S1M.IO

Privacy Policy

Last updated: June 11, 2026

1. What we collect

  • Account data — email address and, if you provide it, your name.
  • Order data — plans purchased, prices paid, order timestamps, and delivery status.
  • eSIM data — ICCID, activation details, and aggregate data-usage figures reported by the network provider so we can show usage in your dashboard.
  • Payment data — handled entirely by Stripe. We never see or store full card numbers; we keep only a payment reference.
  • Technical data — standard server logs (IP address, browser type) used for security and debugging.

2. How we use it

  • To deliver eSIMs you purchase and show usage in your dashboard.
  • To send transactional emails: order confirmation, eSIM delivery, and receipts.
  • To respond to support requests.
  • To prevent fraud and abuse, and to comply with legal obligations.

We do not sell your personal data, and we do not send marketing email unless you explicitly opt in.

3. Who we share it with

  • eSIM providers — receive the minimum needed to provision your plan (the package ordered and a transaction reference).
  • Stripe — processes payments; your email is shared for receipts and fraud prevention.
  • Infrastructure providers — our hosting (Vercel), database (Supabase), and email (Resend) vendors process data on our behalf under their own data-processing agreements.
  • Authorities — only where legally required.

4. Data retention

Account and order records are kept while your account is active and for as long as required for tax and accounting purposes. You can request deletion of your account and associated personal data at any time; we will retain only what the law obliges us to keep.

5. Cookies

We use strictly necessary cookies for sign-in sessions and a single preference key (your theme choice) in local storage. We do not use third-party advertising or tracking cookies.

6. Your rights

Depending on your jurisdiction (including under GDPR and CCPA), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, email support@s1m.io. We respond within 30 days.

7. Security

Data is encrypted in transit (TLS) and at rest. Access to production systems is restricted and audited. Payment credentials never touch our servers.

8. Changes and contact

We will post any changes to this policy here. For privacy questions, contact support@s1m.io or open a ticket from your dashboard.