Privacy Policy
This Privacy Policy explains how Samth eSim ("we", "us", "our") collects, uses, and protects your personal information when you use our website at samthesim.com, our mobile applications, and our eSIM services (together, the "Service").
1.Who We Are
Samth eSim provides international eSIM data plans for travelers in 190+ countries. We are the data controller for the personal data described in this policy. You can reach us at support@samthesim.com.
2.Information We Collect
Account information. When you sign in, we collect your email address, name (if provided), and authentication tokens. We use passwordless sign-in (magic links and one-time codes); we never store passwords.
Order information. When you purchase a plan, we collect the plan selected, the order amount, transaction identifiers from our payment processor, and the IP address used at checkout. Card numbers are processed directly by our payment processor — we never see or store them.
eSIM usage data. Our network vendors report aggregate usage (megabytes consumed, country of connection, days remaining). We never see the contents of your calls, messages, or browsing.
Device identifiers. Provisioning an eSIM requires identifiers such as EID or IMEI; we store them only to attach the eSIM to your account and route support requests.
Technical data. IP address, browser type, device type, language, timestamps, referring page, and cookies — collected when you visit our site or use our apps.
Support communications. Messages you send to our chat or to support@samthesim.com are stored to help us answer follow-up questions.
3.How We Use Your Information
- Provide, activate, and support your eSIM service
- Process payments and issue refunds
- Send transactional email (order receipts, magic-link sign-in, eSIM activation, expiry reminders)
- Detect fraud and prevent abuse of promotional offers
- Comply with legal and tax obligations
- Improve our service and analyze usage trends in aggregate
4.Legal Bases
We process your data on the following legal bases under applicable data-protection law: performance of a contract (to deliver the eSIM you purchased), legitimate interest (for fraud prevention, service security, product improvement), legal obligation (tax and accounting records), and consent (where required, such as optional marketing).
5.Sharing With Third Parties
We share the minimum data necessary with these categories of processors:
- Payment processor — Payriff MMC (Azerbaijan) processes card transactions and refunds.
- eSIM network vendors — Airalo, Bondio (Onomondo / Wedo Pte Ltd), and eSIM Go provision and operate your eSIM on local networks.
- Email delivery — Yandex Mail delivers transactional email.
- Cloud infrastructure — Amazon Web Services (eu-central-1, Frankfurt) hosts our service.
- Customer support — Intercom hosts the in-app chat.
- Authorities — when required by law, court order, or to protect our rights, users, or the public.
We do not sell your personal information to advertisers, data brokers, or any other third party.
6.Data Retention
- Account data: kept while your account is active; deleted within 90 days of account closure.
- Order records: kept for 7 years to comply with tax and accounting law.
- eSIM usage and provisioning data: kept for 12 months for support and dispute resolution.
- Technical and access logs: kept for 90 days.
- Support conversations: kept for 24 months.
7.Your Rights
Subject to applicable law, you have the right to:
- Access the personal data we hold about you
- Have inaccurate data corrected
- Request deletion ("right to be forgotten")
- Object to or restrict processing
- Receive your data in a portable format
- Withdraw consent at any time for any processing based on consent
- Lodge a complaint with a supervisory authority in your country
To exercise any of these rights, email support@samthesim.com. We respond within 30 days.
8.International Transfers
Our infrastructure is hosted in the European Union (Frankfurt, Germany). Some vendors are based in other jurisdictions; where required, transfers are governed by Standard Contractual Clauses or equivalent safeguards.
9.Security
We protect your data with industry-standard practices: HTTPS encryption in transit, encrypted databases at rest, restricted access for personnel who need it, multi-factor authentication for administrative tooling, and routine security reviews. No system is 100% secure; in the unlikely event of a breach affecting your data, we will notify you and the appropriate authority without undue delay.
10.Cookies
We use only essential cookies and local-storage entries needed for authentication, language preference, and session continuity. We do not use third-party advertising, tracking, or analytics cookies. You can clear these at any time in your browser settings.
11.Children
The Service is not intended for users under 16. If we learn that we have collected personal data from a minor without verifiable parental consent, we will delete it.
12.Updates to This Policy
We may update this Policy from time to time. Material changes will be posted on this page with an updated effective date and, where appropriate, announced by email at least 14 days before they take effect.
13.Contact
Email: support@samthesim.com
Postal address: Samth eSim, Baku, Republic of Azerbaijan