Privacy Policy

NomadSIM (nomadsim.co) is operated by MB Software Studio. This privacy policy explains how we collect, use, and protect your personal data when you use our prepaid mobile top-up service.

We collect the following information:

• Contact information: Email address (for account creation, receipts, and magic link authentication)
• Phone number: The Colombian mobile number you want to recharge
• Payment information: Processed and stored by Stripe. We do not store your card details on our servers.
• Authentication data: Passkey credentials, Google OAuth tokens, or magic link sessions managed by Better Auth
• Technical data: IP address, user agent, browser type, and device information
• Usage data: Pages visited, actions taken, session recordings (via Microsoft Clarity), and analytics events (via Google Analytics 4)

We use your data to:

• Deliver mobile top-ups to your phone number
• Process payments and send transaction confirmations
• Manage your account, subscriptions, and referral program
• Send transactional emails (order confirmations, magic links) via Resend
• Improve our service through analytics and session recordings
• Detect and prevent fraud or abuse

We do not sell your personal data. We do not send marketing emails unless you explicitly opt in.

We share data with the following third-party services, each with their own privacy policies:

• Stripe — Payment processing. Stripe receives your card details, email, and billing information.
• Zendit / IDT — Top-up delivery. Receives your phone number to fulfill the recharge.
• Resend — Transactional email delivery. Receives your email address.
• Google Analytics 4 — Website analytics. Collects anonymized usage data, IP address, and device information.
• Microsoft Clarity — Session recording and heatmaps. Records user interactions on the site. Sensitive fields (like payment inputs) are automatically masked.
• Google OAuth — If you sign in with Google, we receive your name, email address, and profile picture from Google.
• Vercel — Hosting. Vercel processes requests and may log IP addresses and request metadata.

We use the following cookies:

• Authentication cookies: Session cookies to keep you signed in. These are essential for the service to function.
• Analytics cookies: Set by Google Analytics 4 to measure site usage and performance.
• Session recording cookies: Set by Microsoft Clarity for session replay and heatmap data.

You can disable non-essential cookies in your browser settings. Disabling essential (authentication) cookies will prevent you from signing in.

We retain your account data and transaction history for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days, except where we are legally required to retain it (e.g., financial records).

Analytics data is retained according to the default retention periods of Google Analytics and Microsoft Clarity.

We use industry-standard security measures to protect your data, including HTTPS encryption, secure authentication via Better Auth, and Stripe's PCI-compliant payment processing.

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and personal data
• Withdraw consent for non-essential data processing

To exercise any of these rights, contact us at support@nomadsim.co.

NomadSIM is not intended for use by children under 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it.

We may update this privacy policy from time to time. Material changes will be communicated via email or a notice on the website. The "Last updated" date at the top reflects the most recent revision.

For questions about this privacy policy or your personal data, contact us at support@nomadsim.co.