Privacy Policy

Last updated: 19 January 2026

1. Introduction

KNH Group ("we", "us", or "our") operates Spline (the "App"), a mobile application designed to help users split bills and manage shared expenses. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. By using Spline, you consent to the data practices described in this policy.

We are committed to protecting your privacy and ensuring the security of your personal and financial information. As a financial services application, we adhere to strict data protection standards and comply with applicable privacy laws in New Zealand and internationally.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect the following information:

Full name - Required for account identification and payment processing
Email address - Used for account verification, login, and important communications
Phone number - Used for account security, verification, and optional SMS notifications
Date of birth - Required to verify you meet the minimum age requirement (18 years)
Profile picture - Optional, used to help friends identify you within the App

2.2 Financial Information

Important: Spline does not store your complete bank account numbers, credit card numbers, or debit card details on our servers. All payment information is securely processed and stored by our PCI DSS Level 1 compliant payment partner, Stripe.

We collect and process the following financial information:

Bank account details - Processed securely through Stripe for deposits and withdrawals. We only store tokenized references, not actual account numbers.
Credit/Debit card information - Processed and stored exclusively by Stripe. We never have access to your full card numbers.
Transaction history - Records of payments, splits, and transfers within the App
Wallet balance - Your current Spline wallet balance for in-app transactions
Payment preferences - Your preferred payment methods and settings

2.3 Biometric Information

With your explicit consent, we may use biometric authentication features provided by your device:

Face ID / Touch ID (iOS) - Used for secure authentication and transaction authorization
Fingerprint / Face recognition (Android) - Used for secure authentication and transaction authorization

Biometric data is processed locally on your device and is never transmitted to or stored on our servers. We only receive a confirmation of successful authentication from your device's operating system.

2.4 Device and Usage Information

We automatically collect:

Device type, model, and operating system version
Unique device identifiers
IP address and approximate location (country/region level)
App usage patterns and feature interactions
Crash reports and performance data
Push notification tokens (with your permission)

3. How We Use Your Information

We use the collected information for the following purposes:

Service Delivery - To provide, maintain, and improve the App's functionality
Payment Processing - To process transactions, manage your wallet, and facilitate bill splitting
Identity Verification - To verify your identity and prevent fraud in compliance with Anti-Money Laundering (AML) regulations
Account Security - To protect your account from unauthorized access
Communication - To send notifications about split requests, payments, and important account updates
Customer Support - To respond to your inquiries and provide assistance
Legal Compliance - To comply with applicable laws, regulations, and legal processes
Fraud Prevention - To detect, prevent, and investigate fraudulent or suspicious activities
Service Improvement - To analyze usage patterns and improve user experience

4. Information Sharing and Disclosure

We may share your information with the following parties:

4.1 Payment Processors

We share necessary information with Stripe, our payment processing partner, to facilitate transactions. Stripe is PCI DSS Level 1 certified, the highest level of security certification in the payment industry. For more information, please review Stripe's Privacy Policy.

4.2 Other Users

When you participate in bill splits, other users in the same split event can see:

Your name and profile picture
Your share of the expense
Payment status (paid/unpaid)

4.3 Service Providers

We may share information with trusted service providers who assist us in operating the App, including cloud hosting, analytics, and customer support services. These providers are contractually obligated to protect your information.

4.4 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

We do not sell your personal information. We never sell, rent, or trade your personal or financial information to third parties for marketing purposes.

5. Data Security

We implement comprehensive security measures to protect your information:

Encryption - All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
Secure Authentication - We use secure authentication protocols including multi-factor authentication options
PCI Compliance - Payment processing is handled by PCI DSS Level 1 certified partners
Access Controls - Strict access controls limit data access to authorized personnel only
Regular Audits - We conduct regular security assessments and vulnerability testing
Secure Infrastructure - Our systems are hosted on secure, enterprise-grade cloud infrastructure
Monitoring - Continuous monitoring for suspicious activities and potential security threats

While we strive to protect your information using industry-leading security practices, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specific retention periods include:

Account Information - Retained while your account is active and for 2 years after account closure
Transaction Records - Retained for 7 years as required by financial regulations and tax laws
Communication Records - Retained for 3 years for customer support and dispute resolution purposes
Usage Data - Aggregated and anonymized data may be retained indefinitely for analytical purposes

Upon request for account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Access - Request a copy of the personal information we hold about you
Correction - Request correction of inaccurate or incomplete information
Deletion - Request deletion of your personal information (subject to legal retention requirements)
Portability - Receive your data in a structured, commonly used format
Objection - Object to certain processing activities
Restriction - Request restriction of processing in certain circumstances
Withdraw Consent - Withdraw consent where processing is based on consent

To exercise these rights, please contact us at admin@spline.nz. We will respond to your request within 30 days.

8. Push Notifications

With your permission, we send push notifications for:

Split requests and payment reminders
Payment confirmations and receipts
Friend requests and activity updates
Important account and security alerts

You can manage notification preferences in your device settings or within the App at any time.

9. Cookies and Tracking

The App may use local storage and similar technologies to enhance your experience. We use analytics tools to understand how users interact with the App, which helps us improve our services. You can opt out of analytics tracking in the App settings.

10. Children's Privacy

Spline is a financial services application intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take immediate steps to delete such information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than New Zealand, including countries where our service providers operate. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses and compliance with applicable data protection laws.

12. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes through the App or via email. The "Last updated" date at the top of this policy indicates when it was last revised. Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: admin@spline.nz

Company: KNH Group

Location: New Zealand

We are committed to resolving any complaints about our collection or use of your personal information. If you have a complaint, please contact us first, and we will endeavor to resolve the issue promptly.