Select cookies
Basic
They always work. Without them, the site is broken.
Analytical
Needed to apply promo codes and bonuses, as well as to collect anonymous statistics. Bonuses will not work without them.
Marketing
Collect anonymous data for product development and promotion. Do not affect the operation of the site.
Functional
Needed for technical measurements on the site. For example, to optimize loading speed.
Hi! Let's deal with the cookies
To make the site work properly, click “Accept All” or “Recommended”. You can also “Customize” in your own way.
For more information about our cookies, please see Privacy Policy.
Privacy Policy
Just eSIM Limited
Room 1001, 10/F, Tower B, New Mandarin Plaza, 14 Science Museum Road, Tsimshatsui
East, Kowloon, Hong Kong
Email: [email protected]
Contacts of Data Protection Officer:
Room 1001, 10/F, Tower B, New Mandarin Plaza, 14 Science Museum Road, Tsimshatsui
East, Kowloon, Hong Kong
Email: [email protected]
Amendments to this Policy will be posted in the Product and will be
effective when posted. If we’ll make any material changes to this Policy we
will notify the data subjects by email (sent to the e-mail address specified
in the account) or by means of a notice on the website prior to the change
becoming effective. Any data subject can choose to discontinue use of our
products and services if the data subject does not accept the terms of this
Policy, or any modified version of this Policy.
We do not
knowingly collect any personal information from children under the age of
18. Our products and services are not offered to individuals under the age
of 18.
Refusal to provide the data may result in unavailability
of provision of our products and services or poor user experience.
Each data subject has the right to lodge a complaint to supervisory
authority in case of personal data breach, misuse or any violation of
applicable law related to personal data processing.
Categories of Personal Data and Purposes of Processing
Contact details of our customers for the following purposes:
- to enter
a contract with a customer;
- to perform a contract with customers;
- to comply with legal obligations on providing the data to government
bodies;
- to provide technical support as part of our contract
performance;
- to conduct marketing communications on our offerings as
our legitimate interest;
- to contact our customers for service
evaluation purposes by phone calls or other available means as our
legitimate interest.
Any marketing communication is subject to
the right to objection. The rights to objection may also apply to other
kinds of processing activities.
Technical specifications of
customer’s device for the following purposes:
- to enter a contract
with a customer;
- to perform a contract with customers;
- to
comply with legal obligations on providing the data to government bodies;
- to provide technical support as part our contract performance;
- to
conduct marketing communications on our offerings as our legitimate
interest;
- to support availability of our products and services;
- to improve customer experience.
Device identification and
location data for the following purposes:
- to perform a contract with
customers;
- to comply with legal obligations on providing the data to
government bodies;
- to provide technical support as part of our
contract performance;
- to support availability of our products and
services as part of our contract performance.
Information on
credit cards and other payment details for the following purposes:
- to
perform a contract with customers;
- to provide technical support and
fraud detection as part of our contract performance.
- to conduct
anti-fraud activities as our legitimate interest.
Cookie data
for the following purposes:
- to conduct marketing communications on
our offerings as our legitimate interest;
- to deliver targeting ads by
our advertisers on the basis of data subject’s consent;
- to collect
statistical information based on data subject’s consent;
- to support
availability of our products and services as part of our contract
performance;
- to improve customer experience as part of our legitimate
interest.
Cookie title | Category | Storage period | Data processor | Description |
Google analytics | Statistical | Lifetime | Allows to analyze behaviour of website users. | |
Google Tag Manager | Essential | Lifetime | Allows swift connection of Google Analytics and Yandex.Metrika with the website. | |
FreshChat | Essential | 24 months | Freshworks Inc | Provides website messaging functionality. |
Stripe | Essential | 24 months | Stripe | Provides payment functionality. |
Cloudpayments | Essential | 24 months | Cloudpayments | Provides payment functionality. |
Data on the customers’ communications with our products and services
for the following purposes:
- to perform a contract with customers;
- to comply with legal obligations on providing the data to government
bodies.
Profiling
We maintain profiles of our customers as it’s required to provide our customers with history of use of our products and services. The profile includes current balance and billing history. No automated decision making is conducted on the basis of profile except for the cases when our products and services may be provided in different manner on the basis of the customer’s balance. Insufficient balance may result in suspension of availability of our products and services.
Recipients of Personal Data
We may share personal information with the following recipients:
- our
employees;
- hosting providers;
- technical support providers;
- partners which act as our contractors for provision of our products and
services;
- government bodies.
We may transfer the data
outside of EU and EEA provided that the transfer is subject to model
contract clauses on international transfers of personal data.Providing
information to our data processors is subject to signing a data processing
agreement that sets out the subject-matter and duration of the processing,
the nature and purpose of the processing, the type of personal data and
categories of data subjects and the obligations and rights of the
controller.
Period of Storage
The data will be stored during the period when our products and services are provided to the customer and as long as we have a legal obligation to store the data in order to supply it to government bodies.
Sensitive Information
We do not process the following information in any manner:
- racial or
ethnic origin, political opinions, religious or philosophical beliefs, trade
union membership, genetic data and health data or data concerning a person’s
sex life or sexual orientation.
Rights of the Data Subjects
Each data subject has the following rights which may be exercised by
contacting us. All the rights below have specific exceptions in certain
cases. The requests will be processed within 30 days.
Right to
access allows any data subject to request the following information from us:
- if its data is processed;
- which data is processed;
- which
are the recipients or categories of recipients of personal data;
- data
storage period;
- existence and nature of the rights to
rectification/erasure/restriction/objection,
- existence of the right
to lodge a complaint to supervisory authorities;
- sources of data;
- existence of profiling and automated decision making including their
logic and consequences;
- existence of safeguards of international data
transfers.
Right to rectification is the right to correct
incorrect data and the right to complete the incomplete data.
Right to erasure (“to be forgotten”) means that the data subject may
request erasure of his or her data in the following cases:
- the data
is no longer needed for the purposes of processing;
- consent for
processing is withdrawn and no other grounds of processing apply where such
processing is based on consent;
- data subject objects to processing;
- processing is unlawful;
- the data is related to a child and was
processed in the context of offering a service directly to a child.
Right to restriction means that processing shall be restricted if:
- the data subject claims that the data is inaccurate and controller needs
to verify if it’s really inaccurate;
- processing is unlawful but the
data subject wants processing to be restricted rather than the data to be
erased;
- processing is no longer required for its purposes but the
data subject requires it for specific purposes;
- processing is under
objection but the controller needs to verify if objection is not overridden
by legitimate interest of the controller.
Right to notification
means that the data controller shall communicate the request of the data
subject in exercise of his or her rights to each recipient unless it proves
that it will take disproportionate effort.
Right to data
portability means that data subject may request the data controller to
provide collected data in structured and readable form.
Right to
object means that the data subject based on its personal circumstances may
override legitimate interests of the controller which constitute the basis
for processing.
The data subject has the right not to be subject
to profiling which significantly affects his or her interests.
Protection of Information
We take the following measures on protection of personal data to prevent the
data breaches, misuse and the violation of rights of data subjects:
-
Providing this Policy for review to any person or entity which is about to
process the personal data.
- Keeping our officers and contractors
responsible for proper data processing conducted by such officers and
contractors.
- Providing advice to any officer, data subject or partner
on the subject of compliance with this Policy.
- Making sure no access
to personal data is provided to unauthorized parties.
- Using only
reliable and tested software for processing or personal data.
-
Assuming technical and organizational risks of data processing before such
processing takes place.
- Ensuring that all actions in respect of the
data are exercised by protected accounts to access the data and all data
storages are available only to a limited number or persons on a password
basis.
- Ensuring that we are able to suspend data processing or
withdraw any piece of data from processing if we believe that such
processing may violate applicable law.
- In case of change in any
business process we will determine whether such change is data-related and
check if such change falls in line with this Policy.
- Providing that
each location and device where personal data may be stored is a safe
environment.
-Utilizing firewall to minimize the risk of unauthorized
access to the hosting infrastructure.
- Where necessary using
third-party vendors to perform security assessments to identify issues with
its data security that could result in security vulnerabilities.
-
Providing encryption of most sensitive personal data.
- Ensuring
ongoing confidentiality, integrity, availability and resilience of
processing systems and services.
- Providing the ability to restore the
availability and access to personal data in a timely manner in the event of
a physical or technical incident.
- Processing regular testing,
assessing and evaluating the effectiveness of technical and organizational
measures for ensuring the security of the data processing.
Effective: July 25, 2022