Privacy Policy | eSIMradar

Introduction

At eSIMradar, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

Data Controller

The data controller responsible for processing your personal data is:

Now On Company Limited

112/246 Moo 8, Bangkaew, Bangplee, 10540 Samut Prakarn, Thailand

For data protection inquiries, contact us at contact@esimradar.com

Information We Collect

We collect information that you provide directly to us, including:

Account information (name, email address)
Usage data (pages visited, features used)
Device information (browser type, IP address)
Cookies and tracking technologies

Account Data We Collect

When you create an account with us, we collect and store the following types of data:

Profile Information: Your display name, avatar image, and account preferences.
Favorites: eSIM plans you have saved to your favorites list.
Price Alerts: Your price alert preferences and notification settings for price drops on eSIM plans.
Trip Planning: Information about trips you create, including travel dates and destination countries.
Saved Comparisons: Plan comparisons you have saved for future reference.
Plan Notes: Private notes you add to eSIM plans for your personal reference.
Reviews and Votes: Reviews you submit and helpfulness votes you cast on other users' reviews.
Session Information: Device information (browser type, operating system, IP address), session tokens, and activity tracking for security and analytical purposes.
OAuth Provider Data: Information from third-party authentication providers (Google, Apple) when you sign in using these services.

Colectarea datelor aplicațiilor mobile

Dacă folosești aplicațiile noastre mobile (iOS sau Android), putem colecta informații suplimentare:

Informații despre dispozitiv: Modelul dispozitivului tău, versiunea sistemului de operare, identificatori unici de dispozitiv și setările dispozitivului.
Date de localizare: Dacă oferi consimțământ, putem colecta datele tale de localizare (coordonate GPS sau localizare estimată) pentru a oferi funcții bazate pe localizare, cum ar fi găsirea planurilor eSIM pentru locația ta actuală. Poți dezactiva serviciile de localizare în orice moment prin setările dispozitivului.
Notificări push: Token-uri de notificare push și preferințele tale de notificare pentru a-ți trimite alarme de preț, memento-uri de călătorie și alte notificări legate de cont.
Analiză în aplicație: Date de utilizare inclusiv funcții folosite, ecrane vizualizate și interacțiuni în cadrul aplicației pentru a ne ajuta să îmbunătățim experiența utilizatorului.
Rapoarte de eroare: Jurnale de eroare și rapoarte de eroare pentru a ne ajuta să identificăm și să rezolvăm probleme tehnice. Acest lucru poate include informații despre dispozitiv, versiunea aplicației și detalii despre erori.

Permisiuni necesare: Aplicațiile noastre mobile pot solicita următoarele permisiuni: - Acces la internet (necesar pentru toate funcțiile) - Servicii de localizare (opțional, pentru funcții bazate pe localizare) - Notificări push (opțional, pentru alarme și memento-uri) Poți revoca aceste permisiuni în orice moment prin setările dispozitivului.

Baza legală pentru procesare

Procesăm datele tale personale pe baza următoarelor motive legale conform Articolului 6 GDPR și dispozițiilor similare din PDPA:

Consimțământ: Procesăm anumite date pe baza consimțământului tău explicit, cum ar fi comunicările de marketing, urmărirea analitică opțională și datele de localizare în aplicațiile mobile. Poți retrage consimțământul în orice moment prin setările contului sau contactându-ne.
Executarea contractului: Procesăm datele necesare pentru a oferi serviciile noastre și a-ți îndeplini obligațiile contractuale, inclusiv gestionarea contului, oferirea accesului la favoritele salvate, alarmele de preț, planificarea călătoriilor și alte funcții de cont pe care le-ai solicitat.
Interese legitime: Procesăm anumite date pe baza intereselor noastre legitime, cum ar fi îmbunătățirea serviciilor noastre, analizarea modelelor de utilizare, prevenirea fraudelor, asigurarea securității și oferirea de recomandări personalizate. Echilibrăm aceste interese cu drepturile tale de confidențialitate și procesăm date doar când este necesar pentru aceste scopuri.
Obligație legală: Putem procesa și păstra anumite date pentru a respecta obligațiile legale, cum ar fi cerințele fiscale, conformitatea reglementărilor sau răspunderea la solicitări legale de la autorități.

How We Use Your Information

We use the information we collect to provide, maintain, and improve our services, process transactions, send communications, and comply with legal obligations.

Account-Specific Usage: We use your account data to provide personalized features, such as saved favorites, price alerts, trip planning, saved comparisons, and plan notes. This data enables you to access your saved information on all devices when you sign in.
Personalization: We use your usage data, preferences, and interaction history to personalize your experience, recommend relevant eSIM plans, and improve our service offerings.
Notifications: We use your notification preferences and contact information to send you price alerts, trip reminders, account updates, and other communications you have requested or that are necessary for account management.
Analytics and Improvement: We analyze aggregated usage data and analytical information to understand user behavior, identify trends, resolve technical issues, and continuously improve our website and mobile applications.

Analytics and Tracking Technologies

We use various analytics and tracking technologies to understand how users interact with our website and services:

PostHog: We use PostHog for product analytics, including automatic capture of user interactions, pageview tracking, and pageleave events. PostHog stores data using both cookies and localStorage for user identification and session tracking.
Google Analytics 4: We use Google Analytics 4 to track pageviews, user events, and conversions. Google Analytics anonymizes IP addresses and provides aggregated usage statistics to help us improve our services.
Engagement Tracking: We track user engagement with eSIM plans, provider pages, and region pages to understand user preferences and improve our recommendations.
Third-Party Analytics Services: We may use additional third-party analytics services in our mobile applications, such as Firebase Analytics, Firebase Crashlytics, or Sentry, to track app usage, identify crashes, and monitor performance.

Opt Out: You can opt out of certain analytical tracking: - PostHog: You can disable PostHog tracking by adjusting your browser settings or using browser extensions that block tracking scripts. - Google Analytics: You can install the Google Analytics Opt-out Browser Add-on or adjust your browser settings. - Mobile Apps: You can disable analytics in mobile apps through your device's privacy settings or by uninstalling the app.

Information Sharing

We do not sell your personal information. We may share your information with service providers who assist us in operating our website and conducting our business, subject to strict confidentiality obligations.

Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our website and store certain information. You can control cookies through your browser settings.

For more detailed information about how we use cookies and tracking technologies, please see our Cookie Policy.

Your Rights

Under applicable data protection laws, including the General Data Protection Regulation (GDPR) and Thailand's Personal Data Protection Act (PDPA), you have the following rights regarding your personal data:

Right of Access: You have the right to request access to the personal data we hold about you, including account data, usage data, and any other information we have collected.
Data Export: You can export your account data at any time through your account settings. This includes your profile information, favorites, price alerts, trips, comparisons, notes, and reviews. The exported data will be provided in a machine-readable format (JSON).
Right of Deletion: You have the right to request deletion of your personal data. You can delete your account and all associated data at any time through your account settings. Upon account deletion, we will remove your personal data from our systems, subject to any legal obligations to retain certain information.
Right of Rectification: You have the right to correct inaccurate or incomplete personal data. You can update your profile information, preferences, and other account data through your account settings at any time.
Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit those data to another service provider when technically feasible.
Right of Objection: You have the right to object to processing of your personal data based on legitimate interests. You can opt out of certain data processing activities through your account settings or by contacting us.
Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing before the withdrawal.

Exercise Your Rights: You can exercise many of these rights directly through your account settings. Visit your account settings to:

Export your account data
Delete your account
Update your profile information
Manage your notification preferences

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

Account Data: We retain your account data (profile, favorites, alerts, trips, comparisons, notes, reviews) as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are obligated to retain certain information for legal, regulatory, or legitimate business purposes.
Analytics Data: Analytics and usage data are typically retained in aggregated and anonymized form for up to 26 months to help us understand long-term trends and improve our services.
Deletion Timelines: When you request deletion of your data or delete your account, we will process the deletion request within 30 days. Some data may be retained in backup systems for up to 90 days before permanent deletion. We may also retain certain information if required by law or for legitimate business purposes such as fraud prevention or dispute resolution.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

Encryption: We use industry-standard encryption technologies (TLS/SSL) to protect data in transit. Sensitive data stored in our databases is encrypted at rest using secure encryption methods.
Access Controls: We implement strict access controls and authentication mechanisms. Only authorized personnel with a legitimate business need have access to personal data, and all access is logged and monitored.
Data Breach Procedures: In the unlikely event of a data breach that may affect your personal data, we will notify you and relevant authorities as required by applicable law. We have incident response procedures to quickly identify, contain, and remediate security incidents.

International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country:

Safeguards: When we transfer personal data internationally, we implement appropriate safeguards to ensure that your data is protected. This includes the use of standard contractual clauses approved by relevant data protection authorities, ensuring that service providers are bound by similar data protection obligations, and only transferring data to countries with adequate data protection laws or appropriate safeguards in place.

Children's Privacy

Our services are not intended for children under 13 years of age (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children under 13 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we learn that we have collected personal information from a child under 13 years of age without parental consent, we will take steps to delete that information promptly. In compliance with the Children's Online Privacy Protection Act (COPPA) and similar regulations, we require that users be at least 13 years old to create an account.

Thailand Personal Data Protection Act (PDPA)

As our company is based in Thailand, we are subject to Thailand's Personal Data Protection Act (PDPA), which provides similar protection as GDPR. Under PDPA, you have the right to access, correction, deletion, restriction of processing, and objection to processing of your personal data. You also have the right to data portability and to withdraw consent. If you are located in Thailand or are a Thai citizen, these rights apply to your personal data processed by us.

PDPA Rights: Your rights under PDPA include: - Right to access your personal data - Right to correction of inaccurate data - Right to deletion of your personal data - Right to restriction of processing - Right to data portability - Right to objection to processing - Right to withdraw consent To exercise these rights, contact us using the information provided in the "Contact Us" section.

Contact Us

If you have questions about this Privacy Policy, contact us at: Now On Company Limited 112/246 Moo 8, Bangkaew, Bangplee 10540 Samut Prakarn, Thailand Email: contact@esimradar.com You can also use our website contact form to reach us.