Privacy Policy
Last updated: March 12, 2026
Phantom ("we," "us," "our") respects your privacy. This Privacy Policy applies to the Phantom website (phantomleads.ai) and the Phantom iOS mobile application (collectively, the "Service"). It explains what information we collect, how we use it, and your choices regarding your data.
1. Information We Collect
Information you provide:
- Account information: Email address, name, and profile details when you subscribe
- Business preferences: Target niche, city, and client information you input into the Service
- Payment information: Processed securely by Stripe. We do not store credit card numbers.
Information collected automatically:
- Usage data: Features accessed, discoveries performed, and subscription activity
iOS app-specific information:
- Biometric data: If you enable Face ID or Touch ID for login, authentication is handled entirely on your device by iOS. Your biometric data (facial geometry or fingerprint) never leaves your device and is never transmitted to our servers. Login credentials are stored in the iOS Keychain, which is encrypted and protected by the Secure Enclave.
- Photo library: The app may request permission to save creative assets to your photo library. We only write to your library when you choose to save. We do not read, scan, or upload photos from your library.
- Device storage: The app stores preferences, authentication tokens, and cached data locally on your device using standard browser storage. This data is accessible only to the Phantom app.
Information from third-party sources:
- Lead data: Publicly available business information from Google Places, public websites, and social media profiles. This data belongs to the businesses it describes, not to us.
2. How We Use Your Information
| Purpose | Data Used |
|---|
| Provide and operate the Service | Account info, preferences, usage data |
| Process payments | Email, payment info (via Stripe) |
| Communicate with you | Email address |
| Enforce subscription limits | Usage data, tier information |
| Improve the Service | Aggregated, anonymized usage data |
3. Data Sharing
We do not sell your personal information. We share data only with:
- Stripe: For payment processing. Subscription management is handled through Stripe's secure billing portal, which may open in your external browser.
- Google: Google Places API for lead discovery (we send search queries, not your personal data)
- AI providers: Anthropic (Claude) and Google (Gemini) for content generation. We send business context, not your personal information.
- Law enforcement: If required by law, court order, or legal process
4. Data Retention
- Active accounts: We retain your data for as long as your account is active.
- Cancelled accounts: We retain your data for 90 days after cancellation, then delete it. Lead data you generated is deleted with your account.
- Billing records: Retained for 7 years as required for tax/accounting purposes.
5. Data Security
We implement reasonable security measures to protect your data, including encrypted connections (HTTPS/TLS), secure API key management, and access controls. However, no system is 100% secure, and we cannot guarantee absolute security.
6. Your Rights
You have the right to:
- Access: Request a copy of the data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data (subject to legal retention requirements)
- Portability: Request your data in a machine-readable format
- Opt-out: Cancel your subscription at any time
To exercise these rights, contact us at support@phantomleads.ai.
7. Discovered Data & Third-Party Businesses
Phantom discovers publicly available information about businesses. This data includes business names, phone numbers, email addresses, websites, and social media profiles found on public sources. We do not access private or non-public data. If you are a business whose information has been discovered and you wish to be excluded, contact us.
8. Cookies and Tracking
Our website uses minimal cookies for essential functionality only. We do not use tracking cookies or advertising cookies that track individual users across websites.
iOS app: The Phantom iOS app does not include any third-party analytics SDKs, advertising trackers, or tracking cookies. All analytics and tracking scripts present on the website are removed from the mobile app build. The iOS app does not collect device advertising identifiers (IDFA).
9. Children's Privacy
The Service is not intended for individuals under 18. We do not knowingly collect data from minors.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify active subscribers of material changes via email. The "Last updated" date at the top reflects the most recent revision.
11. Contact
For privacy-related questions or requests, contact us at:
support@phantomleads.ai