Privacy Policy

Last updated: 5 May 2026

This policy describes what personal data VamosData collects, the purposes for which we process it and the rights you have over it. For any query you can write to soporte@vamosdata.com.

1. Data controller

The data controller for your personal data is VamosData, reachable at soporte@vamosdata.com.

2. Data we collect

We collect the following data depending on how you interact with our platform:

  • Account and contact data: email address, language and preferred currency; name when you provide it (for example, when you sign in with Google).
  • Order data: plan purchased, destination country, order date and time, amount paid, currency, payment-related identifiers.
  • Payment data: processed directly by Stripe; we receive a transaction identifier and, where applicable, the last four digits of the card, but never the full card number or CVV.
  • Email delivery logs: delivery status of transactional email (sent, delivered, bounced). Recipient addresses are stored as SHA-256 hashes so we do not retain the email in plain text.
  • Minimum technical site data: logs needed to maintain security and diagnose errors.

3. Purposes of processing

We process your data to:

  • Process orders, issue eSIMs and deliver them by email.
  • Manage activation with the local operator.
  • Respond to enquiries and provide support.
  • Comply with legal obligations (tax, accounting, consumer protection).
  • Improve the platform through aggregated analytics and internal metrics.

4. Legal bases

The bases that legitimise the processing are:

  • Performance of the contract (purchase and delivery of the eSIM).
  • Compliance with legal obligations (tax, accounting).
  • Legitimate interest in service security and fraud prevention.
  • Consent, where we expressly request it (for example, promotional communications).

5. Recipients of the data

We share data only with providers strictly necessary to deliver the service:

  • Stripe — payment processor.
  • Resend — transactional email provider used to send your QR and order notifications.
  • Supabase — database and authentication provider hosting your account and order information.
  • Google — only when you choose to sign in with your Google account.
  • eSIM operators — providers that physically issue the eSIM profile in each country (for example, eSIMAccess or eSIM Go).

6. International transfers

Some providers have headquarters or servers outside the European Economic Area. These transfers are carried out with the safeguards required by applicable law, such as standard contractual clauses or adequacy decisions.

7. Retention periods

  • Account data: while the account is active.
  • Order data: for the period required to comply with tax, commercial and consumer protection legislation (up to 6 years in many jurisdictions).
  • Email delivery logs: 12 months, unless longer retention is required for security investigations.

8. Your rights

You can exercise the following rights at any time:

  • Access to your data.
  • Rectification of inaccurate data.
  • Erasure when the data is no longer needed.
  • Restriction or objection to the processing.
  • Portability.
  • Withdrawal of consent, where applicable.

9. How to exercise your rights

To exercise these rights, write to soporte@vamosdata.com. We will respond within at most 30 calendar days. If you believe your rights have not been properly handled, you may lodge a complaint with the competent supervisory authority.

10. Cookies

We use only the cookies strictly necessary for the website to operate (session, language and currency). We do not use advertising or third-party tracking cookies without consent.

11. Contact

For any privacy enquiry or to exercise your rights: soporte@vamosdata.com.

Używamy plików cookie do analizy, aby zrozumieć, jak korzystasz z witryny, i ją ulepszać. Możesz je zaakceptować lub odrzucić.