Privacy Policy

Account information. When you create a Splash account we collect your name, email address, business details, and authentication information.

Customer and booking data. Splash stores the customer records, vehicles, bookings, photos, and notes that you and your team submit to the Service.

Payment data. Payment card information is collected and processed by Stripe directly. Splash receives metadata such as the last four digits, brand, and status — never full card numbers.

Usage data. We collect technical information about how the Service is used, including device, browser, IP address, and basic event logs, for security and product improvement.

We use information to provide and improve the Service, process transactions through Stripe, deliver transactional notifications by email, prevent abuse and fraud, comply with legal obligations, and communicate with you about your account.

Subprocessors. We share information with vetted infrastructure providers (such as our hosting, database, object storage, and email providers) strictly to deliver the Service.

Stripe. Payments flow through Stripe under their own terms and privacy policy.

Legal & safety. We may disclose information when required by law or to protect the rights, property, or safety of Splash, our customers, or others.

We do not sell personal information.

We retain account and transaction data for as long as your account is active or as needed to comply with our legal obligations. Photo evidence is retained per your subscription plan. You may request deletion of your data subject to legal and accounting requirements.

Splash uses industry-standard safeguards including encryption in transit (TLS 1.2+), encryption at rest, hashed passwords, least-privilege access, and audit logging. See our Security page for details.

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise these rights, contact us through the contact page.

Splash and our subprocessors may process information in countries other than your own. Where required, we rely on recognized transfer mechanisms such as the EU Standard Contractual Clauses.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us so we can delete it.

We may update this Privacy Policy from time to time. For material changes, we will provide reasonable advance notice by email or through the Service.

Privacy questions or requests? Reach the Splash team via our contact page.