Politique de confidentialité

Last updated: 2026-06-12

1. Introduction

Esima ("we", "us", "our") provides travel eSIM data plans that connect you to mobile networks in 190+ destinations worldwide. We are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you visit https://esima.com, create an account, or purchase an eSIM data plan.

By using our website or placing an order, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:

Registered company: ESIMA LTD, a company registered in England and Wales (company number 15920080)
Registered office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Brand: Esima
Email:

3. Information We Collect

We collect the following categories of personal data:

a) Information You Provide Directly

Account data: Name, email address, and password when you create an account
Order data: Billing details, the delivery email address used to send your eSIM, the destination and plan you purchased, and your order history
eSIM provisioning data: The activation/QR code (ICCID and SM-DP+ activation details) we generate to deliver your eSIM profile
Payment data: Payment method and billing information (processed by our payment provider; we never store full card numbers)
Communication data: Support requests, contact-form messages, and email correspondence

b) Information Collected Automatically

Technical data: IP address, browser type and version, operating system, device type, and (where required for compatibility checks) eSIM capability of your device
Usage data: Pages visited, time spent on pages, click patterns, and the referring URL
Cookie data: Session identifiers, language/currency preferences, and analytics data (see our Cookie Policy)

We do not collect the contents of your internet traffic, browsing history, or messages sent over the data plan. Your data session is carried by our mobile network partners, not by us.

4. How We Use Your Information

We process your personal data for the following purposes:

Order fulfilment: Processing payments, provisioning your eSIM with our network partners, and delivering your QR code and activation instructions by email
Account management: Maintaining your account, plan/usage history, and access to your installed eSIMs
Customer support: Helping you install and activate your eSIM, troubleshooting connectivity, and processing refund or replacement requests
Service communication: Sending transactional emails (order confirmations, delivery of your eSIM, low-data and expiry reminders, support replies)
Service improvement: Analysing usage patterns to improve our coverage, plans, and website experience
Legal compliance: Meeting tax, accounting, telecommunications, and fraud-prevention obligations
Security: Detecting and preventing fraudulent transactions and unauthorised access

5. Legal Basis for Processing (GDPR)

Where the General Data Protection Regulation (GDPR) applies, we process your personal data on the following legal bases:

Contract performance (Art. 6(1)(b)): Provisioning and delivering the eSIM data plan you ordered
Legitimate interests (Art. 6(1)(f)): Website analytics, fraud prevention, and service improvement
Legal obligation (Art. 6(1)(c)): Tax records, accounting, and regulatory compliance applicable to telecommunications resellers
Consent (Art. 6(1)(a)): Marketing communications and non-essential cookies (where applicable)

6. Payment Processing

All payments are processed securely by Stripe, a PCI DSS Level 1 certified payment processor. We do not store, process, or have access to your full card number, CVV, or other sensitive payment credentials. Stripe's own privacy policy governs its handling of your payment data.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our website, remember your preferences, and analyse usage. For details about the cookies we use and how to manage them, please see our Cookie Policy.

8. Data Sharing and Service Providers

We share your personal data only with trusted partners who help us operate our service:

Mobile network & eSIM partners: Connectivity providers and eSIM platform operators who provision your eSIM profile and carry your data session on local networks at your destination
Payment provider (Stripe): To process payments securely
Email service provider: To deliver your eSIM QR code and transactional emails
Analytics provider: To collect anonymised website usage statistics
Hosting & infrastructure provider: To host our website and store data securely

We do not sell, rent, or trade your personal data to any third party for marketing purposes. We may disclose your data where required by law, regulation, or valid legal process.

9. International Data Transfers

Because we serve travellers worldwide and rely on a global network of connectivity partners, some of your data is necessarily processed outside your country of residence. Where data is transferred outside the European Economic Area (EEA) or the United Kingdom, we ensure appropriate safeguards are in place, such as EU/UK Standard Contractual Clauses (SCCs) or an adequacy decision.

10. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected:

Account data: Retained while your account is active; deleted on a verified account-deletion request
Order and transaction records: Retained for up to 7 years for tax and legal compliance
eSIM provisioning records: Retained for the life of the plan plus a reasonable period to handle support and disputes
Support correspondence: Retained for up to 3 years after the last interaction
Analytics data: Aggregated and anonymised; raw data deleted after 26 months

11. Your Rights Under GDPR (EEA and UK Residents)

If you are located in the EEA or the United Kingdom, you have the following rights under the GDPR and UK GDPR:

Right of access: Request a copy of the personal data we hold about you
Right to rectification: Request correction of inaccurate or incomplete data
Right to erasure ("right to be forgotten"): Request deletion of your personal data
Right to restriction: Request that we limit how we process your data
Right to data portability: Receive your data in a structured, machine-readable format
Right to object: Object to processing based on legitimate interests
Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at . We will respond within 30 days.

12. Your Rights Under CCPA (California Residents)

If you are a California resident, you have the right to know what personal information we collect, the right to request deletion, the right to opt out of the sale of personal information (we do not sell your data), and the right not to be discriminated against for exercising these rights.

13. Children's Privacy

Our services are intended for adults and are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we learn that we have collected data from a child under 16, we will delete it promptly.

14. Data Security

We apply industry-standard safeguards to protect your personal data:

SSL/TLS encryption for all data in transit
Encrypted storage of sensitive data at rest
Strict access controls and authentication for internal systems
Regular security reviews and monitoring

No method of transmission or storage is completely secure. We encourage you to use a strong, unique password for your account and to keep your eSIM QR code private.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised "Last updated" date. If we make material changes, we will notify you by email or a prominent notice on our website.

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email:
Company: ESIMA LTD
Help & support: Contact page · Help Center