Privacy Policy — Sphere

Effective date: August 12, 2025

Controller: Sphere Lepoutre Limited Liability Company (“Sphere”, “we”, “us”)

Address: 3720 Chestnut Street, Apt 1113, Philadelphia, PA 19104, USA

Contact: privacy@with-sphere.com
This Privacy Policy explains how we collect, use, disclose, and protect information when you use our websites, mobile apps, and the Sphere Pod (the “Services”).
In short: We collect what we need to run Sphere, improve it with privacy-respecting analytics, never read your app content, and don’t sell your data. You control advertising/analytics cookies and can exercise your privacy rights at any time.

1) What we collect

We collect information you provide, information created as you use Sphere, and limited information from our service providers.

A. You provide

  • Account & profile: name, email, password (hashed), country/region, preferences.
  • Purchases & shipping: shipping address, phone (optional), items ordered, delivery status.
  • Payments: handled by our payment partners; we receive non-card details such as transaction status and fraud signals.

Support & feedback: messages, attachments, survey responses.

B. Created when you use Sphere

  • Focus configuration: block/allow lists, modes, schedules, and settings.
  • Session telemetry: start/stop times, duration, completion/cancel state, basic device/OS data, crash logs.
  • Pod association: a random identifier linking your account to a Pod.
  • Website/app analytics (with consent where required): page views, clicks, approximate location from IP (city/region), device/browser, and campaign parameters (e.g., UTM).
  • We do not access the contents of your messages, photos, emails, or the content inside apps you block. We do not collect precise GPS location, health data, or your contacts.

C. From service providers

  • Commerce platform (Shopify): order and fulfillment metadata, store analytics, fraud checks.
  • App stores & subscriptions: subscription status (active/canceled/renewal), region, anonymized diagnostics.
  • Email/support/analytics providers: deliver emails, manage tickets, and provide aggregate usage reports.



2) The Sphere Pod

  • The Pod is a passive NFC device that stores a random non-personal ID.
  • It has no GPS, microphone, camera, battery, or internet connection.
  • Tapping your phone to the Pod triggers on-device actions and confirms intent to start/end a session.
  • The account↔Pod link is stored in the app/backend, not on the Pod.



3) How we use information (purposes & legal bases)

  • Provide and maintain the Services: accounts, pairing with the Pod, enforcing blocks, timers, and session history. (GDPR: contract; legitimate interests).
  • Commerce & fulfillment: process orders, shipping/returns, fraud prevention, taxes. (Contract; legal obligation; legitimate interests).
  • Support & safety: respond to you, secure our systems, prevent misuse. (Legitimate interests; legal obligation).
  • Analytics & improvement: understand feature usage, fix bugs, improve outcomes. (Legitimate interests; consent for cookies/SDKs where required).
  • Marketing (website & email): send updates you can opt out of; measure campaign performance on our marketing site only. (Consent where required; legitimate interests.)



We do not use your Focus configuration or session data for advertising.

4) Cookies, SDKs, and advertising choices

On our marketing site, we use:

  • Essential cookies for things like cart and login.
  • Analytics cookies/SDKs to measure usage and improve the site.
  • (Optional) advertising/retargeting cookies to reach likely-interested audiences.

Your controls:

  • Cookie banner / settings to manage or withdraw consent at any time.
  • Global Privacy Control (GPC): treated as a state-law opt-out of “sale,” “sharing,” and targeted advertising where applicable.
  • Do Not Track (DNT): not standardized; we honor GPC as above.



5) “Sale” and “sharing” of personal information

  • We do not sell personal information for money.
  • Use of advertising cookies on our marketing site may be considered “sharing” or “targeted advertising” under certain U.S. state laws. You can opt out via Your Privacy Choices and through GPC.



6) How we disclose information

We share personal information only as needed and under contracts that limit use to our instructions:

  • Service providers/processors: hosting, cloud, analytics, diagnostics, email/SMS, customer support, payments, commerce (including Shopify), shipping/returns.
  • App stores/payment platforms: subscriptions, billing, fraud prevention, compliance.
  • Professional advisors & compliance: auditors, legal counsel, regulators, tax authorities.
  • Business transfers: as part of a merger, acquisition, or asset sale (with required notices).
  • Legal/safety: to comply with law or protect rights, safety, and security.



We do not allow third parties to use your personal information for their own marketing.

7) International transfers

We operate from the United States. When transferring personal data from the EEA/UK/Switzerland, we use Standard Contractual Clauses (and the UK Addendum) and apply appropriate safeguards. Contact privacy@with-sphere.com for details.

8) Retention

We keep data only as long as needed, then delete or de-identify it:

  • Account data: while your account is active and up to 24 months after closure (unless law requires longer).
  • Orders/tax records: generally 7 years.
  • Support tickets: 3 years after resolution.
  • Telemetry/logs: 12–24 months (aggregates may be kept longer without identifying you).
    Cookies/ads identifiers: as per your browser settings.



9) Your rights

Depending on your location, you may have rights to access, correct, delete, port, opt out of targeted advertising/“sale”/“sharing,” limit sensitive data (we do not collect it), object/restrict certain processing, withdraw consent, and appeal a refusal.
How to exercise: use in-app controls, the Your Privacy Choices link, or email privacy@with-sphere.com. We’ll verify your request and respond within legal timeframes. EEA/UK users may also contact their supervisory authority.

10) Children

Sphere is not directed to children under 13. We don’t knowingly collect their data. For California residents under 16, we don’t knowingly sell or share personal information.

11) Security

We apply administrative, technical, and physical safeguards appropriate to the data, including encryption in transit, least-privilege access, and monitoring. No system is perfectly secure—use strong, unique passwords and keep devices updated.

12) Third-party links & integrations

Our Services may link to third-party sites or integrate with third-party services (e.g., payment processors, app stores, Shopify). Their privacy policies govern their practices.

13) Automated decision-making

We do not make automated decisions with legal or similarly significant effects. Usage insights are assistive only.

14) Changes

We may update this Policy periodically. If changes are material, we’ll provide prominent notice (e.g., in-app banner or email) at least 10 days before they take effect. Continued use after the effective date means you accept the updated Policy.

15) Contact

Email: privacy@with-sphere.com


Mail: Sphere Lepoutre Limited Liability Company, 3720 Chestnut Street, Apt 1113, Philadelphia, PA 19104, USA

U.S. State Privacy Notice (CA/CO/CT/VA/UT)
Categories collected (last 12 months): identifiers (name, email, IP, device ID), commercial information (orders), internet activity (site/app interactions), geolocation (approximate city/region), inferences (preferences), and limited financial/payment status (non-card details).
 Sources: you; your devices; commerce, payments, analytics, and support providers.

Purposes & retention: see Sections 3 and 8.

Disclosure: to processors/service providers, app stores, payments/commerce, advisors, and as legally required.
Sale/Sharing: no sale. Advertising cookies on our marketing site may be “sharing”/targeted advertising; opt out via Your Privacy Choices and GPC.

Sensitive PI: not collected.

Non-discrimination: we won’t deny services, charge different prices, or provide different quality because you exercise your rights.

GDPR/EEA/UK Notice
Controller: Sphere Lepoutre Limited Liability Company (address above).

EU/UK Representative: not applicable.

DPO: not applicable.

Legal bases: contract; legitimate interests (provide, secure, improve, prevent fraud); consent (cookies/SDKs; certain marketing);
legal obligation (tax/accounting).

Transfers: to the U.S. under Standard Contractual Clauses with supplementary measures as needed.

Rights: access, rectification, erasure, restriction, portability, objection, complaint to a supervisory authority.

Sphere-specific disclosures

  • No continuous device monitoring: we do not read screen/app content. Enforcement relies on on-device controls and short event signals (e.g., NFC tap).
  • Offline behavior: the Pod cannot collect or transmit data; if your phone is offline, events may queue locally until connectivity returns.
  • Emergency unlocks (if enabled): we store a counter and timestamp to prevent abuse.

Aggregate insights: we may use de-identified or aggregated metrics (e.g., average session length) for research or product claims.