Soovia

Privacy & Cookie Policy

This Privacy Policy explains how Soovia collects, uses, and protects your personal information when you use our services.

Last updated: October 2025

1. Introduction

Soovia LTD ("Soovia", "we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy & Cookie Policy explains how we collect, use, store, and share your information when you use our website and eSIM services. By using our services, you consent to the practices described in this policy.

2. Information We Collect

We collect the following types of information to provide, maintain, and improve our services:

Account Information: Name, email address, phone number, and password.

Device Information: Device model, IMEI/EID number, operating system, and eSIM compatibility details.

Payment Information: Processed securely by third-party payment processors (Stripe). We do not store full credit card details.

Usage Data: Data consumption, connection logs, eSIM activation records, and service usage patterns.

Technical Data: IP address, browser type, device identifiers, cookies, and other diagnostic data.

Analytics Data: Demographic information and interests collected through Google Analytics, Google Signals, and similar technologies for signed-in users who have consented to personalized advertising.

3. How We Use Your Information

We use your personal data for the following purposes:

• To provide, activate, and manage your eSIM service and connectivity.

• To process payments and prevent fraud.

• To communicate with you regarding orders, support, and service updates.

• To improve our services, website functionality, and user experience.

• To comply with legal obligations, enforce our Terms of Use, and protect our rights.

• To analyze service usage and trends through analytics tools.

• To deliver personalized content and advertising (with your consent where required).

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on the following legal grounds:

Contract Performance: To fulfill our contract with you (e.g., providing eSIM services).

Legitimate Interests: To improve our services, prevent fraud, and ensure security.

Legal Compliance: To comply with applicable laws and regulations.

Consent: For marketing communications, cookies, and analytics (where required by law). You may withdraw consent at any time.

5. Data Security

We implement industry-standard security measures to protect your personal data, including:

• Encryption of sensitive data in transit and at rest using SSL/TLS protocols.

• Secure authentication and access controls to prevent unauthorized access.

• Regular security audits, vulnerability assessments, and monitoring.

• Compliance with GDPR, UK Data Protection Act 2018, and other applicable privacy laws.

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security and are not liable for unauthorized access due to factors beyond our reasonable control.

6. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance your experience and analyze website usage. These include:

Essential Cookies: Required for website functionality, authentication, and security. These cannot be disabled.

Analytics Cookies: Google Analytics, Google Signals, and similar tools to collect usage statistics, demographic data, and interests.

Advertising Cookies: Used to deliver personalized ads and measure ad performance through platforms like Google Ads and Facebook Pixel.

Session Cookies: Maintain your session and preferences while browsing.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

7. Data Sharing and Third Parties

We may share your data with trusted third parties only when necessary to provide our services or comply with legal obligations:

Mobile Network Operators: To activate eSIM profiles and provide connectivity services.

Payment Processors: Stripe and other secure payment gateways to process transactions.

Service Providers: Cloud hosting, customer support platforms, email delivery, and analytics tools (e.g., Google, Facebook).

Legal Authorities: When required by law, court order, or to protect our rights, prevent fraud, or ensure safety.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell your personal data to third parties for marketing purposes.

8. Your Data Rights

You have the following rights regarding your personal data (subject to applicable laws):

Access: Request a copy of the personal data we hold about you.

Rectification: Correct any inaccurate or incomplete information.

Erasure (Right to be Forgotten): Request deletion of your data, subject to legal and contractual obligations.

Data Portability: Receive your data in a structured, machine-readable format.

Object to Processing: Object to certain types of data processing, such as direct marketing.

Withdraw Consent: Withdraw consent for marketing, cookies, or analytics at any time without affecting prior lawful processing.

Lodge a Complaint: Submit a complaint to your local data protection authority if you believe your rights have been violated.

To exercise these rights, contact us at [email protected] with proof of identity.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

• For the duration of your active account and service usage.

• As required by tax, accounting, legal, and regulatory obligations (typically 7 years for financial records).

• For legitimate business purposes, including dispute resolution, fraud prevention, and service improvement.

• After account deletion, we may retain anonymized or aggregated data for analytics purposes.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including countries that may not offer the same level of data protection. We ensure appropriate safeguards are in place:

• Data is processed on secure servers located in regions where our service providers operate.

• We use Standard Contractual Clauses (SCCs) and other legal mechanisms approved by applicable data protection authorities.

• Network operators and connectivity partners may process data in the countries where eSIM services are activated.

By using our services, you consent to these international transfers.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

12. Third-Party Links

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. Material changes will be communicated via:

• A notice on our website or app.

• Email notification to registered users (where required by law).

The "Last Updated" date at the top of this policy will always reflect the most recent version. Continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: [email protected]

Website: www.soovia.com/contact

Company: Soovia LTD

Registered Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

© 2025 Soovia LTD. All rights reserved.

Have questions about this policy? We're happy to help.

Contact