The World's Best eSIM - Roaming Professionals, Since 2009

General Data Protection Regulation (GDPR)

gsm2go privacy policy


Financial Data: we don’t collect nor keep any financial data.  When you enter your credit card information, it goes directly to Authorize.Net, a Visa company. We don’t see your credit card information, we are not exposed to it, and we don’t collect it.


Technical Data: Including (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform you use to access our website.


Roaming and cellular data: same as any European mobile network operator, and strictly within GDPR guidelines.


TO WHOM DO WE DISCLOSE YOUR DATA:

We may have to share your personal data with the parties set out below for the purposes set out:

Other gsm2go affiliated entities under common control (hereinafter “gsm2go entities”) who provide ancillary services such as call center support for the fulfillment of your orders and clarification of any of your queries.

External third parties who provide IT technical support services, data center services and call center support.

Regulators and judicial authorities who require reporting of processing activities in certain circumstances.


WHERE IS YOUR DATA TRANSFERRED TO?

Some of our service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguard is implemented so that there is no detriment to you.

gsm2go network infrastructure is in the UK.


We use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.


We will take steps to ensure your privacy rights are at least as compliant with the requirements of EU law, including requiring appropriate security measures from such third parties, set out in a contract between us, to protect your personal data.


HOW SECURE DO WE KEEP YOUR PERSONAL DATA?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those staff members or other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a strict duty of confidentiality.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority of a breach where we are legally required to do so.

Cellular data records are kept for six months, as per GDPR guidelines.