Privacy Policy

Effective date: April 11, 2026  ·  Contact: privacy@mutuals.app

What we collect

Mutuals collects the minimum data required for the app to function:

• Your phone number. After you verify your phone number with a one-time code, we store your E.164-normalised phone number so you can be matched with other users.
• Contact phone numbers. When you sync your address book, we store the E.164-normalised phone numbers from your contacts. We never store contact names, profile photos, email addresses, or any other contact fields — only phone numbers.
• Connection records. When you initiate or accept a connection through iMessage, we store a record linking two user accounts, including the approximate city you optionally share at the time of connection. This powers the mutual-contact feature.
• Optional location (city only). If you grant location access, we store the city, region, and country corresponding to your location at the time of a connection. Precise coordinates are not stored. Location access can be denied at any time in Settings.

What we do NOT collect

• Contact names, email addresses, or any other contact fields
• Message content
• Precise GPS coordinates
• Advertising identifiers

How your data is used

Contact phone numbers are used exclusively to compute the intersection between two users' address books when both have accepted a connection. The result (the intersection only — never either user's full list) is returned to each device, which resolves phone numbers to names using the device's own local Contacts store. The server never returns names.

How mutual contacts are revealed

Our servers compute the overlap between two contact phone number lists and return only the matching numbers. Your device looks up those numbers against your own address book to produce display names. The other person's full contact list is never visible to you, and vice versa.

Why you must sync your full address book

Mutual-contact matching only works correctly when both parties have synced their complete address books. Selective sync breaks the product for other users: if you exclude a contact, neither of you will see that person as a mutual — even if the other person has them. The app does not provide a selection interface for this reason.

Data retention and deletion

You can delete your account at any time from within the app. Deletion permanently removes your profile, all contact phone numbers, and all connection records. Contact numbers are re-synced when you open the app; a fresh sync replaces the previous set.

Third-party services

• Supabase — database and authentication infrastructure. Hosted on AWS. Supabase's privacy policy is at supabase.com/privacy.
• Apple Sign In — authentication. Apple's privacy policy applies to the sign-in flow.

Children

Mutuals is not directed at children under 13. We do not knowingly collect data from children under 13.

Changes to this policy

We may update this policy. Material changes will be notified in the app. Continued use after notice constitutes acceptance.

Contact

Questions? Email privacy@mutuals.app.