Get the App
GET 1GB FREE WITH KUDO eSIM
Download on the App Store
Kudo eSIM

Privacy & Cookie Policy

How we collect, use, store and share your data when you use the Kudo eSIM website, app and eSIM services.

Updated on 25 June 2026

Welcome to Kudo eSIM. This policy explains what data we collect, why we collect it, who we share it with, how long we keep it, and how to manage or delete it, when you use kudoesim.com, our app and our eSIM services. The sole data controller is KUDOSIM L.L.C., 651 N Broad St, Suite 201, New Castle, DE 19709, USA. We comply with the GDPR and applicable privacy regulations.

1) Who we are

  • Data controller: KUDOSIM L.L.C., 651 N Broad St, Suite 201, New Castle, DE 19709, USA.
  • Privacy email: support@kudoesim.com
  • Support: live chat and WhatsApp (text only): +1 740 990 2220

2) Data we collect

  • Identification: first name, last name, email address.
  • Phone number (optional, for support and WhatsApp).
  • Purchase history: eSIM packages, dates, countries/regions, amounts, EID/ICCID, QR code and usage status.
  • Technical data: app version, device model, operating system, and the registration and last-login IP address (stored encrypted).
  • In the app: device identifier and push notification token (APNs/FCM).
  • Sign-in identifiers when you log in with Apple or Google (stored encrypted).
  • Payments are processed by our payment provider; we do not store full card data.

3) What we do NOT collect

We do not collect GPS location, contacts, microphone, health data, or any advertising identifier (e.g. IDFA). We do not track you beyond our service and we do not sell your data.

4) Why we process it

  • To create and manage your account and provide the eSIM service (contract performance, GDPR Art. 6(1)(b)).
  • To process payments and activate eSIMs.
  • To send you confirmations, activation QR codes and package-status notices.
  • To send promotional notifications only with your consent (you can turn them off at any time).
  • To prevent fraud and abuse (legitimate interest).
  • To meet legal obligations (accounting, tax).
  • For analytics, only with your consent.

5) Third-party processors

We share only the minimum data needed with the following partners, each contractually bound to maintain the same level of protection:

  • Our eSIM provider — receives only the technical identifiers needed to activate and manage your eSIM; it does not receive your name, email or payment details.
  • Payment processor (Stripe, with Apple Pay and Google Pay) — processes card payments; no card data is stored on our servers.
  • Analytics (Google Analytics) — loaded only after you grant consent for analytics cookies, with anonymized IP; without consent, no data is sent.
  • Push notification services (Apple and Google) — only to deliver in-app notifications.
  • Email provider — for transactional emails (order confirmations, your eSIM, etc.).
  • Database and cloud hosting — for secure storage and execution.
  • CDN and security — processes request IP addresses to protect the service.

We do not sell your data and we do not share it for third-party marketing purposes.

6) International data transfers

Data is hosted on cloud infrastructure in the European Union (EU/EEA). As a US-registered company, some data may be transferred outside the EEA; where required by the GDPR, we use Standard Contractual Clauses (SCCs) or other valid mechanisms. Sensitive data is stored encrypted.

7) How long we keep it

  • Your account: until you delete it.
  • Invoices and orders (anonymized): as required by tax law (up to 10 years).
  • Backups: a short rolling period.
  • Technical and security logs: usually 90–365 days.
  • Consent-based marketing: until you withdraw consent or the purpose expires.

8) Your rights

  • Access to your data and a copy of it.
  • Correction of inaccurate data.
  • Erasure (the right to be forgotten).
  • Restriction of or objection to processing.
  • Data portability.
  • Withdrawal of consent at any time where processing is based on consent.

After deletion, personal data is erased immediately; billing data is kept anonymized as required by law. To exercise your rights, write to support@kudoesim.com — we respond within the legal time limits (up to 30 days).

9) Cookies and similar technologies

  • Essential cookies (always on): keep the site working, store your language and secure payments.
  • Analytics cookies (only with consent): help us understand usage to improve the service (Google Analytics, anonymized IP); they are not loaded before you accept.

You can give, refuse or change your consent at any time from the cookie banner, the Cookie settings link in the footer, or your browser settings.

10) Security

We use industry-standard practices: encryption in transit and at rest, role-based access controls, backups and periodic security reviews.

11) Children

The service is not directed to anyone under 16 (or the minimum age under local law). If we learn that we have collected data from a child under that age, we will delete it immediately.

12) Complaints

If you believe your rights have been violated, you may complain to your national data protection authority. However, please contact us first so we can resolve it together.

13) Changes to this policy

Any material change will be published here and, for active users, notified by email at least 30 days before it takes effect.

14) How to contact us

  • Email (privacy): support@kudoesim.com
  • Support: live chat and WhatsApp (text only): +1 740 990 2220
  • Legal address: KUDOSIM L.L.C., 651 N Broad St, Suite 201, New Castle, DE 19709, USA.