SHKARKO APP-IN DHE MERR 1GB FALAS
Skip to content Skip to footer
Menu Close
Close
Login/Register

GDPR – Data Protection Notice

Last Updated: September 16, 2025

This page explains how KudoSIM LLC complies with the General Data Protection Regulation ( GDPR ) when providing services to EU/EEA residents or when data processing occurs within the EU. This notice supplements the Privacy Policy and Terms of Use .

1) Who we are & scope of application

Data Controller: KudoSIM LLC, 651 N Broad St, Suite 201, New Castle, DE 19709, USA.
Privacy email: support@kudoesim.comLive chat: kudoesim.com/chat

This notice applies when we provide services to persons in the EU/EEA or monitor their behavior.

2) Legal bases of processing

  • Contract: to provide and administer the eSIM service (purchase, activation, support).
  • Legitimate interest: prevention of abuse/fraud, service improvement, minimal analytics.
  • Legal obligation: retention of fiscal and accounting records.
  • Consent: marketing and non-essential cookies (consent can be withdrawn at any time).

3) Categories of data we collect

  • Account information: name, email, phone number, user ID.
  • Order and eSIM data: packages, coverage, EID/ICCID, QR, activation dates, usage status.
  • Payments: transaction reference (card details are processed by Stripe, Apple/Google Pay).
  • Device & diagnostics: device model, OS, IP, error logs.
  • Communications: support requests, live chat/WhatsApp/email.
  • Marketing & cookies (only with consent): cookie identifiers, interactions, campaigns.

4) Purposes of processing

  • Provision and management of eSIM service.
  • Payment and billing.
  • Customer support.
  • Limited analytics for improvement.
  • Fraud prevention and security.
  • Marketing (with consent only).

5) Processors & international transfers

We use trusted providers for payments, cloud hosting, analytics and support. When data is transferred outside the EU/EEA, we apply Standard Contractual Clauses (SCCs) or other mechanisms valid under the GDPR.

6) Data storage

  • Active account: until account closure.
  • Order/invoice: 5–10 years according to fiscal law.
  • Technical logs: 90–365 days (except for security cases).
  • Consent-based marketing: until withdrawal or purpose expiration.

7) Your rights under GDPR

  • The right to access and obtain a copy of data.
  • The right to correction of inaccurate data.
  • The right to erasure (“the right to be forgotten”).
  • The right to restriction of processing.
  • The right to data portability.
  • The right to object to processing based on legitimate interest and direct marketing.
  • Right to withdraw consent.

How to exercise: Contact us at support@kudoesim.com or via live chat . We will respond within 30 days and may request identity verification.

8) Cookie & consent management

We use strictly necessary cookies and, with consent only, cookies for analytics and marketing. You can manage your preferences in the cookie banner and browser settings.

9) Data security

We implement technical and organizational measures: encryption, access controls, auditing, backups and periodic testing. Incidents are handled according to GDPR, including notification of the authority and subjects when required.

10) Children

The Service is not directed at persons under the age of 16. We do not knowingly collect data from children.

11) Complaints

If you believe that your rights have been violated, you have the right to lodge a complaint with your national data protection authority. We encourage you to contact us first.

12) Automated decision-making

We do not carry out fully automated decision-making that produces legal effects on you. Profiling is limited to anti-fraud security measures.

13) Changes to this notice

This notice may be updated. The “Last Updated” date indicates the most recent version. You will be notified of important changes by email or on the site.

14) How to contact us