Privacy Policy
Last updated: March 2026
MillionPhones, operated by Grow Software LLC ("we", "us", or "our"), operates the millionphones.com website and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.
1. Information We Collect
We collect the following categories of information:
- Account information: Email address and, if you sign in via Google OAuth, your name as provided by Google.
- Search activity: LinkedIn URLs you search for or submit through the platform, API, or Chrome extension.
- Chrome extension page data: When you use the Chrome extension on LinkedIn, HubSpot, Salesforce, or other websites, the extension reads the current page to extract professional profile signals — including names, job titles, company names, email addresses, LinkedIn profile URLs, and website domains. This data is sent to our servers solely to perform phone number lookups on your behalf. It is not stored beyond what is necessary to return your result. An authentication token is also stored locally in your browser to keep you signed in between sessions.
- Technical data: IP address, browser type, device information, and usage logs (pages visited, features used, timestamps).
- Payment information: Payment details are collected and processed directly by Stripe. We do not store credit card numbers on our servers.
2. How We Use Your Information
We use the information we collect to:
- Create and manage your account, including credit balances and subscription status.
- Deliver the service, including processing lookups and returning contact data.
- Process payments and manage subscriptions.
- Monitor usage for security, fraud prevention, and enforcement of our terms.
- Analyze aggregate usage patterns to improve the platform.
- Communicate with you regarding your account, service updates, or support requests.
3. Third-Party Services
We rely on the following third-party services to operate the platform:
- Stripe: Payment processing and subscription management. Stripe's privacy policy governs the handling of your payment data.
- Google: OAuth authentication for account sign-in.
- Resend: Transactional email delivery (magic link login emails).
- EmailRep.io: Email address validation during registration to prevent fraudulent signups.
- Cloudflare: Content delivery, DDoS protection, and security services.
Each third-party service processes data according to its own privacy policy. We only share the minimum information necessary for each service to function.
4. Cookies
We use session cookies solely for authentication purposes. These cookies identify your logged-in session and are essential for the service to function. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
5. B2B Contact Data
The MillionPhones database contains business contact information, including verified mobile phone numbers for professionals. This data is sourced from publicly available and commercially available sources and is intended exclusively for business-to-business (B2B) sales and outreach purposes.
This contact data pertains to individuals acting in their professional capacity. If you are a data subject whose information appears in our database and you wish to exercise your rights (see Section 8), please contact us at [email protected].
6. Data Retention
We retain your account data for as long as your account remains active. If you request account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as maintaining records of completed transactions).
Usage logs and technical data are retained for up to 12 months for security and analytics purposes, after which they are deleted or anonymized.
7. Data Security
We implement appropriate technical and organizational measures to protect your data, including encrypted connections (TLS), hashed API keys, and access controls. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8. Your Rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete personal data.
- Delete your account and associated personal data.
- Export your data in a portable format.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days.
9. GDPR (European Users)
For users in the European Economic Area, our lawful basis for processing personal data is:
- Consent: For account creation and use of the service.
- Legitimate interest: For maintaining and providing B2B contact data, fraud prevention, and platform security.
- Contractual necessity: For processing payments and delivering the service you have subscribed to.
You may withdraw consent at any time by deleting your account. For B2B contact data, our legitimate interest is enabling businesses to connect with professionals for lawful commercial purposes.
10. CCPA (California Residents)
If you are a California resident, you have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, request deletion of your personal information, and opt out of any sale of personal information. We do not sell personal information as defined under the CCPA.
To submit a request, email [email protected].
11. Children
MillionPhones is a B2B platform and is not directed at children under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of the service after changes are posted constitutes acceptance of the revised policy.
13. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: