Privacy Policy
Effective Date: 2025-09-30
1. Introduction
This Privacy Policy (“Policy”) explains how eSIMlii (“eSIMlii,” “we,” “our,” or “us”) collects, uses, shares, and protects your personal data when you use our website, mobile application, or purchase our eSIM services.
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), local data privacy laws in your country of residence, and international best practices.
By using our services, you acknowledge that you have read and understood this Policy.
2. Data Controller
The data controller responsible for your personal data is:
3. Types of Personal Data We Collect
We collect different categories of personal data depending on how you interact with us.
Website & App Usage Data
IP address, device identifiers, operating system, browser type, language, and geolocation.
Pages visited, interactions with our website/app, and referring websites.
Collected mainly via cookies and tracking tools.
Customer Data (when purchasing an eSIM)
Name, email address, phone number, billing address, country of residence.
Payment details (processed securely via third-party providers, we do not store full card details).
Device information (make, model, eSIM capability).
Identity documents (passport, driver’s license, or similar) only when legally required for verification (e.g., anti-fraud or telecom regulations).
4. Sources of Personal Data
We may collect your data:
Directly from you when you purchase a plan, register on our website/app, or contact support.
Indirectly from third parties, such as distribution partners, travel agencies, or telecom operators.
Automatically via cookies, analytics, and tracking technologies when you browse our website.
5. Purpose and Legal Basis for Processing
We process your personal data only where we have a valid legal basis:
Performance of Contract
To process your eSIM purchase, activate your plan, and manage your account.
To provide customer support and resolve issues.
Compliance with Legal Obligations
To comply with telecom regulations, tax obligations, and law enforcement requests.
Legitimate Interests
To improve our services, secure our systems, prevent fraud, and optimize the customer experience.
To send service-related communications.
Consent
To use optional cookies, analytics, and marketing communications (you may withdraw consent anytime).
6. Sharing of Personal Data
We may share your personal data with:
Intra-group entities within eSIMlii for internal business operations.
Telecommunication providers to deliver eSIM connectivity services.
Third-party service providers (e.g., payment processors, IT providers, cloud hosting, analytics, customer support).
Regulators, courts, and law enforcement agencies where legally required.
Advisors such as lawyers, auditors, or consultants for business purposes.
We require all third parties to safeguard your data and use it only for the intended purpose.
7. International Data Transfers
As a global travel service, we may transfer your personal data outside your country or the European Economic Area (EEA). Where we do so, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms.
8. Your Data Protection Rights
You have the following rights under GDPR and similar laws:
Access – Request a copy of the data we hold about you.
Rectification – Request correction of inaccurate or incomplete data.
Erasure – Request deletion of your personal data where applicable.
Restriction – Request that we limit processing in certain circumstances.
Portability – Request your data in a structured, machine-readable format.
Object – Object to processing based on legitimate interests or direct marketing.
Withdraw Consent – Revoke consent for marketing or optional cookies at any time.
Complaint – File a complaint with your local data protection authority.
9. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this Policy:
For the duration of your contract and up to 7 years after account closure for legal and tax obligations.
For fraud prevention and regulatory compliance as required by law.
Shorter periods for certain data (e.g., cookies, connection logs) in line with our retention schedule.
10. Children’s Data
Our services are not intended for children under 18. We do not knowingly collect personal data from minors. If we become aware of such collection, we will delete the data and terminate the account immediately.
11. Security of Your Data
We implement strict security measures, including encryption, firewalls, secure servers, access controls, and regular monitoring, to protect your personal data from unauthorized access, alteration, or loss.
12. Contact Us
If you have questions about this Policy or wish to exercise your rights, please contact:
13. Updates to this Policy
We may update this Policy from time to time to reflect changes in technology, regulations, or our services. The latest version will always be available on this page, with the effective date clearly indicated.
