Introduction
Welcome to eSIM Net. This Privacy Policy outlines how ESIM NET LLC ("ESIM NET LLC", "we", "us", or "our"), the data controller responsible for your personal information, collects, uses, discloses, and safeguards your personal data when you visit https://esimnet.org (the "Site") and utilize our global eSIM connectivity services (collectively, the "Services").
We are committed to protecting your privacy and ensuring the security of your personal data. We process personal information in compliance with applicable global data protection regulations, including the General Data Protection Regulation (GDPR) and relevant United States federal and state laws.
By accessing our Site and using our Services, you acknowledge that you have read, understood, and agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with the terms herein, please discontinue your use of our Services.
1. Information We Collect
We collect several categories of information to provide, maintain, and optimize our Services:
A. Personal & Account Information
When you register an account, purchase an eSIM plan, or contact our support, we collect:
- Contact details such as your email address (used for eSIM delivery, billing notifications, and support).
- Account credentials including usernames and security passwords.
- Customer support communication history, chat transcripts, and email inquiries sent to support@esimnet.org.
B. Order & Billing Information
To complete order transactions, we collect:
- Purchased plan specifics (countries selected, data limits, activation dates).
- Transaction metadata (date, time, billing country, transaction status).
- Payment Details: All payments are processed through secure, PCI-DSS compliant third-party payment gateways. We do not store raw credit card numbers or sensitive payment credentials on our servers. The processors handle tokenized authorization details for transaction completion and fraud prevention.
C. Device & Network Technical Information
To provision and verify eSIM network connectivity on your device, we collect:
- Device identifiers including IMEI, EID, and device model.
- Operating system type and hardware capability (for eSIM compatibility verification).
- Network usage metrics, connection logs, signal quality, and data consumption statistics.
- Approximate location metadata derived from local network operator connections (not precise GPS tracking).
2. How We Use Your Information
We process your personal information based on legitimate business interests, contractual obligations, and legal compliance. Specifically, we use it to:
Fulfill Contractual Obligations: Process payments, generate eSIM profiles, deliver QR codes, and activate mobile data plans.
Provide Customer Support: Respond to technical inquiries, process refunds, and troubleshoot connectivity issues.
Prevent Fraud & Abuse: Detect unauthorized transactions, rate-limit brute-force attacks, and identify high-risk IP addresses.
Optimize Performance: Analyze usage trends, monitor network latency, and improve Site usability.
Comply with Legal Duties: Retain financial records for tax audit compliance and satisfy administrative regulatory requirements.
3. Data Sharing & Third-Party Disclosure
We do not sell, rent, or trade your personal information to third parties. We share data only with trusted service providers necessary to deliver our Services:
Network Infrastructure Partners
We share technical device metadata (such as device IMEI, EID, and carrier country) with our global telecommunication partners to facilitate the remote provisioning of mobile network profiles and coverage.
Payment Processors
Tokenized payment metrics are shared securely with PCI-DSS compliant payment processing platforms to authorize transactions, process refunds, and perform anti-fraud scoring.
Service Operations & Hosting
We work with premium hosting infrastructure, database storage providers, transaction email service providers, and analytical platforms under strict confidentiality agreements.
Regulatory & Legal Compulsion
We may disclose information if required to do so by law, court order, or official request by national law enforcement authorities, or to protect the safety, properties, and rights of ESIM NET LLC or our users.
4. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, tax, or reporting obligations:
- Transaction records and basic billing information are kept for up to 7 years in compliance with IRS regulations and statutory tax laws.
- Account contact metadata is kept as long as your account remains active or until you request deletion.
- Connection log files and network usage statistics are automatically purged or anonymized within 90 days.
6. Data Security
We take the security of your information extremely seriously. We implement enterprise-grade technical and organizational protection protocols, including:
Transport Encryption
All Site traffic and database transactions use TLS/SSL encryption.
Row-Level Database Isolation
PostgreSQL databases protect private records via strict Row-Level Security (RLS).
Access Hardening
Administrative access is tokenized with HMAC SHA-256 and protected via session checks.
Rate Limiting
Distributed rate limiting protects client endpoints against brute force.
7. International Data Transfers
ESIM NET LLC is based in the United States, and our network hosting is deployed on global serverless edges. Your personal data may be transferred to, stored on, and processed in servers situated outside your country of residence, including the United States.
When transferring personal data outside the European Economic Area (EEA), we utilize appropriate legal frameworks, including Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure a comparable level of data protection.
8. GDPR Compliance
For residents of the European Economic Area (EEA), we process personal data under the following legal bases:
- Performance of a Contract: The processing is necessary to perform our Services (e.g., delivering your eSIM).
- Consent: You have given us clear consent to process your data for a specific purpose (e.g., marketing updates).
- Legitimate Interest: Processing is required to protect our network, prevent fraud, and run our business operations safely.
- Legal Obligations: Required by statutory European or local regulatory law.
9. Your Rights & Choices
Depending on your jurisdiction (such as under the GDPR or CCPA/CPRA), you possess specific rights regarding your personal information, including:
Access & Portability
Request a structured copy of all personal information we hold about you.
Correction
Request updates to inaccurate or incomplete personal records.
Deletion
Request the permanent deletion of your personal data, subject to tax and financial retention laws.
Restriction & Objection
Object to direct processing, automated scoring, or request restriction on processing activities.
To exercise any of these rights, please email your request directly to support@esimnet.org. We will verify your identity and respond within 30 days.
10. Policy Updates
We reserve the right to update this Privacy Policy from time to time. When material changes are made, we will post the updated policy on this page and revise the "Last updated" date at the top.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data.
11. Contact Support
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
