SIM4Business - Privacy Policy on the processing of personal data pursuant to Arts. 13-14 of Regulation (EU) 2016/679
Data Subjects: SIM4Business service users
This Privacy Policy relates to the processing of personal data carried out by the SIM4Business portal, which allows a company to purchase and monitor the data traffic usage of eSIMs (virtual SIM).
Basic version
The basic version of the SIM4Business service allows you to:
- purchase eSIM profiles for nations that are preconfigured during platform configuration, with a definition of traffic amount and validity period;
- view the list of purchased eSIMs and, for each one, check its data usage in MB;
- view the history of purchase orders placed.
Except for displaying the identifier of users enabled to access the portal, in this version there is no further processing of personal data, as there is no opportunity for electronic payments by those concerned, since the amount of eSIMs purchased is deducted from a pre-paid wallet.
Add-on version of Netmon
The SIM4Business add-on version of Netmon add-on version provides the company with all the features of the basic version (purchase of eSIMs, purchased eSIM history, eSIM usage control, order history) as well as allows the registry management of both the corporate SIM cards and purchased eSIMs, with the opportunity to associate them with the registered users. For additional information on the Netmon product, please see the dedicated Privacy Policy.
Data controller
The company that uses the SIM4Business portal, which establishes the data processing purposes and means.
Data processor
The Data Processor, possibly on behalf of the telecommunications provider is TECHNACY S.R.L., with registered and operational headquarters in Via Molveno, 5 - 48015 Cervia (RA), VAT/Tax Code: 02399920392. Further information on the privacy policies applied is available on the website www.technacy.it.
Purpose of processing
- Enabling the company to obtain grater control and awareness over data traffic expenditures incurred abroad.
- Viewing the data traffic usage made by eSIMs purchased by the company.
Available features and data processing
Through authorized users, the SIM4Business portal allows the data controller to:
- enter the data of the physical SIMs to be monitored (phone number);
- purchase eSIMs from the Shop for the countries pre-configured during the initial setup;
- associate SIMs and/or eSIMs with the final users (owners);
- view the purchased eSIMs data traffic usage expressed in megabytes;
- view the list of all purchased eSIMs;
- view the orders history.
In order to simplify the activities, the Data Controller can enter the following optional data:
- first name, last name, e-mail address of the SIMs and/or eSIMs users.
The Data Controller shall be responsible for setting the SIM4Business service, as well as the information access authorizations to the relevant person in charge, drawing up the instructions for the correct processing of data and establishing the information obligations toward service users.
Recipients
The personal data resulting from the use of the SIM4Business service shall only be processed by duly appointed competent subjects or subjects appointed as data processors for proper management of the service, ensuring the protection of the data subject’s rights.
Such subjects include:
Data Processors: Technacy, any other IT service providers (including telecommunications operators).
Recipient inside the company: the data shall be processed by personnel expressly authorized by the Data Controller.
Storage Period
Personal data shall be stored until the termination of the contractual relationship as well as for any additional period stipulated in the contract.
Ancillary purposes
The information collected shall also be used for ancillary purposes required to ensure the proper operation of the service, such as: maintenance, support, administration, and data transmission security.
Method and security of processing
Personal data shall be processed using electronic and telematic means. All processing takes place in compliance with the provisions of Articles 5 and 32 of the GDPR, through the adoption of appropriate security measures.
Transfer of personal data to third countries
The SIM4Business service shall not transfer any personal data to non-EU countries.
Disclosure
Personal data shall not be disclosed in any way.
Rights of the Data Subject - Regulation (EU) 2016/679: Arts. 15, 16, 17, 18, 19, 20, 21
1. The data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her do exist, even if not yet registered, and to be provided such data in an intelligible form .
2. The data subject shall have the right to be informed of:
a. the source of personal data;
b. the purposes and methods of processing;
c. the logic involved in the event of data processed using electronic means;
d. the identification data of data controller, data processors and designated representative pursuant to art. 5, par. 2;
e. the entities or categories of entities to which the personal data may be disclosed or which may acquire the personal data as designated representative in the country’s territory or as data processors or as entities in charge of data processing.
3. The interested party shall have right to obtain:
a. the update or rectification of personal data as well as to have incomplete personal data completed, if he or she wishes;
b. the erasure, anonymisation or blockage of personal data being processed in violation of the law, including data which do not need to be stored in relation to the purposes for which they have been collected or subsequently processed;
c. the confirmation that the entities to which data have been disclosed have been informed of the operations under letters a) and b), including their content, except where the fulfilment of this obligation proves to be impossible or would involve a disproportionate effort with respect to the right being protected;
d. the data portability.
4. The data subject shall have the right to object, in whole or in part:
a. to the processing of personal data concerning him or her for legitimate grounds, even if such data are in line with the purposes for which data are collected;
b. to the processing of personal data concerning him or her for direct marketing purposes, for receiving advertising materials or marketing communications or for market researches.
Right to lodge a complaint
The Data Subject shall have the right for valid and legitimate grounds, to lodge a complaint with the "Guarantor" as supervisory authority in compliance with the established procedures. For further information as well as to exercise their rights under the EU Regulation, the data subject may contact the Data Controller using the above contact details.
SIM4Business Policy Rev. 1/2024