Privacy Policy

1. Introduction & Scope

dizomo ("we," "us," or "our") respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, mobile application, or use any of our eSIM services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

This Privacy Policy applies to all users of the Service worldwide, including visitors, registered users, and purchasers of eSIM data plans.

2. Data Controller

dizomo is the data controller responsible for your personal data. For any questions or concerns regarding this Privacy Policy or our data practices, you may contact us at:

• Email: privacy@dizomo.com

3. Information We Collect

We collect the following categories of information in order to provide, maintain, and improve the Service:

3.1 Customer Data

• Full name
• Email address
• Payment information (processed and stored securely by Stripe; we do not store full card numbers)
• Device information (device model, operating system, eSIM compatibility status)
• Account credentials (hashed password)

3.2 Website & Usage Data

• IP address
• Browser type and version
• Operating system
• Approximate geographic location (derived from IP address)
• Pages visited, time spent, and referral URLs
• Cookies and similar tracking technologies

3.3 eSIM-Specific Data

• ICCID (Integrated Circuit Card Identifier) associated with your eSIM profile
• eSIM activation codes and QR code data
• IMSI (International Mobile Subscriber Identity) used for network provisioning
• Data plan selection and usage statistics
• Activation timestamps and profile status

4. How We Collect Information

4.1 Directly From You

We collect information you voluntarily provide when you create an account, purchase a data plan, contact customer support, or otherwise interact with the Service.

4.2 Automatically Through Service Usage

When you access or use the Service, we automatically collect certain technical information, including your IP address, device identifiers, browser type, operating system, and usage patterns. This data is collected through cookies, server logs, and similar technologies.

4.3 From Third-Party Service Providers

We receive limited information from our payment processor, Stripe, including transaction confirmations, partial card details (last four digits), and billing addresses. Stripe's collection and use of your data is governed by Stripe's Privacy Policy.

5. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To create and manage your account, process orders, and deliver eSIM profiles to you.
• eSIM Provisioning: To provision and activate eSIM profiles through our wholesale provider, including generating activation codes and QR codes.
• Payment Processing: To process transactions, issue refunds, and detect and prevent fraudulent payments through Stripe.
• Customer Support: To respond to your inquiries, troubleshoot issues, and provide assistance with eSIM activation or connectivity.
• Service Improvement: To analyze usage patterns, identify trends, and improve the functionality, reliability, and user experience of the Service.
• Communications: To send transactional emails (order confirmations, activation instructions, support responses) and, with your consent, marketing communications.
• Fraud Prevention: To detect, prevent, and address fraud, unauthorized access, and other illegal activities.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

6. eSIM-Specific Data Practices

As an eSIM reseller, dizomo provisions eSIM profiles through a wholesale provider (eSIM Access). We want you to understand exactly what data is shared with network carriers and what is not.

6.1 What Network Carriers Receive

Network carriers receive only the minimal technical data required to provide cellular connectivity. This includes the IMSI (International Mobile Subscriber Identity) associated with your eSIM profile and related network provisioning identifiers.

6.2 What Network Carriers Do NOT Receive

• Your name, email address, or other personal identifiers
• Your payment information, billing address, or transaction history
• Your browsing activity, usage patterns, or cookies
• Any information about your device beyond what is necessary for network connectivity

6.3 Data Transfer Security

All data transfers between dizomo, our wholesale provider, and network carriers are encrypted using industry-standard TLS/SSL protocols. eSIM profile data, including activation codes and QR codes, is transmitted over encrypted channels at all times.

7. Who We Share Data With

We share your personal data only with the following categories of third parties, and only to the extent necessary to provide the Service:

• Stripe (Payment Processing): We share your payment details with Stripe to process transactions securely. Stripe is PCI DSS Level 1 compliant. Refer to Stripe's Privacy Policy for details.
• eSIM Access (eSIM Provisioning): We share the technical data necessary to provision your eSIM profile (e.g., plan selection, ICCID) with our wholesale provider, eSIM Access. No unnecessary personal data is transmitted.
• Resend (Email Delivery): We share your email address and name with Resend to send you transactional emails including order confirmations, activation instructions, and support communications.

We do not sell, rent, or trade your personal information to third parties for marketing or any other purposes.

We may also disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect the rights, property, or safety of dizomo, our users, or others.

8. Data Retention

We retain your personal data for as long as your account is active, plus an additional two (2) years following account deletion or inactivity. This retention period allows us to address any disputes, provide continued support, and comply with our legal obligations.

Payment records and transaction data may be retained for longer periods as required by applicable tax, accounting, and financial regulations.

eSIM provisioning data (ICCID, activation records) is retained for the duration of the plan validity period plus twelve (12) months for troubleshooting and audit purposes.

When data is no longer required, it is securely deleted or anonymized in accordance with industry best practices.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct any inaccurate or incomplete personal data.
• Right to Erasure: You may request the deletion of your personal data, subject to legal retention requirements.
• Right to Data Portability: You may request that we provide your data in a structured, commonly used, and machine-readable format.
• Right to Restrict Processing: You may request that we restrict the processing of your personal data under certain circumstances.
• Right to Object: You may object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

To exercise any of these rights, please contact us at privacy@dizomo.com. We will respond to your request within thirty (30) days.

10. Children's Privacy

The Service is not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@dizomo.com, and we will take steps to delete such information promptly.

11. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• All data transmitted between your browser and our servers is encrypted using HTTPS (TLS 1.2 or higher).
• Payment information is processed by Stripe, which maintains PCI DSS Level 1 compliance. We never store full credit card numbers on our servers.
• Passwords are hashed using industry-standard algorithms and are never stored in plaintext.
• Access to personal data is restricted to authorized personnel on a need-to-know basis.
• eSIM activation codes and QR codes are generated and transmitted over encrypted channels.

While we strive to protect your personal data, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

12. Cookies

We use essential cookies that are strictly necessary for the operation of the Service. These cookies are used for:

• Authentication: To keep you signed in and maintain your session securely.
• Security: To prevent cross-site request forgery and other security threats.
• Preferences: To remember your language and currency preferences.

We do not use advertising cookies, tracking cookies, or third-party analytics cookies. We do not participate in cross-site tracking or behavioral advertising.

Because we only use essential cookies necessary for the Service to function, these cookies cannot be disabled without affecting your ability to use the Service.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Notify registered users by email if the changes significantly affect how we handle personal data.
• Display a prominent notice on the Service for at least thirty (30) days following the change.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy inquiries: privacy@dizomo.com
• General support: support@dizomo.com
• Legal inquiries: legal@dizomo.com

We will make every effort to respond to your inquiry within thirty (30) days.