Privacy policy
Last updated: April 14, 2026
I. What Information We Collect
To provide, maintain, and improve our services, and to ensure the security of transactions and accounts, we may collect the following types of information:
1. Information You Provide
When you register for an account, purchase services, contact customer support, or use certain features, you may provide the following information:
Account and Contact Information
Includes your name, email address, billing address, and other contact details you choose to provide.
Transaction and Payment Information
Includes order numbers, purchase history, payment status, and related transaction data. If you request a tax invoice or detailed receipt, we may also collect additional information such as your company name and tax identification number, based on your request.
To ensure payment security, we do not store full credit card details. Payments are processed by third-party payment service providers.
Customer Support and Interactions
Includes communications with our customer service team, support requests, feedback, and product reviews.
Troubleshooting Information
When you request technical support, you may provide device screenshots, network configuration details, or other technical information related to the issue, such as device model, carrier name, or signal status.
2. Information Automatically Collected
When you use our website or services, we may automatically collect certain technical and usage information, including:
Device and Technical Information
Includes IP address, browser type, device model, and language settings.
Usage and Analytics Information
Includes pages viewed, click behavior, time spent on the site, feature usage, referring pages, and search history.
Cookies and Similar Technologies
We use cookies and similar technologies to operate the website, remember your preferences, analyze traffic, and improve your experience.
Where required by applicable law, we will obtain your consent before using non-essential cookies or similar technologies. You can manage or disable cookies through your browser settings, although some features may not function properly.
3. Information from Third-Party Sources
To the extent permitted by law, we may receive information about you from third parties, including:
Third-Party Login Services
If you choose to log in using Google, Shopify, or other third-party accounts, we may receive basic account information such as your name and email address, based on your authorization.
Payment and Transaction Providers
We may receive payment confirmations, transaction status updates, and fraud prevention-related information from payment service providers.
Analytics and Marketing Partners
We use analytics and advertising tools to understand how our services are used, improve user experience, and measure marketing performance. This information is generally processed in aggregated or de-identified form.
Security and Anti-Fraud Services
To maintain platform and transaction security, we may receive information related to risk assessment, suspicious login activity, fraud prevention, and detection of abusive or unauthorized behavior.
We will only collect, use, and process your personal information where we have a lawful basis to do so, including providing our services, performing contractual obligations, complying with legal obligations, protecting transaction security, obtaining your consent where required, or pursuing our legitimate business interests where permitted by applicable law.
We do not intentionally collect sensitive personal data or special categories of personal information unless required by law or voluntarily provided by you for a specific purpose.
II. How We Use Your Information
We process your personal information only for legitimate and lawful purposes in accordance with applicable privacy laws.
We rely on lawful bases to process your personal information, including the performance of a contract, compliance with legal obligations, your consent, and our legitimate interests where permitted by applicable law.
If you are located in the EU or UK, we process your personal information under the GDPR and UK GDPR lawful bases, including consent, contractual necessity, legal obligations, and legitimate interests.
The purposes for which we use your information include:
1. Fulfilling Contracts and Delivering Services
To provide the eSIM services you have purchased, we use your information to:
- Process payments and verify orders.
- Deliver eSIM activation details and issue receipts.
- Create, manage, and maintain your user account.
- Provide customer support and resolve technical issues. This includes using the technical information you provide (such as error messages, device settings, or troubleshooting screenshots) to diagnose and resolve connectivity issues.
2. Maintaining Security and Preventing Fraud
Based on our legitimate interests in protecting our platform, users, and transactions, we may use your information to:
- Detect, investigate, and prevent fraud, unauthorized access, suspicious or abusive activity, and other security incidents.
- Verify user identities and access permissions to maintain the integrity, security, and reliability of our systems and services.
3. Improving Products and User Experience
We analyze how our services are used in order to:
- Understand user preferences and feature usage trends.
- Fix software bugs, improve system stability, and optimize website performance.
- Develop, test, and improve our products, features, and overall service quality.
4. Processing Payments and Financial Compliance
We use transaction-related information to confirm payment status, complete transactions, process refunds, and comply with applicable financial, tax, accounting, and regulatory obligations.
5. Communications and Alerts
We may contact you via email, in-app notifications, or other communication channels for the following purposes:
Service and Administrative Communications
To send important notices regarding your account, security alerts, order status, technical updates, customer support responses, or changes to our Terms of Service or Privacy Policy.
Marketing and Promotional Communications
Where permitted by applicable law or where required, with your consent, we may send promotional offers, event invitations, newsletters, or product updates. You may opt out of receiving marketing communications at any time by following the unsubscribe instructions included in the communication.
6. Analytics and Marketing Activities
We may use aggregated or de-identified information to measure website traffic, evaluate marketing effectiveness, and improve our services and promotional strategies.
Where required by applicable law (including applicable cookie or ePrivacy laws), we will obtain your consent before using non-essential analytics or advertising technologies.
7. Compliance with Legal Obligations
We may process your information to comply with applicable laws, regulations, court orders, governmental requests, or other lawful processes. This includes fulfilling tax, accounting, reporting, and compliance obligations, as well as resolving disputes or enforcing our legal rights.
8. Protection of Legitimate Interests
To the extent permitted by applicable law, we may process your information where necessary to protect the legitimate interests, safety, property, or rights of our company, users, partners, or the public.
Notice to US Residents (CCPA/CPRA)
We do not sell your personal information or share it for cross-context behavioral advertising purposes as defined under applicable California privacy laws.
III. How We Share Your Information
We do not sell your personal information.
We may share your information with third-party service providers who are bound by appropriate confidentiality and data protection obligations, and only to the extent necessary to provide our services, fulfill our contractual obligations, improve your user experience, and comply with applicable legal obligations. We share information with the following parties and under the following circumstances:
1. Service Providers and Business Partners
To ensure the smooth operation of our website and to fulfill your orders, we share necessary information with the following service providers:
E-commerce Platform: We use Shopify to power our online store. Shopify processes orders, payments, and customer data on our behalf. Such processing may also be subject to Shopify’s own privacy policy.
Payment Processors: We partner with payment processors that comply with industry security standards such as PCI-DSS. We do not store your full payment card details; payment processors only receive the information necessary to verify transactions and complete payments.
2. Third-Party Service Providers
To provide you with a better shopping experience and customer support, we integrate certain third-party services and may share specific data where necessary:
Review System: After your order is completed, the system may share your email address and purchase details to send review invitations. When you submit a review, your content and the display name you choose may be displayed on this website.
Membership and Referral Programs: To calculate and distribute rewards, referral incentives, and manage membership benefits, we may share relevant information such as your order history, transaction amounts, and membership status.
Customer Support and Communication Tools: We may use third-party service providers to manage customer inquiries, technical support requests, troubleshooting data (including configuration screenshots you provide), and transactional notifications.
Some third-party service providers may process your information under their own privacy policies. We encourage you to review those policies separately.
3. Analytics and Advertising Partners
Subject to your consent where required by applicable law, or based on our legitimate interests where permitted, we may share limited technical and usage data with analytics and advertising partners to help us understand website traffic, measure marketing effectiveness, and improve our services.
For more details, please refer to “Chapter 4: Cookies and Tracking Technologies.”
4. Legal Requirements and Protection of Rights
We may disclose your information where required by applicable law, regulation, court order, or governmental request, or where we believe in good faith that such disclosure is necessary to comply with legal obligations, protect our services, ensure user safety, investigate illegal activities, or protect our rights and those of others.
5. Business Transactions
If the Company is involved in a merger, acquisition, reorganization, asset sale, bankruptcy, or other similar business transaction, your information may be transferred or disclosed as part of that transaction. In such cases, we will take reasonable steps to ensure that your information remains protected in accordance with applicable data protection laws.
IV. Cookies and Tracking Technologies
We and our authorized third-party partners use cookies, pixel tags, web beacons, and similar automated tracking technologies to provide, operate, optimize, and secure our services.
1. Categories and Purposes of Tracking Technologies
We classify the cookies used on our website into the following categories:
Strictly Necessary Cookies: These cookies are essential for the core functionality of our website, such as enabling secure checkout, managing your session, and preventing fraudulent activity. Without these cookies, core services such as the shopping cart and user login may not function properly.
Functionality and Preference Cookies: These cookies allow us to remember your choices (such as preferred language, currency settings, or region) to provide a more personalized and enhanced user experience.
Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information in an aggregated or anonymized form. We use this data to monitor traffic, identify technical issues, and improve website performance.
Marketing and Advertising Cookies: These cookies may be set by our advertising partners through our website to build a profile of your interests and display relevant advertisements on other platforms. They also help us measure the effectiveness of our marketing campaigns.
2. Your Privacy Choices and Control
You have the right to control how cookies are used during your visit. You may manage your preferences through the following methods:
Browser Settings: Most web browsers allow you to block or delete cookies. Please note that disabling strictly necessary cookies may cause certain parts of the website to function improperly.
Analytics Opt-Out: To prevent your data from being used by Google Analytics, you may install the Google Analytics Opt-out Browser Add-on.
Targeted Advertising Opt-Out: You may manage your preferences for interest-based advertising via:
Google Ads Settings: https://www.google.com/settings/ads
Facebook Ad Preferences: https://www.facebook.com/settings/?tab=ads
Digital Advertising Alliance (DAA): http://optout.aboutads.info/
3. “Do Not Track” and Global Privacy Control
Some web browsers offer a “Do Not Track” (DNT) feature. Because there is currently no universally accepted industry standard for interpreting DNT signals, our website does not respond to DNT signals.
However, in certain jurisdictions, including California, we recognize and process Global Privacy Control (GPC) signals, where technically feasible, as a valid request to opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising, in accordance with applicable laws, including the CCPA/CPRA.
V. Cross-Border Data Transfers
Because we operate globally, your personal information may be transferred to, stored in, or accessed from countries or regions outside your country of residence for the purposes of providing and operating our services, fulfilling contractual obligations, and improving user experience. Data protection laws in these jurisdictions may differ from those in your country.
1. Circumstances of Cross-Border Transfers
Your personal information may be transferred or accessed across borders in the following circumstances:
When we use e-commerce platforms and related service providers;
When we engage third-party service providers, such as payment processors, email delivery services, analytics providers, or customer support tools;
When our internal teams or authorized service providers operate in different countries or regions.
2. Safeguards
We implement appropriate technical and organizational safeguards to help ensure your personal data is protected during international transfers. This includes the use of industry-standard encryption and entering into data protection agreements with our partners to require them to provide an adequate level of data protection in accordance with applicable laws.
3. Legal Basis and Acknowledgment
Where permitted by applicable law, cross-border data transfers are carried out based on a valid legal basis, including the performance of a contract, compliance with legal obligations, our legitimate interests, or your consent.
By using our services, you acknowledge that your personal information may be transferred to jurisdictions outside your country of residence, where data protection laws may differ from those in your jurisdiction.
VI. Your Rights and Choices
We respect your control over your personal information. Depending on your location and applicable data protection laws, you may have specific rights regarding your data.
1. Your Privacy Rights
Where applicable, you may have the right to:
- Access and Information: Request access to the personal information we hold about you and understand how we process it.
- Rectification: Request the correction of inaccurate or incomplete personal information.
- Erasure (Right to be Forgotten): Request the deletion of your personal data. Please note that we may retain certain information where legally required or permitted (e.g., for tax, accounting, or dispute resolution purposes).
- Restriction or Objection: Object to or request limitations on how we process your personal information.
- Data Portability: Request a copy of your data in a structured, machine-readable format to transfer to another service provider, where technically feasible.
2. Communications and Marketing Choices
- Marketing Communications: You can opt-out of promotional emails at any time by clicking the "Unsubscribe" link at the bottom of our emails or by contacting us directly.
- Essential Service Notices: Even if you opt-out of marketing, we will still send you essential transactional and administrative messages. These include order confirmations, eSIM delivery details, payment receipts, and security alerts. You cannot opt-out of these core service communications.
3. Notice to California Residents (CCPA/CPRA)
If you are a California resident, you also have additional rights under applicable law:
We do not sell or share your personal information for cross-context behavioral advertising.
We will not discriminate against you for exercising your privacy rights.
4. How to Exercise Your Rights
To submit a privacy request, please contact us via our customer support channels.
For your security, we must verify your identity before processing your request (for example, by asking you to confirm your registered email address or recent order number). We aim to respond to all valid requests within the timeframe required by applicable law, typically within 30 days.
If you are located in the EEA, UK, or Switzerland, you also have the right to lodge a complaint with your local data protection authority.
VII. Data Retention Period
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Policy, or as legally required for tax, accounting, and dispute resolution purposes. Once the retention period expires or the data is no longer needed, we will securely delete or anonymize your information.
1. Transaction and Financial Records
To comply with global tax, accounting, and statutory auditing obligations, we retain transaction-related records (such as order details and payment history) typically for 5 to 7 years after the transaction, or longer if mandated by applicable local laws.
2. Account and Loyalty Data
We retain your account profile, loyalty points, and product reviews for as long as your account remains active. If you request account deletion, we will delete or anonymize your data shortly after processing your request, except for data we are legally obligated to keep.
3. Support and Troubleshooting Data
When you contact our support team (e.g., for eSIM setup or connectivity troubleshooting), we process your communications and provided materials (such as device screenshots) solely to resolve your issue. To adhere to data minimization principles, such troubleshooting data is generally deleted within 6 months after the issue is resolved, unless legal reasons require longer retention.
4. Marketing Preferences
If you opt-out of marketing communications, we will immediately stop using your data for promotional purposes. However, we will retain your email address on a secure suppression list (Do Not Contact list) to ensure we respect your choice and do not accidentally send you future marketing messages.
VIII. Data Security
We take the security of your personal information seriously and implement reasonable technical, organizational, and administrative measures to protect your data against unauthorized access, use, disclosure, alteration, or destruction.
1. Security Measures
Transmission Security: We use industry-standard encryption technologies (such as TLS/SSL) to help protect data transmitted over the internet.
Storage Protection: Personal information is protected through appropriate security measures, which may include encryption, access controls, and restricted access mechanisms.
Payment Security: Payment transactions are processed by third-party payment service providers that comply with applicable industry security standards (such as PCI-DSS). We do not store full payment card details.
2. Access Controls and Internal Management
Access to personal information is limited to employees, contractors, and authorized personnel who require such access for legitimate business purposes.
Relevant personnel may be subject to confidentiality obligations and receive appropriate privacy and information security training.
3. Third-Party Service Providers
We may use third-party service providers to support our services. These providers may process personal information on our behalf and are required to comply with applicable data protection obligations and contractual requirements.
However, third-party providers maintain their own independent security practices and privacy policies. We encourage you to review their policies separately where applicable.
4. Inherent Risks and Disclaimer
While we take reasonable measures to protect your personal information, no method of transmission over the internet or electronic storage system can be guaranteed to be completely secure. Accordingly, we cannot guarantee absolute security.
5. Your Role in Security
We recommend that you keep your account information and login credentials confidential and avoid sharing sensitive information over unsecured public Wi-Fi networks.
If you suspect any unauthorized use of your account or personal data, please contact us immediately.
IX. Privacy of Minors
Our services are not directed to children or minors under the age of 18, and we do not knowingly collect personal information from individuals under 18.
If the laws of your country or region require a higher minimum age for using digital services or providing valid consent, you must meet the applicable minimum age requirement in your jurisdiction to use our services.
If you are a parent or legal guardian and believe that a minor has provided personal information to us without appropriate consent, please contact us using the contact information provided at the end of this Policy. We will take reasonable steps to delete the relevant information and, where appropriate, suspend or terminate the related account.
X. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in applicable laws, regulations, services, technologies, business operations, or business practices.
If we make material changes to this Privacy Policy, we will provide notice through appropriate means, such as posting the updated version on our website or providing notifications through email or your account where appropriate.
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information.
To the extent permitted by applicable law, your continued use of our website or services after an updated version of this Privacy Policy becomes effective constitutes your acknowledgment of the updated Policy.
If you do not agree to the updated Privacy Policy, you should discontinue use of the services and may contact us to exercise your applicable privacy rights, including requesting deletion of your account or personal information.
XI. Contact Us
If you have any questions about this Privacy Policy, how we process your personal information, or if you wish to exercise your privacy rights, you may contact us using the information below.
We will review and respond to your request within a reasonable timeframe in accordance with applicable law.
Company Name: Simple eSIM PTE LTD
Email: support@simpleesim.com