ESIM UniversalESIM Universal
← Back to home

Privacy Policy

Last updated: 27 April 2026

ESIM Universal understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and partners and will only collect and use personal data in ways that are described here, in a way that is consistent with our obligations and your rights under the law.

1. Information About Us

1.1 ESIM Universal is a trading name of PORTABLE DIGITAL LIMITED, a company registered in England and Wales under company number 16974578, whose registered office is at Flat 34 Quested Court, Brett Road, London, England, E8 1JS. PORTABLE DIGITAL LIMITED is the operator of the eSIM reseller service described in this notice and the controller of your personal data. Contact details: esimuniversalproject@proton.me.

1.2 We are not a mobile network operator or telecommunications provider. Data services are delivered by third-party network providers in their respective countries. Although we are not the network provider, we provide support to end users who purchase services we resell.

1.3 WE DO NOT ASSUME ANY RESPONSIBILITY AND MAY NOT BE HELD RESPONSIBLE OR LIABLE FOR CONNECTIVITY AS SUCH, ITS QUALITY, QUANTITY, DIVERSITY, COVERAGE, SECURITY OR ANY OTHER FEATURE OR OPTION A CONSUMER MAY EXPECT FROM A MOBILE OPERATOR OR PROVIDER.

1.4 We deliver our services through the Telegram bot @esim_universal_bot. Telegram is not owned or controlled by us. Telegram operates according to its own privacy policy available on https://telegram.org/privacy as may be amended from time to time. IF YOU DISAGREE WITH TELEGRAM'S PRIVACY POLICY, TERMS OF USE OR ANY OTHER POLICY, PLEASE DO NOT USE OUR SERVICES. You can review how to manage your privacy settings with bots here: https://telegram.org/faq#q-are-bots-safe.

1.5 Contact details: esimuniversalproject@proton.me.

2. What Does This Notice Cover?

This Privacy Notice explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

3. What Is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the "GDPR") as 'any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier'. In simpler terms, personal data is any information about you that enables you to be identified — obvious information such as your name and contact details, but also less obvious information such as identification numbers, electronic location data, and other online identifiers.

4. What Personal Data Do You Collect and How?

We may collect and hold some or all of the personal data set out below, using the methods listed:

  • First name and last name — via Telegram bot API.
  • Email address — directly from you via email or our Telegram support channel.
  • Profile public information including Telegram user name, screen name and picture(s) — via Telegram bot API.
  • Payment-related information limited to what third-party payment processors return to us (such as transaction reference, status, and currency). We do not collect or store full card or wallet credentials.
  • Order data including the eSIM packages you purchase and basic device compatibility information you provide.

PLEASE NOTE that we get access to and may collect your personal data via the Telegram bot @esim_universal_bot. This bot operates within Telegram under its own privacy policy available at https://telegram.org/privacy as may be amended from time to time.

5. How Do You Use My Personal Data?

We may use your personal data for the following purposes:

  • Administering our business;
  • Supplying our services and support to you;
  • Managing payments for our services;
  • Personalising and tailoring our services for you;
  • Communicating with you and supplying you with information on our services.

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you with information, news, and offers on our services. You will not be sent any unlawful marketing or spam, and you will always have the opportunity to opt out.

We may use automated systems to deliver and operate our services. The Telegram bot @esim_universal_bot is the primary automated system through which we provide our services. If at any point you wish to query an automated action or request human intervention, please contact us using the details in section 10.

We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of applicable data protection legislation and your legal rights.

6. How Long Will You Keep My Personal Data?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. We will keep your personal data to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law.

7. How and Where Do You Store or Transfer My Personal Data?

Personal data we have access to in the Telegram bot @esim_universal_bot is stored by Telegram according to its privacy policy at https://telegram.org/privacy. Notwithstanding anything to the contrary in this notice we do not copy, collect, back up or otherwise process this kind of personal data outside of Telegram.

Generally we store your personal data electronically on servers located in the European Economic Area (the "EEA" — all EU member states, Norway, Iceland, and Liechtenstein). We may, however, store or transfer some or all of your personal data in countries that are not part of the EEA. These are known as "third countries" and may not have data protection laws that are as strong as those in the EEA. Where this happens, we will take additional steps to ensure that your personal data is treated just as safely and securely as it would be within the EEA. By using our services you expressly agree and consent to such transfers.

8. Do You Share My Personal Data?

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:

  • Telegram, through which our service is delivered.
  • Third-party payment processors that we use to accept and reconcile payments. The minimum data required to process and verify a transaction is shared with them.
  • Upstream connectivity providers, where required to provision the eSIM associated with your order.
  • Service providers we use to operate our infrastructure (for example, hosting and analytics), strictly under data-processing terms.

If any of your personal data is shared with a third party as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights. If any personal data is transferred outside of the EEA, we will take suitable steps to ensure that it is treated just as safely and securely as it would be within the EEA.

9. How Can I Access My Personal Data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). All subject access requests should be made in writing and sent to the email in section 10.

There is normally no charge for a subject access request. If your request is 'manifestly unfounded or excessive' (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will do our best to respond to your subject access request within 20 calendar days and, in any case, not more than one month of receiving it. In some cases, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

10. How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following email: esimuniversalproject@proton.me.

11. Changes to this Privacy Notice

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be made available in this section of the application.

This Privacy Policy was last updated on 2026-04-27.