Legal

Privacy Policy

Last updated July 2, 2026

This policy explains what personal data Globeelink collects, why we collect it, who we share it with, and the rights you have over it.

1. Overview

Globeelink ("we", "us") is the data controller for personal data processed through this website and the Globeelink dashboard. We collect the minimum we need to sell and support travel eSIMs, and we never sell your personal data.

2. What we collect

  • Account data — your email address and name, used to sign you in (we use passwordless email sign-in) and to identify your account.

  • Order data — the plans you buy, prices paid, order status, and refund requests.

  • Payment data — handled by our payment provider; we receive confirmation, the card brand and last digits, but never your full card number.

  • eSIM service data — technical identifiers for your eSIMs (such as the ICCID), plan status, activation dates, and aggregate data usage, so your dashboard can show what is active and how much data is left.

  • Device compatibility queries — the device model you search in our compatibility checker.

  • Support conversations — messages you exchange with our support chat.

  • Site usage data — analytics events and cookies, only with your consent (see our Cookie Policy).

3. Why we process it

  • To deliver the service you bought: issue eSIMs, show usage, process top-ups and refunds (performance of a contract).

  • To operate sign-in and keep your account secure (performance of a contract and legitimate interest).

  • To send transactional messages, such as sign-in links and service notifications (performance of a contract).

  • To run the rewards program if you take part in it (performance of a contract).

  • To answer support requests (legitimate interest).

  • To measure and improve the website through analytics, only where you consent (consent).

  • To meet legal obligations, such as tax and accounting rules (legal obligation).

4. Who we share it with

We use a small set of processors to run the service:

  • Payment processing — Stripe, to charge your card securely and to pay refunds back to it.

  • Commerce platform — BigCommerce, which powers our product catalogue, cart, and order records.

  • Authentication — Google Firebase, which delivers our passwordless sign-in links.

  • Email and messaging — Klaviyo, for transactional and (only with consent) marketing email.

  • Analytics — Google Analytics via Google Tag Manager, loaded only after you consent in the cookie banner.

  • Customer support chat — our in-site chat provider, to run GlobeeBot and human support.

  • Connectivity partners — the eSIM provisioning platforms and local mobile networks that deliver your data plan; they receive the technical identifiers needed to activate service, not your shopping history.

We disclose data to authorities only where the law requires it. We never sell personal data to anyone.

5. International transfers

Some of the providers above process data outside your home country. Where that happens we rely on recognised safeguards (such as standard contractual clauses or an adequacy decision) with each provider.

6. How long we keep it

Account and order records are kept while your account is open and for as long as tax, accounting, and dispute rules require afterwards. Analytics data is kept in aggregate. If you delete your account, we remove or anonymise personal data that we are not legally required to keep.

7. Your rights

Depending on where you live (including under the GDPR), you can ask us to access, correct, delete, restrict, or export the personal data we hold about you, and you can object to processing based on legitimate interests. Where processing is based on consent, you can withdraw it at any time — for cookies, use Cookie Settings in the footer.

You can delete your account yourself from the dashboard (Security → Delete account, confirmed by a code sent to your email). You also have the right to complain to your local data-protection authority.

8. Security

Traffic to the site is encrypted, payment details are handled by our PCI-compliant payment provider, sign-in is passwordless (a link sent to your email), and access to production data is restricted to the people who need it to run the service.

9. Children

Our services are intended for adults and are not directed at children under 16. We do not knowingly collect personal data from children.

10. Changes and contact

We will update this policy as the service evolves and refresh the "Last updated" date above. Questions or requests about your data are handled fastest through the chat on our website.