in, we receive identity tokens and basic profile data as provided by the provider.
• Usage and Device: interactions with features, device/browser metadata, and diagnostics necessary to operate, secure, and improve the Service.
• Receipts and Images: receipt images and payment proof uploads you provide for bill management.
• Subscription and Billing: subscription tier, status, and Stripe checkout/portal identifiers; we do not process or store card numbers.

3. How We Use Information

• Provide core features: bill creation, sharing, payments timeline, and tribe management.
• Authenticate users via email, Google, Apple, and maintain sessions.
• Process subscriptions and billing through Stripe Checkout and Customer Portal.
• Improve reliability and safety; debug issues and prevent abuse.
• Analyze feature usage to improve the product.

4. Cookies, Local Storage, and Similar Technologies

The web app uses browser storage to operate the Service:

• Local Storage: access/refresh tokens and user data needed for session continuity and authenticated API calls.
• Cookies: UI preferences and minor state (e.g., sidebar state). We do not set non‑essential advertising cookies.

Your browser may offer settings to block cookies/storage; some features may not work correctly if disabled.

5. Analytics

We use Mixpanel to understand feature usage and improve the product. Mixpanel may receive event data such as page views, feature interactions, and technical metadata. No payment card data is sent to Mixpanel. See Mixpanel’s privacy documentation for details.

6. Payments

We use Stripe to process payments. We send Stripe the minimum required details (e.g., your email, selected plan, and identifiers). Card information is entered directly with Stripe; we do not receive or store your complete card number. Stripe acts as our payment processor.

7. Data Sharing

• Service providers necessary to operate the Service (e.g., hosting, storage, analytics, payments).
• Compliance with laws, protection of rights, and safety.
• With your consent or as you direct (e.g., sharing within your tribes).

8. Data Retention

• Access Tokens: expire after approximately 30 minutes; not stored server‑side.
• Refresh Tokens: stored server‑side for approximately 30 days; revoked on logout and deleted on account deletion.
• Receipts & Payment Proof Images: stored while referenced by bills/payments. Orphaned images may be removed during maintenance.
• Stripe Webhooks: processed to update subscription state; event payloads are not persisted by us beyond operational logs.

9. International Transfers

Your information may be processed in locations where our providers operate. We take steps to protect your data consistent with this policy.

10. Your Rights

Depending on your location, you may have rights to access, correct, delete, or port your data, restrict or object to processing, and withdraw consent. To exercise these rights, contact us at the address below.

11. Children

The Service is not directed to children under the age of 13 and we do not knowingly collect their personal information.

12. Changes

We may update this policy from time to time. We will update the “Last Updated” date when changes are made.