Privacy Policy for PhoneTea

Last Updated: [November 2, 2025]

Effective Date: [November 2, 2025]

Introduction

Welcome to PhoneTea ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using PhoneTea, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Information You Provide Directly

Account Information:

• Email address
• Username
• Password (encrypted and securely stored)
• Profile information you choose to add

Phone Number Information:

• Phone numbers you search for
• Phone numbers you add to the database
• Phone numbers you verify via SMS
• Biographical information for verified numbers

Review Content:

• Reviews and you submit
• Comments on reviews
• Photos/images attached to reviews
• Labels and categories you assign

Payment Information (for Premium Users):

• Payment card information (processed securely through Stripe)
• Billing address
• Transaction history
• Subscription details

Business Verification (for Business Users):

• Business name and type
• Business license documentation
• Verification documents

Communication:

• Support requests and correspondence
• Feedback and survey responses

1.2 Information Collected Automatically

Device Information:

• Device type, model, and manufacturer
• Operating system and version
• Unique device identifiers
• Mobile network information
• Device settings

Usage Information:

• Features you use
• Searches performed
• Reviews viewed and submitted
• Time and date of activities
• Session duration
• Click patterns and interactions

Location Information:

• Approximate location derived from IP address
• Location inferred from area codes of phone numbers
• General geographic region

IP Address and Network Information:

• IP address (for security and fraud prevention)
• Internet service provider
• Network type (WiFi, cellular)

Camera and Photo Library Access:

• When you upload images to reviews, we access your camera or photo library with your permission
• Images are processed and stored on our servers

SMS Permissions:

• For phone number verification, we request permission to read and receive SMS messages
• This is used solely to auto-fill verification codes
• We do not read, store, or access other SMS messages
• Phone numbers collected for SMS verification will not be shared with third parties for marketing or promotional purposes.

1.3 Information from Third-Party Sources

Authentication Services:

• Google Sign-In: Name, email, profile picture
• Apple Sign-In: Name, email (or private relay email)

Payment Processors:

• Stripe: Payment confirmation and transaction data
• Google Play / App Store: Purchase verification for in-app subscriptions

Phone Validation Services:

• Phone number type (landline, mobile, VoIP)
• Carrier information
• Line status
• Geographic information

Analytics Services:

• Firebase Analytics: Usage patterns and app performance
• Crash reporting data

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Core Service Functionality

• Provide phone number lookup and review services
• Enable user authentication and account management
• Verify phone number ownership via SMS
• Display and organize reviews
• Facilitate user communication through comments

2.2 Service Improvement

• Analyze usage patterns to improve features
• Develop new features and functionality
• Test and troubleshoot technical issues
• Conduct research and analytics
• Monitor app performance

2.3 Security and Fraud Prevention

• Detect and prevent spam, fraud, and abuse
• Enforce our Terms of Service
• Rate limit suspicious activity
• Monitor for unauthorized access
• Identify and block VoIP/disposable numbers used for abuse
• Implement automated content moderation

2.4 Communication

• Send transactional emails (verification, password reset)
• Provide customer support
• Send push notifications (with your permission)
• Notify you of account activity
• Send service updates and announcements

2.5 Premium Features

• Process payments and subscriptions
• Verify business accounts
• Provide API access to approved developers
• Deliver ad-free experience to subscribers

2.6 Advertising (Free Users)

• Display relevant advertisements through Google AdMob
• Measure ad performance and effectiveness
• Personalize ad content (if you've opted in)

2.7 Legal Compliance

• Comply with legal obligations
• Respond to legal requests and prevent harm
• Enforce our rights and protect our users

3. How We Share Your Information

We do not sell your personal information to third parties. We share information only in the following circumstances:

3.1 With Your Consent

• When you explicitly authorize us to share information
• When you share content publicly (reviews are visible to all users)

3.2 Service Providers and Business Partners

We share information with trusted third-party service providers who assist us in operating our Service:

Firebase (Google):

• Authentication services
• Cloud database (Firestore)
• Cloud storage for images
• Push notifications (Firebase Messaging)
• Analytics and crash reporting

Stripe:

• Payment processing for premium subscriptions
• Only processes payment information, not stored by us

Google AdMob:

• Advertising services for free users
• Ad performance tracking
• Receives device identifiers and usage data

Google Sign-In / Apple Sign-In:

• Third-party authentication
• Receives only necessary profile information

Twilio (or similar SMS providers):

• SMS verification code delivery
• Does not receive or store your SMS messages

Phone Validation Services:

• Abstract API, Numverify, or similar
• Validates phone number authenticity
• Detects VoIP and disposable numbers

Cloud Infrastructure:

• Google Cloud Platform
• Secure data storage and processing

Analytics Services:

• Firebase Analytics
• Usage and performance monitoring

All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.

3.3 Legal Requirements

We may disclose your information when required by law or in response to:

• Court orders, subpoenas, or legal processes
• Government or law enforcement requests
• Protection of our rights, property, or safety
• Investigation of fraud or security issues
• Enforcement of our Terms of Service

3.4 Business Transfers

If PhoneTea is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

3.5 Aggregate and De-Identified Data

We may share aggregated, de-identified information that cannot reasonably be used to identify you, such as:

• Overall app usage statistics
• Trends in phone number searches
• General demographic information

4. Advertising and Third-Party Services

4.1 Google AdMob (Free Users)

Free users will see advertisements powered by Google AdMob. Here's what you should know:

• Ad Identifiers: AdMob uses your device's advertising ID to show relevant ads
• Personalization: You can opt out of personalized ads in your profile settings
• Data Sharing: AdMob receives device information, ad interaction data, and approximate location
• Third-Party Ads: Ad networks may use cookies and tracking technologies

Opting Out:

• iOS: Settings → Privacy → Advertising → Limit Ad Tracking
• Android: Settings → Google → Ads → Opt out of Ads Personalization
• In-App: Profile → Settings → Personalized Ads → Toggle Off

Remove Ads Completely:

• Upgrade to any Premium subscription for an ad-free experience

4.2 Google AdSense (Web Users)

Free web users will see advertisements powered by Google AdSense. Here's what you should know:

• Cookies: Uses browser cookies and tracking pixels to deliver relevant ads
• Personalization: You can opt out of personalized ads through your browser or Google Ad Settings
• Data Sharing: AdSense receives IP address, browser info, and interaction data

Opt-Out Options:

• Browser: Network Advertising Initiative Opt-Out
• Google: Ad Settings

Remove Ads Completely:

• Upgrade to any Premium subscription for an ad-free experience

4.3 Premium Subscriptions (No Ads)

Premium users enjoy an ad-free experience and will not see any advertisements. Your advertising ID is not shared with ad networks when you have an active premium subscription.

5. Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards:

• Encryption: Data encrypted in transit (TLS/SSL) and at rest
• Secure Storage: Firebase secure cloud storage with access controls
• Authentication: Secure password hashing (Firebase Auth)
• API Security: Rate limiting, IP monitoring, and anomaly detection
• Access Controls: Role-based access to sensitive data

Operational Safeguards:

• Regular security audits and monitoring
• Employee training on data protection
• Limited access to personal information
• Incident response procedures

Security Features:

• Two-factor authentication available
• Suspicious activity detection
• Automated content moderation
• reCAPTCHA for spam prevention

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

Account Data:

• Retained while your account is active
• Retained for 90 days after account deletion (for recovery)
• Permanently deleted after retention period

Reviews and Content:

• Reviews remain visible even after account deletion (anonymized)
• You may request specific content removal

Payment Data:

• Transaction records retained for 7 years (legal requirement)
• Payment card details not stored (handled by Stripe)

Usage Data:

• Analytics data retained for 26 months
• Crash reports retained for 90 days

Security Logs:

• IP logs retained for 90 days
• Rate limit logs retained for 30 days
• Security incident logs retained for 1 year

Right to Request Deletion:

• You may request deletion of your data at any time
• Some information may be retained as required by law

7. Your Privacy Rights

7.1 Access and Control

Account Settings:

• View and update your profile information
• Change email address and password
• Manage notification preferences
• Control ad personalization

Data Access:

• Request a copy of your personal data
• Review what information we have about you
• Export your reviews and content

Data Deletion:

• Delete individual reviews or content
• Request account deletion
• Remove verification from phone numbers

7.2 Communication Preferences

You can control communications from us:

• Push notifications: Toggle in app settings
• Email notifications: Manage in profile settings
• Marketing emails: Unsubscribe link in emails
• Transactional emails: Cannot opt out (necessary for service)

7.3 Rights by Region

California Residents (CCPA):

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt out of sale of personal information (we don't sell data)
• Right to non-discrimination for exercising privacy rights

European Union/UK Residents (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

To Exercise Your Rights:

• Email: phonetea.app@gmail.com
• In-App: Profile → Settings → Privacy Rights
• Response time: Within 30 days

8. Children's Privacy

PhoneTea is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child under 13 has provided us with personal information:

• Contact us immediately at phonetea.app@gmail.com
• We will delete the information promptly

Age Requirement:

• You must be at least 13 years old to create an account
• Users under 18 should have parental permission

9. International Data Transfers

PhoneTea operates globally, and your information may be transferred to and processed in countries other than your own, including the United States.

Data Transfer Safeguards:

• We use Google Cloud Platform with data centers worldwide
• Standard contractual clauses for EU data transfers
• Privacy Shield frameworks (where applicable)
• Adequate data protection measures

By using our Service, you consent to the transfer of your information to countries outside your residence.

10. Third-Party Links and Services

Our Service may contain links to third-party websites, apps, or services that we do not control:

• External Links: We're not responsible for privacy practices of other sites
• Social Sharing: When you share content, you're subject to the recipient platform's privacy policy
• Third-Party Sign-In: Google and Apple have their own privacy policies
• Payment Processors: Stripe's privacy policy governs payment processing

We encourage you to read the privacy policies of any third-party services you access.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

How We Notify You:

• Email notification to registered users
• In-app notification
• Updated "Last Updated" date at the top of this policy
• Prominent notice in the app for material changes

Your Continued Use:

• Continued use after changes constitutes acceptance
• Material changes require opt-in consent where required by law

Review Regularly:

• Check this policy periodically for updates
• Date of last update shown at the top

12. Your Choices and Controls

Account Management:

✓ Update profile information anytime ✓ Change privacy settings ✓ Manage verified phone numbers ✓ Delete reviews and content ✓ Export your data ✓ Delete your account

Privacy Controls:

✓ Control who can see your verified numbers ✓ Manage push notification preferences ✓ Opt out of personalized ads ✓ Control email communications ✓ Manage camera/SMS permissions

Premium Options:

✓ Upgrade for ad-free experience ✓ Enhanced privacy features ✓ Priority support

13. California Privacy Rights (CCPA)

California residents have specific rights under the California Consumer Privacy Act:

Information We Collect:

See Section 1 for categories of information collected.

Purposes for Collection:

See Section 2 for how we use your information.

Information Shared:

See Section 3 for categories of third parties with whom we share information.

Your CCPA Rights:

1. Right to Know: What personal information we collect, use, and disclose
2. Right to Delete: Request deletion of your personal information
3. Right to Opt-Out: We do not sell personal information
4. Right to Non-Discrimination: We won't discriminate for exercising rights

How to Exercise Rights:

• Email: phonetea.app@gmail.com
• Phone: [Your support phone]
• In-App: Profile → Privacy Rights → CCPA Request

Verification Process: We must verify your identity before processing requests. We'll ask for:

• Email address associated with account
• Username
• Additional verification questions

Response Time: 45 days maximum

14. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA) or UK, you have additional rights:

Legal Basis for Processing:

• Consent: You've given explicit consent for specific purposes
• Contract: Processing necessary to provide the Service
• Legal Obligation: Required by law
• Legitimate Interests: Our legitimate business interests

Your GDPR Rights:

1. Right to Access: Get a copy of your personal data
2. Right to Rectification: Correct inaccurate data
3. Right to Erasure: Delete your data ("right to be forgotten")
4. Right to Restrict: Limit how we use your data
5. Right to Portability: Transfer data to another service
6. Right to Object: Object to certain processing
7. Right to Withdraw Consent: Withdraw consent at any time

Data Protection Officer:

Email: phonetea.app@gmail.com

Supervisory Authority:

You have the right to lodge a complaint with your local data protection authority.

15. Do Not Track Signals

Some browsers support "Do Not Track" (DNT) signals. Currently, there is no industry standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we offer opt-out controls as described in this policy.

16. Data Breach Notification

In the event of a data breach that affects your personal information:

We will:

• Notify affected users within 72 hours of discovery
• Notify appropriate regulatory authorities as required
• Provide details about the breach and steps taken
• Offer guidance on protecting yourself

You should:

• Change your password immediately if notified
• Monitor your accounts for suspicious activity
• Follow our security recommendations

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Email: phonetea.app@gmail.com Support: phonetea.app@gmail.com Website: https://phonetea.com/privacy

Response Time: We aim to respond within 3-5 business days.

18. Consent

By using PhoneTea, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.

For Specific Features:

• SMS Verification: Separate consent requested when verifying numbers
• Camera Access: Permission requested when uploading photos
• Push Notifications: Permission requested on first use
• Location: Approximate location inferred, no precise location tracking

You can withdraw consent for optional features at any time through your device or app settings.

19. Effective Date and Version

Privacy Policy Version: 1.0 Effective Date: [November 2, 2025] Last Updated: [November 2, 2025]

Previous versions of this privacy policy are available upon request.

Thank you for trusting PhoneTea with your information. We are committed to protecting your privacy and providing a secure, transparent service.

Quick Reference

• Data We Collect: Account info, phone numbers, reviews, device data, usage data
• Why We Collect: Provide service, improve features, security, support, legal compliance
• Who We Share With: Firebase, Stripe, AdMob, service providers (never sold)
• Your Controls: Access, update, delete data; manage privacy settings; opt out of ads
• Security: Encryption, secure storage, monitoring, access controls
• Your Rights: Access, deletion, portability, objection (varies by region)
• Contact: phonetea.app@gmail.com

For Premium Users: Ad-free experience, enhanced features, no ad tracking

For Free Users: Ads powered by Google AdMob, can opt out of personalized ads