Shkarko AMA eSIM Αποκτήστε 1 GB δωρεάν για κάθε αγορά!
DOWNLOAD
THE APP

Καροτσάκι 0 είδη

Privacy Policy

Last updated: 03 June 2026

Operator: AMA eSIM is operated by Andi Rexhepi (sole proprietor), registered in the Republic of Kosovo. Contact: [email protected] · [email protected].

This policy explains what data we collect, why we collect it, who we share it with, how long we keep it, and how you can delete it.

1. Data we collect

  • Identity: first name, last name, email address.
  • Phone number (optional, for support and WhatsApp).
  • Purchase history: eSIM packages, dates, destinations, amounts.
  • Device identifier / push notification token (APNs/FCM).
  • Technical data: app version, device model, OS version, sign-up and last-login IP (encrypted at rest in our database).
  • Social account identifiers when you sign in with Apple or Google (Apple `sub`, Google `sub`, encrypted Apple refresh token).

We do NOT collect: GPS location, contacts, microphone, health data, or any advertising identifier (IDFA). We do not track you across other apps or websites.

2. How we use your data

  • To create and manage your account.
  • To process payments and provision eSIMs.
  • To send you order confirmations, activation QR codes, and package status updates.
  • To send promotional notifications only if you have opted in (you can disable them at any time in Profile → Settings → Notifications).
  • To prevent fraud and detect abuse.
  • To comply with legal obligations (accounting, tax).

3. Third-party processors

We share minimum necessary data with the following partners, each contractually bound to maintain the same level of protection:

  • OCS / TelcoVision (Switzerland) — our eSIM provider. Receives ICCID, IMSI, and package metadata. Does NOT receive your name, email, or payment details.
  • RaiAccept (Kosovo) — processes card, Apple Pay, and Google Pay payments. No card data is stored on our servers.
  • Google Firebase Cloud Messaging (FCM) and Apple Push Notification service (APNs) — for push notification delivery.
  • Brevo — for transactional email delivery (order confirmations, eSIM ready, etc.).
  • Cloudflare — CDN and security (processes HTTPS request IPs).
  • Hetzner (Germany) — our server hosting provider.

We do NOT sell or share your data for third-party marketing purposes.

4. Where we store it

Data is stored in our database hosted at Hetzner (Germany — EU/EEA). Sensitive fields (Apple refresh tokens, IP addresses, billing phone) are encrypted at rest with AES-256.

5. How long we keep it

  • Your account: until you delete it, or after 3 years of inactivity.
  • Invoices and orders (anonymized): 7 years, as required by EU/Kosovo tax law.
  • Backups: up to 30 days.
  • Security logs: up to 90 days.

6. Your rights

You have the right to:

  • Access your data (in-app: Profile → Settings → Export Data).
  • Correct or update your profile data.
  • Delete your account immediately (in-app: Profile → Settings → Delete Account). Personal data is hard-deleted on the spot; billing records are anonymized and retained for 7 years per legal requirement. For Sign in with Apple users, the Apple link is revoked via Apple's `/auth/revoke` endpoint.
  • Withdraw consent for promotional notifications at any time.
  • Port your data (one-click JSON export).

For specific requests: [email protected]. We respond within 30 days.

7. Children

AMA eSIM is not directed at children under 13. If we learn that we have collected data from a child under that age, we will delete it promptly.

8. Changes to this policy

Any material change will be posted here and notified by email to active users at least 30 days before taking effect.