eSIMply LTD – Privacy Policy

1. Information We Collect

• Email Address – used for account creation, login, purchase confirmations, and support.
• Name – shared with our payment processor (Stripe) to process transactions and prevent fraud.
• Technical & Usage Data – anonymous data (e.g., IP address, device OS, browser type, session duration) collected via Google Analytics and automatic logging to analyse and improve our Services.
• Device Identifiers – EID and other non‑personal identifiers required to activate an eSIM and prevent misuse.

2. How We Use Your Information

• Account Management – to create, secure, and maintain your account.
• Payments & Fraud Prevention – to process transactions through Stripe and detect fraudulent activity.
• Analytics & Service Improvement – to understand usage patterns and improve performance.
• Customer Support – to respond to your enquiries or issues.
• Communication – to request feedback and inform you of updates, with your consent.

3. Legal Basis for Processing (GDPR)

• Consent – when you voluntarily provide data to create an account or subscribe to marketing.
• Contractual Necessity – to deliver the eSIM plans you purchase.
• Legitimate Interests – to prevent fraud and improve our Services.
• Legal Obligations – to comply with accounting, tax, and other regulations.

4. Data Retention

We keep your email, name, and transaction records only as long as necessary to:
(a) provide the Services, and (b) satisfy legal and accounting obligations.
If you delete your account, all personal data (including analytics identifiers) are permanently removed within 30 days, unless retention is required by law.

5. Data Security

We use industry‑standard safeguards, including:

• SSL/TLS encryption for data in transit.
• Firewalls & access controls on Google Cloud / Firebase servers.

No system is 100% secure, and we cannot guarantee absolute security, but we continuously review and enhance our defences.

6. Cross‑Border Data Transfers

Your data may be processed on servers located outside your country (including the EU and USA).
We rely on standard contractual clauses and equivalent safeguards to ensure your information remains protected.

7. Your Rights (GDPR)

You may, at any time:

• Request access to the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your personal data ("right to be forgotten"), subject to legal retention requirements.
• Receive your data in a structured, machine‑readable format ("data portability").
• Withdraw consent for processing where consent is the legal basis.

To exercise these rights, email hello@esimplyltd.com.

8. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with data, contact us so we can delete it.

9. Cookies & Tracking

We use cookies, Firebase performance tools, and Google Analytics to personalise content and analyse traffic.
By using our website you consent to cookies; you can disable cookies in your browser settings, but some features may not function.

10. Feedback & Communication

By using the Services, you agree we may contact you for feedback or service updates.
You can opt out of non‑transactional emails at any time via the unsubscribe link or by emailing us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on our website and, where appropriate, notified to you by email. Continued use of the Services after changes signifies acceptance.

12. Contact Us

eSIMply LTD
Unit 7, Initial Business Centre
Wilson Business Park
Manchester M40 8WN, United Kingdom

Email: hello@esimplyltd.com
Phone: +44 7418 605 369