Lyca Mobile vs. VOXI vs. spusu: Best UK eSIM Network Deals 2026

Privacy Policy

This Privacy Policy outlines how we collect, process, store, and protect your personal information when you use our website, including all associated services, mobile applications, and related digital tools. We are committed to maintaining the confidentiality and security of your data in accordance with the Data Protection Act.
Last updated: January 23, 2026.

1. Information We Collect

We collect different types of information to provide you with a safe, secure, and personalised user experience. This information is necessary for account creation, service delivery, fraud prevention, payment processing, and customer support. The categories of data we collect serve multiple operational and administrative purposes across our platform.

  • Personal identification information including your full name, date of birth, email address, telephone number, and residential address
  • Financial information such as bank account details, payment card information, payment method details, and transaction history
  • Account activity data including login times, service preferences, usage history, and session duration
  • Device information including IP address, device type, operating system, browser type, and unique device identifiers
  • Communication records including support tickets, email correspondence, live chat interactions, and feedback submissions
  • Identity verification documents such as passport scans, driving licence images, utility bills, and proof of address documentation
  • Cookies and similar tracking technologies that monitor your preferences and interactions across our platform
  • Location data derived from IP addresses and device settings where necessary for security, fraud prevention, or service availability

2. Purpose of Data Collection and Processing

Your personal information is collected and processed for specific and legitimate purposes that support the operation of our website and services. We process data only when we have a lawful basis to do so, and we do not use your information beyond the purposes disclosed in this policy.

  • Account creation and management to establish your profile and maintain your account history
  • Payment processing and financial transactions to facilitate purchases, refunds, and billing administration
  • Identity verification and fraud prevention to protect users and maintain service integrity
  • Customer support and technical assistance to resolve issues, answer queries, and improve service quality
  • Marketing communications and promotional offers, provided you have consented to receive such materials
  • Legal and regulatory compliance with applicable laws, financial obligations, and reporting duties
  • Platform improvement and analytics to enhance user experience, optimise performance, and develop new features
  • Security monitoring to detect suspicious activity, unauthorised access, and misuse of the platform

3. Legal Basis for Data Processing

Under the UK GDPR and the Data Protection Act 2018, we must establish a lawful basis before processing personal information. Our data processing activities may rely on several legal grounds depending on the specific purpose.

  • Contract performance where processing is necessary to provide the services you request
  • Legal obligation where processing is required by applicable laws, tax rules, or compliance obligations
  • Legitimate interests such as fraud prevention, platform security, and operational efficiency, provided your rights do not override those interests
  • Explicit consent where required for marketing communications or other optional processing
  • Vital interests protection where processing is necessary to prevent harm
  • Public task performance where required for cooperation with competent authorities or lawful investigations

4. Data Sharing and Third-Party Disclosure

We do not sell or rent your personal information to third parties for their independent marketing purposes. However, we may share your data with selected partners who assist us in providing services, ensuring compliance, and maintaining platform security. All third parties are required to protect your data and process it only for authorised purposes.

  • Payment processors and financial institutions required to process your transactions securely
  • Identity verification service providers who conduct document and account checks
  • Fraud detection and prevention companies that help protect our platform
  • Regulatory authorities, courts, or law enforcement agencies when required by law
  • Customer support platforms and communication providers that facilitate technical assistance
  • Analytics and infrastructure providers supporting website performance and reliability
  • Professional advisers including lawyers, accountants, and auditors when necessary for compliance or legal matters

5. Data Retention and Deletion Policies

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Different categories of data may be subject to different retention periods depending on their purpose and applicable legal obligations. When retention is no longer required, data is securely deleted or anonymised.

  • Active account information is retained for the duration of your account and a reasonable period afterwards where necessary
  • Financial records and transaction history may be retained for up to seven years to comply with tax and accounting requirements
  • Identity verification documents may be retained for a limited period following account closure where required for compliance or fraud prevention
  • Marketing data is retained only while you have consented to receive promotional communications
  • Support correspondence and complaint records may be retained for up to three years to address disputes and service issues
  • Login and activity logs may be retained for a limited period for security and fraud prevention purposes
  • Cookies and tracking data are retained according to their specific expiration settings or consent duration
  • Restricted or permanently closed account records may be retained where necessary to prevent misuse or repeated fraud

6. Your Data Protection Rights

Under the UK GDPR and the Data Protection Act 2018, you have important rights regarding your personal information. We are committed to respecting these rights and responding to valid requests within the required timeframes.

  • Right of access allowing you to request a copy of the personal data we hold about you
  • Right to rectification enabling you to correct inaccurate or incomplete information
  • Right to erasure permitting deletion of your data in certain circumstances
  • Right to restrict processing allowing you to limit how your data is used while issues are reviewed
  • Right to data portability enabling you to receive your data in a portable format
  • Right to object allowing you to oppose processing for direct marketing or certain legitimate interests
  • Right to withdraw consent at any time for optional processing activities
  • Right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been violated

7. Security Measures and Data Protection

The security of your personal information is a priority. We implement technical, administrative, and organisational measures to protect your data from unauthorised access, alteration, disclosure, or destruction. Our security practices are reviewed and updated regularly.

  • End-to-end encryption using industry-standard SSL/TLS protocols for data transmission
  • Secure password requirements and optional two-factor authentication where available
  • Firewalls and intrusion detection systems to monitor and prevent malicious activity
  • Regular security audits and vulnerability assessments
  • Employee data protection training and confidentiality requirements
  • Access controls limiting data access to authorised personnel with legitimate business purposes
  • Secure data centres and protected backup systems
  • Incident response procedures enabling rapid detection and handling of potential data breaches

8. Contact and Complaints Procedures

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how your personal information is handled, you may contact us using the methods below. We take privacy concerns seriously and aim to address all queries promptly and transparently.

  • Email us at [email protected] with detailed enquiries regarding your personal data
  • Submit a data subject access request through your account settings or by registered mail
  • Contact our Data Protection Officer directly for matters requiring specialist attention
  • Lodge formal complaints with the Information Commissioner’s Office at ico.org.uk
  • Allow up to thirty days for response to standard data requests as required by law
  • Provide sufficient information to help us identify and retrieve your data
  • Request deletion or correction of information through your account profile or by formal written request

9. Policy Changes and Updates

We reserve the right to modify this Privacy Policy at any time in response to changes in legislation, regulatory requirements, or business operations. Significant changes may be communicated via email, prominent notification on our platform, or updated terms requiring your acknowledgement. Continued use of our services following notification of changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how your personal information is protected.