Privacy policy

Simbye Privacy Policy

Effective Date: 28.04.2026
Last Updated: 28.04.2026

Simbye Ltd ("Simbye", "we", "us", or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your data when you use our website simbye.com ("Website"), our "Simbye" mobile application available on iOS and Android ("App"), and all related products and services (collectively, the "Services").

Simbye Ltd is registered under the laws of the United Kingdom, with its registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

By using our Services, you agree to the collection and use of information in accordance with this Policy.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: Email address, password, name, language preference, and authentication data when you create an account or sign in via email, Apple Sign In, or Google Sign In.
  • Payment Information: Billing address, postal/ZIP code, country, and payment card details. Card details are processed exclusively by our PCI-DSS-compliant payment processors (Shopify Payments, PayPal). Simbye does not store full card numbers on its own servers.
  • Communication Data: Information you provide when contacting customer support, leaving reviews, or completing surveys.
  • Identity Verification: In rare cases of fraud prevention, we may request a copy of your government-issued ID.

1.2 Information Collected Automatically

  • Device Information: Device ID, device model, operating system (iOS/Android), app version, IP address, browser type, and unique device identifiers.
  • Usage Data: Pages visited, features used, click events, session duration, and interaction with the App.
  • eSIM Service Data: ICCID (eSIM identifier), QR code, activation status, data usage in MB/GB, validity dates, and country of activation. This data is required to provision and maintain your eSIM.
  • Virtual Number Data: Allocated phone number, expiration date, auto-renewal status, and SMS messages received on your virtual number (stored only as long as necessary for delivery to you).
  • Push Notification Tokens: If you enable push notifications, we store the device token to send transactional notifications (e.g. expiry reminders, data warnings).
  • Cookies & Similar Technologies: See our Cookie Policy.

1.3 Information from Third Parties

  • Sign-In Providers: When you sign in with Apple or Google, we receive your email address and a unique user identifier from that provider.
  • Apple Search Ads (Attribution): If you install the App through an Apple Search Ads campaign, we receive non-personal attribution data (campaign ID, keyword ID, country, click date) for marketing measurement purposes.

2. How We Use Your Information

  • To provision and deliver eSIMs, virtual numbers, top-ups, and Build-Your-Own custom data plans.
  • To process payments, manage your wallet balance, and apply 5% cashback rewards.
  • To send transactional emails (order confirmation, QR code, expiry warnings) via our email service provider.
  • To operate our Referral Program, including tracking referral codes, preventing fraud, and crediting wallet rewards.
  • To provide customer support and respond to inquiries.
  • To improve our Services through analytics on usage patterns.
  • To prevent fraud, abuse, and unauthorized access (including device-fingerprinting for free-eSIM eligibility).
  • To comply with legal obligations.

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data on the following legal bases:

  • Contract: To provide the Services you have purchased.
  • Legitimate Interest: Fraud prevention, security, and service improvement.
  • Consent: For marketing communications and non-essential cookies. You can withdraw consent at any time.
  • Legal Obligation: Tax records, anti-money-laundering, and law enforcement requests.

4. Sharing Your Information

We do not sell your personal information. We share data only with the following categories of recipients:

  • Telecommunications Network Partners: To provision eSIM profiles and virtual numbers on mobile networks worldwide. They receive only the technical data necessary to deliver the service (e.g. ICCID, country, data plan).
  • Payment Processors: Shopify Payments and PayPal, to process transactions securely.
  • Cloud Hosting & Database Providers: To store account data, order history, and serve the App and Website.
  • Email Service Providers: To deliver transactional emails (order confirmations, QR codes, support replies).
  • Analytics & Crash Reporting: Aggregated and pseudonymized data to improve the App stability and user experience.
  • Authentication Providers: Apple, Google for Sign-In services.
  • Legal Authorities: Where required by law, court order, or to protect our rights.

5. International Data Transfers

Some of our service providers operate outside the EEA/UK. Where data is transferred internationally, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other appropriate safeguards.

6. Data Retention

  • Account data: Retained as long as your account is active.
  • Order data: Retained for at least 6 years for tax and accounting purposes.
  • SMS on virtual numbers: Stored only until delivered to you in the App.
  • Marketing data: Until you withdraw consent or unsubscribe.
  • Inactive accounts: Anonymized or deleted after 24 months of inactivity, subject to legal retention obligations.

7. Your Rights (GDPR / UK GDPR)

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Lodge a complaint with your local Data Protection Authority.

To exercise these rights, email us at social@simbye.com. We will respond within 30 days.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected.
  • Right to delete personal information.
  • Right to opt-out of the sale of personal information (Simbye does not sell personal information).
  • Right to non-discrimination for exercising your CCPA rights.

9. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us data, please contact us.

10. Security

We implement industry-standard security measures including TLS encryption, password hashing, two-factor authentication for our staff, role-based access controls, regular backups, Cloudflare DDoS/WAF protection, and secure data storage. However, no method of transmission over the Internet is 100% secure.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top reflects the most recent revision. Material changes will be communicated via email or in-app notification.

12. Contact Us

If you have any questions about this Privacy Policy or your data, please contact us:

  • Email: social@simbye.com
  • Postal Address: Simbye Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom