Privacy – Sphere

Sphere

Legal · Privacy

Privacy Policy.

Sphere is built around a single promise: nothing leaves your device unless it has to, and nothing is revealed to anyone unless interest is mutual. This document explains exactly how we keep that promise.

Last updated: 05-14-2026 · Version 1.0

Table of contents

01 Who this applies to

02 What we collect

03 How we use it

04 Identity hashing

05 SMS & Twilio

06 Sharing & third parties

07 Retention & deletion

08 Account deletion

09 Security

10 Your rights

11 Data requests

12 Children

13 International users

14 Changes to this policy

15 Contact us

i.Who this applies to

This Privacy Policy applies to Sphere (the “Service,” “we,” “us”), operated by [Sphere, Inc., a Delaware corporation] with offices at [Company Address]. It governs any use of the Sphere mobile application, the website at mysphere.love, and any related services. Questions: info@mysphere.love.

It applies to users who download Sphere and create an account, and partially to third parties whose phone numbers or social handles are added to a user’s watchlist (see §4: Identity hashing).

ii.What we collect

From you, directly

Phone number. Required at signup to verify your identity via SMS.
Instagram handle. Optional, if you choose to be discoverable by handle.
Display name. Optional, only revealed once a mutual match occurs.
Authentication credentials. A device-bound token tied to your phone-verified account.

From your device, automatically

What we never collect

Your contacts list. We do not upload your address book to our servers.
The plaintext phone numbers or handles of people on your watchlist.
Your message content with matched users (end-to-end encrypted — see §8).
Your location, beyond country-level region inferred from your phone number.

Phone numbers, display names, and Instagram handles are stored under AES-256 encryption — never in plaintext. We compare cryptographic hashes; your watchlist is unreadable on our servers.

iii.How we use it

We use the data we collect to:

Verify your phone number at signup and on suspicious sign-in attempts.
Detect mutual matches by comparing salted hashes (see §4).
Send transactional SMS (verification codes, security alerts, mutual-match notifications) and, if you opt in separately, occasional product update SMS.
Operate, maintain, debug, and improve the Service.
Detect, prevent, and respond to fraud, abuse, harassment, and illegal activity.
Comply with legal obligations.

We do not use your data to build advertising profiles, sell to data brokers, or train third-party AI/ML models.

iv.Identity hashing

Sphere’s core mechanic depends on detecting mutual interest without revealing watchlists to anyone — including Sphere itself. Phone numbers, display names, and Instagram handles are never stored in plaintext anywhere in our systems.

When you add a phone number or @handle:

Your device normalizes the identifier (lowercase, strip formatting).
It applies a per-user secret-keyed hash, then a server-side double-hash with a salt rotated daily.
Only the resulting double-hash is sent to Sphere’s servers. We compare hashes from different users to detect intersections (mutual interest).
Where any identifier must be retained (e.g. your own verified phone for sign-in), it is encrypted at rest using AES-256-GCM with envelope encryption and hardware-backed key management.
Detect, prevent, and respond to fraud, abuse, harassment, and illegal activity.
Comply with legal obligations.

If a third party has not signed up for Sphere, no comparison ever occurs and no record of their identifier exists in cleartext on our servers. If they sign up later, only at that point can a mutual match be detected, and only if you have not removed them.

v.SMS & Twilio

We use Twilio (Twilio Inc., 101 Spear Street, San Francisco, CA) as our SMS service provider for U.S. and international SMS delivery. Phone numbers transmitted to Twilio for message delivery are sent over TLS 1.3 and are not retained by Sphere in plaintext beyond the moment of dispatch.

Categories of SMS we send

Account verification: 6-digit codes triggered by your sign-in or password change.
Security alerts: Sign-in from a new device, password change confirmations.
Mutual-match notifications: “You have a new mutual on Sphere.” Sent only to you, the account holder, when mutual interest is detected.
Product updates (opt-in): Occasional feature announcements. Off by default; enabled only if you toggle it on in Settings → Notifications → Product SMS.

Consent

You provide express consent to receive transactional SMS by entering your phone number at signup and tapping “Send code.” You provide separate, additional consent for product-update SMS by toggling that setting on in-app. We do not share, sell, or rent mobile information (including phone numbers and opt-in status) to third parties or affiliates for marketing or promotional purposes. All consent records are retained for compliance with TCPA and CTIA guidelines.

Frequency & carrier terms

Message frequency varies. Most users receive 1–3 messages per week. Message and data rates may apply per your carrier’s plan. Sphere is not responsible for carrier charges.

Opt-out

Reply STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to any Sphere SMS to opt out of all non-essential SMS — we will send a single confirmation and no further messages. Reply HELP to any Sphere SMS for assistance, or email info@mysphere.love. Note that opting out of verification SMS will prevent you from signing in.

What we never send by SMS

vi.Sharing & third parties

We share data with a small set of vendors strictly to operate the Service:

Twilio SMS delivery (your phone number, message body).
Apple App Store distribution, push notifications via APNs.
Cloud infrastructure provider ([AWS / GCP / etc.]) — encrypted data storage and compute.
Crash & analytics provider ([Sentry, etc.]) — anonymous crash logs and aggregated event analytics.

We do not sell, rent, or trade your personal information. We do not share watchlist data with anyone for any purpose.

We may disclose data when legally compelled (subpoena, court order). We will challenge overbroad requests and notify users when permitted by law.

vii.Retention & deletion

Account data: retained encrypted while your account is active.
Watchlist hashes: retained while you keep entries on your watchlist; deleted within 30 days of removal.
Match records: retained while either party keeps the match active.
SMS logs: 90 days, then deleted from our systems (Twilio retention varies per their policy).

Account deletion

You can delete your Sphere account and all associated personal data at any time. In the app, open Settings → Account → Delete account, or email info@mysphere.love from the phone number or email tied to your account with the subject line “Delete my account.”

When you delete your account, we purge:

Your verified phone number and any optional Instagram handle.
Your display name, profile fields, and authentication credentials.
Your watchlist hashes and any pending interest records.
Your match records, conversation metadata, and end-to-end encrypted message ciphertext on our servers.
Device tokens and push notification identifiers.

Deletion is initiated immediately and completed within 30 days across all production systems. Encrypted backups containing your data are rotated out within 90 days. We may retain a minimal, hashed record of your account’s phone number solely to enforce safety bans, comply with legal obligations (e.g. court orders, tax records), and prevent fraud — this record cannot be used to re-identify you and is itself stored encrypted at rest. SMS opt-out preferences are retained as required by TCPA and CTIA guidelines. Once deletion is complete, your data cannot be recovered.

viii.Security

We use industry-standard safeguards: TLS 1.3 in transit, AES-256-GCM at rest with envelope encryption, hardware-backed key storage on iOS (Secure Enclave), scoped service credentials, daily key rotation on shared hashes, and audit logs on all production systems. Phone numbers, display names, and Instagram handles are never written to disk, logs, backups, or analytics in plaintext. Conversations between matched users are end-to-end encrypted using [Signal Protocol / specify]; we cannot read message content.

No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours of confirmation and disclose the scope and remediation.

ix.Your rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Correct inaccurate data.
Delete your data (right to be forgotten).
Export your data in a portable format.
Object to or restrict certain processing.
Lodge a complaint with your local data-protection authority.

California residents have additional rights under the CCPA/CPRA. EU and UK residents have rights under the GDPR. Email info@mysphere.love to exercise any of these rights.

x.Data requests

To request access, correction, deletion, or export of your data, email info@mysphere.love from the email address tied to your account, or use Settings → Account → Request my data inside the app. We respond within 30 days.

xi.Children

Sphere is not directed to children under 18. We do not knowingly collect data from anyone under 18. If we learn that we have collected such data, we delete it promptly. If you believe we have data from a minor, contact info@mysphere.love.

xii.International users

Sphere is operated from the United States. If you use Sphere from outside the U.S., your data will be transferred to and processed in the U.S. We rely on Standard Contractual Clauses (SCCs) for transfers from the EU/UK and equivalent safeguards for other regions.

xiii.Changes to this policy

We may update this Privacy Policy. Material changes will be announced via in-app notice and email, with a minimum of 14 days’ notice before the changes take effect. The current version is always available at mysphere.love/privacy.

xiv.Contact us

Questions about this Privacy Policy or how we handle your data?