Privacy Policy
Last updated: March 1, 2026
Effective Date: March 1, 2026
Simtegre eSIM ("we", "our", "us", "Company") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.
By using our Service, you consent to the collection and use of your information in accordance with this Privacy Policy.
1. Data Controller
2. Information We Collect
2.1 Information You Provide
| Data Type |
Purpose |
Legal Basis |
| Name, Email |
Account creation, communication |
Contract performance |
| Phone Number (optional) |
Account recovery, support |
Consent |
| Payment Information |
Transaction processing |
Contract performance |
| Country, Timezone |
Service personalization |
Legitimate interest |
2.2 Automatically Collected Information
- Device Information: Device model, operating system, unique device identifiers
- Usage Data: App interactions, features used, time spent
- eSIM Data: Activation status, data usage statistics, plan details
- Log Data: IP address, browser type, access times, error logs
- Location Data: Country-level location for service delivery (not precise GPS)
2.3 Information from Third Parties
- Payment Processors: Transaction confirmation from Stripe
- eSIM Providers: Activation and usage data from network partners
3. How We Use Your Information
- Service Delivery: To provide, maintain, and improve our eSIM services
- Order Processing: To process purchases and deliver eSIM profiles
- Communication: To send order confirmations, usage alerts, and support responses
- Customer Support: To respond to your inquiries and resolve issues
- Analytics: To analyze usage patterns and improve user experience
- Security: To detect, prevent, and address fraud and security issues
- Legal Compliance: To comply with applicable laws and regulations
- Marketing: To send promotional communications (with your consent)
4. Data Sharing and Disclosure
We may share your information with:
Service Providers
- eSIM Providers: To provision and manage eSIM profiles (essential for service delivery)
- Payment Processors: Stripe for secure payment processing
- Cloud Hosting: For secure data storage and processing
- Email Services: For transactional and promotional communications
- Analytics: For service improvement and crash reporting
We do NOT:
- ❌ Sell your personal data to third parties
- ❌ Share your data for third-party advertising
- ❌ Disclose your information except as described in this policy
We may disclose your information if required by:
- Law enforcement requests or legal processes
- Court orders or government regulations
- Protection of our rights, privacy, safety, or property
- Emergency situations involving personal safety
5. International Data Transfers
Your information may be transferred to and processed in countries outside your residence, including:
- European Union (eSIM provider servers)
- United States (payment processing, cloud services)
- Turkey (Company headquarters)
We ensure appropriate safeguards (Standard Contractual Clauses, adequacy decisions) are in place for such transfers in compliance with GDPR and KVKK requirements.
6. Data Security
We implement industry-standard security measures:
- 🔒 Encryption: TLS/SSL for data in transit, AES-256 for data at rest
- 🔐 Authentication: Secure JWT tokens, OTP verification
- 🛡️ Access Control: Role-based access, principle of least privilege
- 📊 Monitoring: 24/7 security monitoring and intrusion detection
- 🔍 Audits: Regular security assessments and penetration testing
- 💳 PCI Compliance: Payment data handled by PCI-DSS compliant processors
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. Data Retention
| Data Type |
Retention Period |
| Account Data |
Until account deletion + 30 days |
| Transaction Records |
10 years (legal/tax requirements) |
| eSIM Usage Data |
2 years after eSIM expiry |
| Support Communications |
3 years |
| Analytics/Logs |
90 days |
| Marketing Preferences |
Until consent withdrawal |
8. Your Rights
Under GDPR, KVKK, and other applicable laws, you have the following rights:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw previously given consent at any time
- Right to Lodge a Complaint: File a complaint with a supervisory authority
To exercise your rights:
- Email: privacy@simtegre.com
- In-app: Settings → Privacy → Data Request
- We will respond within 30 days (may extend to 60 days for complex requests)
9. Cookies and Tracking
Our website may use:
- Essential Cookies: Required for basic functionality (no consent needed)
- Analytics Cookies: To understand usage patterns (with consent)
- Preference Cookies: To remember your settings (with consent)
Our mobile app may collect device identifiers for analytics and push notifications. You can manage these in your device settings.
10. Children's Privacy
Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at privacy@simtegre.com.
11. Marketing Communications
- We only send marketing emails with your explicit consent
- You can unsubscribe at any time via the link in emails or app settings
- Transactional emails (order confirmations, usage alerts) are not affected by marketing preferences
12. Third-Party Links
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.
13. Changes to This Policy
We may update this Privacy Policy periodically. Changes will be:
- Posted on this page with an updated "Last updated" date
- Notified via email for material changes (at least 30 days in advance)
- Announced via in-app notification
Continued use of the Service after changes constitutes acceptance of the updated policy.
14. KVKK (Turkish Data Protection)
For users in Turkey, in compliance with Law No. 6698 on Protection of Personal Data (KVKK):
- Data Controller: Simtegre eSIM
- VERBIS Registration: [Registration Number]
- You may exercise your rights under Article 11 of KVKK
- Contact for KVKK requests: kvkk@simtegre.com
15. California Privacy Rights (CCPA)
California residents have additional rights under CCPA:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale of personal information (we do not sell data)
- Right to non-discrimination for exercising privacy rights
16. Contact Us
For privacy-related inquiries:
By using Simtegre eSIM, you acknowledge that you have read and understood this Privacy Policy.