Privacy

Privacy Policy

Last Updated: December 4, 2025

Phreeli Company is a corporation formed under the laws of Delaware, United States (“Phreeli,” “we,” “us,” or “our”). Phreeli has adopted this Privacy Policy to help the public understand Phreeli’s interaction with personal data when you use our Mobile Services and our Digital Services, as well as when purchasing Devices (collectively, the “Services”). The terms “Mobile Services,” “Digital Services,” and “Devices” are defined in our Terms of Service.

Phreeli has adopted “Privacy By Design” principles to allow for heightened privacy protections for subscribers. Specifically, we adopt the following general principles, which we use our best efforts to maintain:

  • Data Minimization - collecting and storing the minimum possible information we need about you to provide the Services you request and to comply with applicable laws.

  • Advanced Privacy Controls - offering options and settings for subscribers to control how and what data is passed to Phreeli.

  • Open-Source Encryption - where possible, we use the most up-to-date open-source encryption of all data.

  • Double-Blind Armadillo Architecture - our Double-Blind Aramadillo system keeps your account information separate from your telecommunications activity. This means that your username, zip code, and payment information are never associated with your phone number, your call, text, or data usage.

  • Minimum Disclosure - refraining from disclosing your data in the course of our business except where necessary to comply with applicable laws and protect the Phreeli ecosystem. We will never sell your data in the course of business.

Please understand that, even if we’re successful in upholding our principles, we cannot provide 100% anonymous Services to you. To address that, we offer multiple ways of purchasing and using our Services. Each method has its own advantages and considerations with respect to your digital privacy. To assist you in making the right choice, we’ve illustrated the pros and cons of each Service method in the table below:

Service Method

Privacy Advantages

Privacy Considerations

eSIM

• No physical address or name required to purchase

• No physical SIM card to lose

• Direct, digital provisioning

• SIM can be shut off for additional protection

• Payment information* + zip code required for payment authentication

• Device IMEI and eSIM profile linked to issued phone number

• Traffic not necessarily private if you don’t use privacy-focused apps and services*

Physical SIM

• SIM can be shut off or physically removed for additional protection

• Less reliance than eSIM on cloud services for activation

• Requires physical address and name to deliver

• Payment information* + zip code required for payment authentication

• SIM card can be physically compromised if lost

• Device IMEI and ICCID linked to issued phone number

• Traffic not necessarily private if you don’t use privacy-focused apps and services*

  • With the above in mind, you can further limit the data you provide to Phreeli by doing the following:

  • Cryptocurrency purchases - you can avoid providing certain financial information if you use a crypto wallet for purchases. Note, however, that payments with cryptocurrency are not inherently more private–-most cryptocurrency blockchains create a public, pseudonymous record that can be traced to you. You can limit the traceability of cryptocurrency transactions by using privacy-focused coins like Shielded Zcash and Monero. Zcash and Monero are in no way affiliated with Phreeli--please take the time to learn about these services before using them. Please note that we will also require a residential zip code no matter your purchase method to determine applicable sales taxes.

  • Privacy-focused services - we recommend all customers use privacy-focused applications and services on their devices.

Please also note that, even if certain Personal Information is required, we aggressively delete any identifying records that are not needed to deliver Services, improve our products, or comply with applicable laws (see Data Retention below).

Cookie Policy

Phreeli uses cookies to track user sessions in order to provide and improve Digital Services. Specifically, cookies are used:

  • to ensure you are authenticated;
  • to keep track of items you've added to your cart for purchase; and
  • to gather analytics data.

Analytics data is never associated with your account information. Instead, we associate analytics with a "cleaned" version of your IP address that strips out any identifying information that can be determined from your IP address (such as your location). We will associate sessions with your rough location, such as state and country.

1. Personal Information We Collect

The data we require from you, and how we use it, depends on: which Services you are using, how they are purchased, and how they are delivered to you. For purposes of this policy, any information collected from your use of the Services will be referred to as “Personal Information.” Personal Information is collected either (a) voluntarily from you, or (b) automatically via technologies we employ to provide Services. The Personal Information we collect includes the following:

A. Information We Collect

  • Your Phreeli-Issued Phone Number. We issue this number directly to you at sign-up.

  • Log data and Call Detail Records (CDRs). Our web servers and data centers create logs of requests and responses. These logs are created when you use any of our Services. Log data may include an IP address, time of request/response, your Phreeli-issued phone number, device information (see Device Identifiers below), operating-system/browser information, caller ID details, phone number routing information, location, and data usage. We use reasonable efforts to "clean" this data so it is not retained longer that it is needed to be, but you can limit the data associated with logs by adjusting your device’s settings and using privacy-focused services. Please also note that our underlying network creates and stores its own CDRs associated with your phone number.

  • Zip Code. We collect this information directly from you at sign-up.

  • Contact information, including name, email address, physical address, or phone number. We collect this information only if you voluntarily provide it to us in order to contact you, for instance regarding a support request or in connection with a report of fraud or abuse. Please note that certain products and services might not be available to you without this information, in accordance with our Terms of Service.

  • Device/Subscriber Identifiers. Your SIM card or eSIM, as well as your device, have identifying numbers that we will necessarily collect to setup service. These identifiers include:

    • an International Mobile Equipment Identity (IMEI) number, which identifies your phone or device;
    • an Integrated Circuit Card Identification (ICCID) number, which identifies your SIM card;
    • an International Mobile Subscriber Identity (IMSI) number, which identifies the holder of a SIM card; and
    • a Mobile Station International Subscriber Directory Number (MSISDN), which is your full phone number.

These identifies are provided directly to us by our network providers and third-party providers upon issuing you a phone number or processing a port-in request.

  • Analytics. We collect records of user actions on our website, such as time on page, clicks, and "conversion" rates. You can learn more about tracking we use for analytics above, in our Cookie Policy.

B. Information We Direct Service Providers to Collect, Where Applicable

  • Name. This information is collected directly from you and handed to our logistics providers for purposes of delivering products to you. This information is stored with our logistics providers, whom we direct to delete after shipping confirmation. We do not associate your name with your account in any event.

  • Payment information. This information is collected directly from you. We do not directly collect or store payment card information. Instead, our third-party payment processors, Stripe and NOWPayments, process all payments at our direction. This means we control this information to charge, credit, or refund payments to you, but we do not directly process it.

You can learn more about how our payment processors use your data here: Stripe, NOWPayments.

2. How We Use the Information We Collect

In addition to the uses described above, we more generally use your Personal Information for the following purposes:

  • Delivery of Services. We use Personal Information to achieve our legitimate business interest of delivering Services you request and to fulfill contractual obligations to you.

  • Marketing Phreeli Services. We use analytics and aggregated usage data to create relevant marketing content for prospective Phreeli customers. We will never sell this data to ad networks or other third parties.

  • Service Optimization. We use aggregated usage data to assist us in the improvement and optimization of our Services.

  • To comply with laws and regulations. We use Personal Information as we believe necessary or appropriate to comply with applicable laws and respond to lawful requests.

  • For fraud/abuse prevention and safety. We may use Personal Information as we believe necessary or appropriate to: (a) protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyber-attacks, spamming, robocalling, and identity theft.

  • For any other purpose you consent to at the time of collection. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information, with your consent, or as otherwise directed by you.

3. How and When We Share Information

We disclose Personal Information to third parties for a variety of business purposes, including to provide the Services to you, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer. We may share your Personal Information, for the purposes outlined above, with the following categories of recipients:

  • Digital service providers. We share your Personal Information with service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above (e.g., payment processing).

  • Network service providers. We share your Personal Information with network service providers and partners to provide you with the Mobile Services. Once shared, your Personal Information will also be subject to the network service provider’s privacy policy. You can view T-Mobile’s Privacy Policy here.

  • Affiliated Companies. We may share your Personal Information with our subsidiaries, affiliates, and other related companies for purposes consistent with this Privacy Policy and providing you with our Services.

  • Business reorganization. We may share your Personal Information with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of company assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Information would be transferred as an asset of Company.

  • Mandatory Disclosures and Legal Rights. We may share your Personal Information to comply with applicable laws and regulations and to respond to a subpoena, search warrant, or other legal or governmental request for information. We also share Personal Information to establish or protect our legal rights, property, or safety; the rights, property, or safety of others; or to defend against legal claims.

4. Protection of Your Personal Information

We take our responsibility to protect your information very seriously. While no data transmission is guaranteed to be 100% secure, we use reasonable and appropriate security measures and practices to protect your Personal Information from unauthorized access, use, alteration, and destruction. Our practices currently include the following:

  • We minimize the Personal Information we collect to provide Services;

  • We use middleware to “clean” or filter out data that is not absolutely necessary to provide Services; and

  • Any Personal Information we need to store is encrypted in transit and at rest.

5. Data Retention; Location of Processing

As a general policy, we immediately delete records of Personal Information after their essential purpose of storage has been fulfilled. For example, if you’ve ordered a Device from us, we will delete (or direct our service provider to delete) the name and physical address associated with delivery after we get confirmation of delivery.

Please note that a longer retention period is required by law in some cases (such as for tax and accounting purposes). Where possible, we use aggregated and anonymized records to fulfill these legal requirements.

Notwithstanding the general policy above, we may retain copies of Personal Information where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our contracts, or fulfill your request to “unsubscribe” from further messages from us.

We process and store Personal Information in the United States. Please note that the United States may have data protection laws that are different from, or less protective than, the laws where you live.

6. Other Sites, Mobile Applications, and Services

Our website may contain links to other websites and online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or online services that are not associated with us. We do not control third party websites or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your Personal Information. We encourage you to read the privacy policies of the other websites and online services you use.

7. Your Privacy Choices and Rights

At Phreeli, we put our customers first and respect your ability to exercise your privacy rights and choices. Where possible, we give you control over the Personal Information we collect about you, to ensure it is accurate and reflects your preferences. You may exercise the following rights:

  • Request Deletion. You may request that we delete any Personal Information about you that we maintain.

  • Request Correction. You may request that we correct any inaccurate Personal Information that we maintain.

  • Know What Personal Information is Being Collected. You may request that we inform you of the (i) categories of Personal Information we have collected about you; (ii) categories of sources from which any Personal Information is collected; (iii) business or commercial purpose for collecting, selling, or sharing any Personal Information we have collected about you; and (iv) categories of third parties to whom we have disclosed any Personal Information. The categories of Personal Information collected over the past 12 months and the categories of sources from which we collect Personal Information are outlined in the Section above entitled "Personal Information We Collect and How We Collect It.” The business/commercial purpose for the collected information is outlined in the Section above entitled “How We Use Information We Collect.” The categories of third parties to whom we have disclosed any Personal Information is outlined in the Section above entitled “How and When We Share Information.”

  • Access the Personal Information We Collect. You may request a copy of the Personal Information that we have collected and maintained in the period that is 12 months prior to the request date.

  • Know What Personal Information is Being Sold. You may request the (i) categories of Personal Information that we have sold or shared to a third party and the category of the third party to whom we sold or shared your Personal Information; and (ii) categories of Personal Information we have disclosed to a third party for a business purpose and the category of the third party to whom we disclosed your Personal Information. The categories of third parties to whom we have disclosed any Personal Information is outlined in the Section above entitled “How and When We Share Information.” We do not sell your Personal Information to third parties and have not sold Personal Information in the preceding 12 months.

  • Opt Out of Profiling and Targeted Advertising. You may opt out of the processing of your Personal Information obtained from your activities on non-affiliated websites or online applications for the purposes of targeted advertising.

  • Opt Out of Sale and Sharing. To the extent we sell or share Personal Information, you may direct us to opt out of that sale or sharing. We do not sell your Personal Information to third parties and have not sold Personal Information in the preceding 12 months.

  • Restrict Processing of Personal Information. You may request that we restrict the Processing of your personal data, under certain conditions with exceptions provided for by applicable Data Privacy Laws.

  • Object to Processing of Personal Information. You may object to our processing of your personal data, under certain conditions with exceptions provided for by applicable data privacy laws.

  • Opt-Out of Sharing Personal Information with Third Parties for Marketing Purposes. You may opt-out of a company’s disclosure of Personal Information to third parties for its direct marketing purposes, to the extent we disclose your Personal Information to third parties for such purposes. It is important to note that this opt-out does not prohibit disclosures made for non-marketing purposes.

  • Request Data Portability. You may request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions with exceptions provided for by the applicable data privacy laws.

  • Limit Use and Disclosure of Sensitive Personal Information. You have the right to request that we limit the use of your Personal Information to only uses that are necessary to perform the services or provide the goods.

8. Exercising Your Rights

You may exercise the above rights by submitting a verifiable consumer request to us by email at legal@phreeli.com or at the mailing address below. Under applicable data privacy laws, you may also designate an authorized agent to make these requests on your behalf. If you use an authorized agent to submit a request, we may need to collect additional information, such as a government issued ID, to verify your identity before processing a request to protect your information.

We cannot respond to your request if we are unable to verify your identity or authority. Your verifiable request must include the reference “Request for Privacy Information” in the subject line and the body of the message must:

  • provide sufficient information that allows us to reasonably verify that you are the person whose Personal Information we have collected;

  • describe your request with sufficient detail; and

  • include an e-mail address or mailing address, as applicable, for us to send our response.

We strive to respond to verifiable consumer requests within 30 days; however, if we require an extension (up to an additional 60 days) we will inform you of this extension and the reason in writing. Data disclosure request will only include data collected within the 12-month period preceding the receipt of the verified request. We do not charge a fee to process requests to exercise your rights unless the requests are found to be excessive, repetitive, or unfounded.

Although we make good faith efforts to provide individuals with access to their Personal Information, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others' privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question or where it is commercially proprietary. If we determine that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries.

If you have any questions or comments about the processing of your Personal Information, you may contact us at: legal@phreeli.com.

9. Data Collected From Minors

We do not knowingly solicit data from or market to children under 18 years of age. If we learn that Personal Information from users younger than 18 years of age has been collected, we will deactivate the account or cancel the subscription and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at: legal@phreeli.com.

10. Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at legal@phreeli.com or by mail using the details provided below:

Phreeli Company 16192 Coastal Highway Lewes, DE 19958