Last updated: 24.10.2025

Provider: DALASON GmbH, Lindenstr. 82, 50674 Cologne, Germany
Email: support@simtaly.com
WhatsApp Live Chat: ‪+16505474744

1. Introduction

This Privacy Policy explains how DALASON GmbH (“Simtaly”, “we”, “our”, or “us”) collects, uses, and protects your personal data when you visit simtaly.com (“Website”) or use our eSIM services (“Services”).

We comply with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable privacy laws.

By using our Website or Services, you consent to this Privacy Policy.

2. Data Controller

DALASON GmbH
Lindenstr. 82, 50674 Cologne, Germany
Email: support@simtaly.com
Managing Directors: Andreas Damek, Chung-U Son

3. What Data We Collect

a) Information You Provide

We collect personal data that you voluntarily provide during checkout or communication:

• Name (if provided)
• Email address (for eSIM delivery)
• Mobile phone number (for SMS verification or delivery)
• Country of residence (for VAT calculation)
• Payment details (processed securely via Stripe)
• Messages and correspondence (via Zendesk, WhatsApp Business, or email)

b) Automatically Collected Data

When you visit our Website, we may collect automatically:

• IP address and approximate location
• Browser type, operating system, and device information
• Date, time, and duration of your visit
• Referrer URL
• Pages visited and actions taken

This information helps us improve performance, detect fraud, and optimize user experience.

c) eSIM Activation Data

To deliver and manage eSIMs, we may process:

• Device identifiers (IMEI, EID, ICCID where required)
• Connection timestamps
• Country or network of activation

These details are necessary for eSIM provisioning and troubleshooting.

4. Legal Basis for Processing

We process your data under the following GDPR bases:

• Art. 6(1)(b) – performance of a contract (purchase and delivery of eSIMs)
• Art. 6(1)(c) – compliance with legal obligations (VAT, invoicing, retention)
• Art. 6(1)(f) – legitimate interests (analytics, fraud prevention, service improvement)
• Art. 6(1)(a) – consent (marketing cookies, newsletter, retargeting)

You may withdraw consent at any time via cookie settings or by contacting us.

5. Use of Third-Party Services

a) Payment Processing – Stripe
Payments are handled by Stripe Payments Europe Ltd., with data transmitted directly to Stripe for processing.
Privacy Policy: https://stripe.com/privacy

b) Customer Support – Zendesk
We use Zendesk, Inc. to manage customer inquiries via email and messenger.
Zendesk may store communication data in the EU or US under appropriate safeguards.
Privacy Policy: https://www.zendesk.com/company/privacy/

c) Messaging – WhatsApp Business
Support messages via WhatsApp Business are processed by WhatsApp Ireland Limited (Meta Platforms).
Your messages may be transmitted to servers outside the EU.
Privacy Policy: https://www.whatsapp.com/legal/privacy-policy-eea

d) Analytics – Google Analytics
We use Google Analytics 4 to analyze visitor interactions.
Data such as IP address (shortened/anonymized), session behavior, and device info may be processed.
Google Ireland Ltd. acts as our processor under GDPR.
Privacy Policy: https://policies.google.com/privacy

e) Advertising – Facebook/Meta Pixel
We use Meta (Facebook) Pixel for advertising and retargeting.
This tool tracks user behavior to deliver relevant ads on Meta platforms.
Processing is based on your consent (Art. 6(1)(a) GDPR).
Privacy Policy: https://www.facebook.com/privacy/policy

f) SMS and eSIM Provisioning Partners
We cooperate with third-party telecommunications providers for:

• eSIM generation and QR code delivery
• SMS verification and notifications

These partners act as data processors under Art. 28 GDPR and process only what is necessary to fulfill your order.

6. Data Storage and Retention

Your personal data is retained only as long as necessary for the purposes stated:

• Purchase and billing data: up to 10 years (tax/legal retention)
• Support and communication logs: up to 3 years after last contact
• Analytics and marketing data: up to 26 months, unless withdrawn earlier

After expiry, data will be securely deleted or anonymized.

7. Data Sharing

We do not sell or rent your data.

We share data only with:

• Authorized employees and processors (e.g., Stripe, Zendesk, Google)
• Legal authorities when required by law
• Technical providers for eSIM provisioning or communication

All partners are bound by data processing agreements (DPAs) under GDPR.

8. International Data Transfers

Some partners (e.g., Google, Meta, Zendesk) may process data in the United States or other non-EU countries.

Transfers are based on Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent safeguards.

9. Cookies and Tracking

We use cookies and similar technologies for:

• Session management and website operation
• Analytics and performance optimization
• Advertising and remarketing (Meta, Google Ads)

You can adjust your cookie preferences at any time via our Cookie Consent Banner or your browser settings.

Refusing non-essential cookies will not affect essential service functionality.

10. Your Rights (GDPR)

You have the following rights under GDPR:

• Access to your personal data (Art. 15)
• Rectification of inaccurate data (Art. 16)
• Erasure (“Right to be Forgotten”) (Art. 17)
• Restriction of processing (Art. 18)
• Data portability (Art. 20)
• Objection to processing (Art. 21)
• Withdrawal of consent (Art. 7(3))

To exercise these rights, contact privacy@simtaly.com.
We will respond within 30 days in accordance with GDPR.

11. Data Security

We implement technical and organizational measures (TLS encryption, secure servers, limited access) to protect your data against unauthorized access, alteration, or loss.

Despite our efforts, no transmission method over the internet is entirely secure. You use our Services at your own risk.

12. Minors

Our Services are not intended for persons under 18 years of age.
We do not knowingly collect personal data from minors.

13. Changes to this Privacy Policy

We may update this Privacy Policy periodically.
Material changes will be announced on our Website and, where appropriate, via email.
Continued use of the Service after changes implies acceptance.

14. Contact and Complaints

For privacy-related questions or complaints, please contact: privacy@simtaly.com

You also have the right to lodge a complaint with the Data Protection Authority of North Rhine-Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit NRW) or your local supervisory authority.

15. English Version Prevails

This Privacy Policy is provided in English for legal clarity.
Translations are for convenience only. In case of conflict, the English version shall prevail.