A hashed version will be stored in a database in order to anonymously identify you for your future purchases and increase your limit.
Wat?
6 seconds to calculate the hashes of all the phone numbers containing 6 digits
-> 60000s < 20h to calculate the hashes of all the phone numbers containing 10 digits
And this only on a CPU, imagine on a GPU...
why you identify by phone ?
isn't receive address unique enough for it ?
Also, you can hash not phone itself but some constant text + phone
thus leaking only db won't harm anyone