Privacy policy
Last updated: 2026-04-28
This page explains what personal data Entanglement S.r.l. collects, why, and what your rights are under the GDPR. Please review the placeholder text below and replace it with finalized legal copy before launch.
1. Data controller
Entanglement S.r.l. — Via Roma 1, 00100 Roma, Italy. VAT: IT00000000000. Contact: info@entanglement.asia.
2. What we collect
- Account data: name, email, hashed password, locale.
- Order data: the eSIM plan you bought, ICCID, activation code, amount paid.
- Payment data: processed by Stripe — we never see your card number; Stripe gives us a payment intent ID and the last four digits.
- Reseller attribution: if you arrived via a /r/<code> URL, we record which reseller you came from.
- Technical data: standard server logs (IP, user-agent, request URL, timestamp) for security and abuse prevention. Retained 30 days.
3. Why we collect it
- To deliver the eSIM you bought (contractual basis).
- To provide customer support, send order confirmations, and let you log back in.
- To meet our tax + accounting obligations (legal basis).
- To prevent fraud and abuse (legitimate interest).
4. Who we share it with
esimaccess.com (our wholesale eSIM provider) — they receive the country/plan and an internal reference. Stripe — receives the payment. Mail provider — to send transactional emails. We do not sell or rent your data, and we do not run third-party advertising or analytics on this site.
5. Your rights
Under the GDPR you can request: access, rectification, deletion, portability, restriction, or objection. Email info@entanglement.asia. You can also lodge a complaint with the Italian Data Protection Authority (Garante) at gpdp.it.
6. Retention
Order + invoice data: 10 years (Italian tax law). Account data: until you ask us to delete your account, then anonymised on orders for the same retention reason. Server logs: 30 days.
7. Cookies
We use only strictly-necessary cookies. See the cookie policy.