Country Plans Regional Plans How It Works Support

PRIVACY POLICY FOR THE TOURLINK eSIM WEB STORE

Last updated: 8 April 2025

OMAX GROUP LTD ("OMAX", "we", "us"), a private limited company registered in England & Wales (Company No. 16125244) with its registered office at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom, is committed to protecting your privacy. This Privacy Policy ("Policy") explains how we collect, use, disclose and safeguard personal data when you visit tourlink.me (the "Website" or "Store") or purchase and use Tourlink eSIM connectivity services (the "Service").

Tourlink is an OMAX product; there is no separate legal entity.

By accessing or using the Store you acknowledge that you have read and understood this Policy. If you disagree, please refrain from using the Website.

1. Scope

This Policy applies to personal data processed when:

  • you browse the Website or create a Store account;
  • you purchase, activate or top up a Tourlink eSIM package;
  • you communicate with us as a customer or prospect;
  • we must fulfil legal obligations as an electronic communications provider.

2. What Personal Data We Collect

2.1 Data You Provide

  • Registration data – name, e-mail, password, billing address, phone number.
  • Order & payment data – package selected, transaction ID, partial card details (handled by PCI compliant processors), VAT/GST numbers (if applicable).
  • Support data – messages, tickets, call recordings you initiate.

2.2 Data Collected Automatically

  • Technical data – IP address, browser type, OS, device identifiers, referral URL.
  • Usage data – pages visited, clicks, time stamps, error logs.
  • eSIM/service data – ICCID, IMSI, activation time, network usage (session start/end, volume), general location inferred from serving network (country/region).

2.3 Data from Third Parties

Fraud risk signals from payment gateways; aggregated analytics from advertising partners.

3. Legal Bases for Processing (UK GDPR/GDPR)

Purpose Legal Basis
Account creation, order fulfilment, service delivery Contract performance
Customer support, service notifications Legitimate interests
Fraud prevention, network security, regulatory compliance Legitimate interests / Legal obligation
Marketing e-mails to new subscribers Consent
Tax, telecom retention, KYC where required Legal obligation

4. How We Use Personal Data

  • Provide, activate and administer eSIM packages.
  • Process payments and issue invoices.
  • Monitor network performance and troubleshoot.
  • Send service updates and, with consent, marketing communications.
  • Detect and prevent fraud or misuse of the Service.
  • Comply with telecom, tax and accounting laws.

5. Cookies & Tracking Technologies

We use cookies to operate the Website, analyse traffic (Matomo) and, with consent, run limited remarketing campaigns (Google Ads / Meta Pixel). Details are in our Cookie Policy. You can manage preferences via the banner or browser settings.

6. Data Sharing

We share personal data only as necessary:

  • Payment processors – to complete transactions (Airwallex).
  • Mobile network operators & roaming partners – to authenticate and route your connectivity.
  • Cloud hosting & support platforms – secure storage, ticketing, e-mail dispatch.
  • Affiliates of OMAX – intra group support under the same protections.
  • Authorities – where required by law or valid legal process.
  • Corporate transactions – in case of merger or acquisition (with safeguards).

We never sell your data to third parties.

7. International Transfers

Data may be processed outside your country. Where transfers occur from the UK/EEA to a non-adequate jurisdiction, we rely on Standard Contractual Clauses or another lawful mechanism and implement technical and organisational safeguards.

8. Data Retention

  • Account & usage records – retained while your account is active and for 6 years thereafter to meet tax/legal requirements.
  • Traffic logs – retained 12 months for fraud prevention and regulatory compliance, then anonymised.
  • Support tickets – kept 24 months after closure.

Data no longer needed is deleted or irreversibly anonymised.

9. Security Measures

We apply ISO 27001 aligned controls: TLS encryption, AES 256 at rest, multi-factor admin access, regular penetration tests, least privilege access and 24/7 monitoring. No internet transmission is perfectly secure, but we maintain incident response procedures and will notify affected users and regulators of any breach as required by law.

10. Your Rights

Subject to applicable law, you can:

  • Request access to your personal data.
  • Ask for correction or deletion.
  • Restrict or object to certain processing.
  • Receive a copy in portable format.
  • Withdraw consent at any time (marketing cookies/e-mails).
  • Lodge a complaint with the ICO or your local supervisory authority.

Submit requests to [email protected]. We may verify identity before acting.

11. Changes to This Policy

We may update this Policy to reflect operational or legal changes. The revised version will be posted with a new "Last updated" date and, where material, notified by e-mail. Continued use after the effective date constitutes acceptance.

12. Contact Us

Data Protection Officer – OMAX GROUP LTD

  • Address: 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom
  • E-mail: [email protected]
  • Phone: +44 20 805 861 85

If you have questions or wish to exercise your rights, please contact us. You may also complain to the Information Commissioner's Office (ico.org.uk) or your local DPA.

By continuing to use the Website or purchasing a Tourlink eSIM, you acknowledge that you have read and understood this Privacy Policy.