Staff Traveler

Introduction

At Voye we are committed to the privacy and securing of the data we hold about you. Throughout the data collection process, all necessary steps are taken to ensure that data is used only for the purposes we clearly state. The data that we collect will depend on the service we provide to you. This privacy statement is designed to assist you in understanding how Voye uses and safeguards the information you provide to us in using Voye’s Services. You should read this policy along with the terms and conditions. If you have any questions about our Privacy Policy, you can contact us at esimsupport@stafftraveler.com.

Personal Data that we collect and how we collect it

“Personal Data” means any information that relates to an identified or identifiable individual, and can include information that you provide to us and that we collect about you, such as when you engage with our Services (e.g. device information, IP address).

• Application. We will collect information about devices and browsers across our website and application (“Application”) and third-party websites, apps and other online services (“Third-Party”), usage data associated with those devices and browsers and how you have engaged with our Services, including IP address, plug-ins, language used, time spent on Application and Third-Party Sites, pages visited, links clicked, payment methods used, and the pages that led or referred you to Application and Third-Party Sites. See our Cookie Policy here.
• Device Identification Data. Data that identifies a device from which (or to which) electronic communications are sent (or received); may include Internet Protocol (IP) address, Media Access Control (MAC) address, International Mobile Equipment Identity (IMEI) number, International Mobile Subscriber Identity (IMSI) number, Serial Number, and Unique Device Identifier (UDID).
• Electronic Communications Metadata. Data processed in an electronic communications network for the purposes of transmitting, distributing, or exchanging electronic communications content (but excluding the electronic communications content), includes the data used to trace and identify the source and destination of a communication, data on the location of the device generated in the context of providing electronic communications services (geolocation data), and the date, time, duration, and type of communication. For purposes of clarity, we collect geolocation data upon activation of Services in your destination country, but once activated, we cease collecting geolocation data.
• Registration Data. When you purchase Services, you provide us with certain Personal Data, such as your name, email address, and phone number (“Registration Data”). We need this information in order to provide you the Services.
• Payment details. We use a third-party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processor, Stripe, whose use of your personal information is governed by Stripe’s privacy policy.
• Communication information. We will also collect any information you choose to provide to us, for example, through customer support, chats, contact forms, emails, social media, surveys. When you respond to our emails or surveys, we collect your email address, name, your contact data as well as the contents of your request and any other information you choose to include in the body of your email or responses. If you contact us by phone, we will collect the phone number you use to call us, as well as other information you may provide during the call.

Sharing Personal Data with Third Parties

• Suppliers providing services. To the extent this is necessary for the provision of our Services, we may share your Personal Data with third party banking facilities and billing agencies to process your information, other third party suppliers providing services to us (e.g. web provider services, IT suppliers, data analytics, marketing etc.) and Third party network operators who may need access to your Personal Data for regulatory compliance purposes.
• Compliance with Laws and law enforcement. Sometimes we may have to provide your Personal Data to third parties to comply with legal obligations. These include, but are not limited to, national regulators, for reasons such as resolving a billing dispute, for use in legal proceedings or even national security. In these cases, we will comply with whatever laws are in force at the time and provide such information as is required. We may also provide your information to law enforcement in order to help law enforcement investigate criminal activity.

Security

• We make reasonable efforts to provide a level of security appropriate to the risk associated with the processing of your Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data covered by this Policy against unauthorized access, destruction, loss, alteration or misuse. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
• If you have reason to believe that your interaction with us is no longer secure (e.g. you feel that the security of your Voye account has been compromised), please contact us immediately.

Retention of Personal Data

We keep your information as long as we need it for business, tax or legal purposes. We set our retention periods based on things like the type of Personal Data collected, how long the Personal Data is needed or desired to provide our Services and whether we are subject to contractual or legal obligations – such as ongoing litigation, mandatory data retention laws or government orders to preserve data relevant to an investigation. We may retain Personal Data after provision of the Services for a period of time, to enable you to easily access Services in the future. If you wish that we delete your registration information (after Services have been provided) please contact us.

Rights Regarding the Processing of Personal Data

Below we outline some of the rights you may have regarding our collection, use and disclosure of your Personal Data. These rights are limited by applicable laws, are subject to exemptions, and in some cases depend upon the processing activity that we are undertaking on your behalf, and therefore, some of these rights may not be applicable to you: We specifically mention Regulation 2016/679, the General Data Protection Regulation (“GDPR”), the EU GDPR as it is saved and incorporated into UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (UK GDPR), Swiss Federal Data Protection Act, California Consumer Protection Act, and other specific statutes in your jurisdiction that may grant some or all of the foregoing rights (“Applicable Laws”). Please consult the Applicable Law, for more information on your rights below and additional rights, if any.

• Right of Access. The right to be informed of and request access to the Personal Data we process about you;
• Right to Rectification. The right to request that we amend or update your Personal Data where it is inaccurate or incomplete;
• Right to Erasure. The right to request that we delete your Personal Data where: (i) it is no longer needed for the purposes for which it was collected, or; (ii) you have withdrawn your consent (where the processing of your Personal Data was based on consent); (iii) you have successfully objected (see right to object below); (iv) it has been processed unlawfully. We are not required to comply with your request to erase Personal Data if the processing of is it necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
• Right to Restrict. The right to request that we temporarily or permanently stop processing all or some of your Personal Data;
• Right to Object. The right to object to your Personal Data being processed for direct marketing purposes and the right, at any time, to object to us processing your Personal Data which has our legitimate interests as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedom;
• Right to Data Portability. The right to request a copy of your Personal Data in electronic format and the right to transmit that Personal Data for use in another party’s service; the right to request a copy of your Personal Data in a structured, commonly used, machine readable format, and the right to request that we transfer it directly to another data controller, but in each case only where: (i) the processing is based on your consent or on the performance of a contract with you; and (ii) the processing is carried out by automated means.
• Right not to be subject to Automated Decision-making. The right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

If you wish to issue a request to exercise your rights under Applicable Laws, when applicable, please contact us at esimsupport@stafftraveler.com. Please provide your name and contact information, and your jurisdiction, along with detailed information regarding the request. When we receive a request to exercise one of these rights, we will indicate what personal information we require from you to validate your identity. We will also provide information on the action we intend to take on the request without undue delay. Please note, these requests are subject to applicable legal or document retention obligations imposed on us.

Legal Basis for Processing

We rely upon a number of legal bases to enable our processing of your Personal Data:

• Contractual and Pre-Contractual Business Relationships. We process Personal Data for the purpose of entering into business relationships with customers and to perform the respective contractual obligations with them.
• Legal Compliance. We process Personal Data to verify the identity of individuals and entities in order to comply with fraud monitoring, prevention and detection obligations and other legal investigations.
• Legitimate Interests. Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes for which we have a legitimate interest in processing your data:

• Detect, monitor and prevent fraud and unauthorized payment transactions;
• Allow you to easily access future Services, and view the Services that you previously purchased.
• Mitigate financial loss, claims, liabilities or other harm to customers
• Determine eligibility for and offer new products and services;
• Respond to inquiries, send Service notices and provide customer support;
• Promote, analyze, modify and improve our Services, systems, and tools, and develop new products and services, including reliability of the Services;
• Manage, operate and improve the performance of our Applications and Services by understanding their effectiveness and optimizing our digital assets;
• Analyze and advertise our Services, and related improvements;
• Conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of, our business;
• Share Personal Data with third party service providers that provide services on our behalf and business partners which help us operate and improve our business;
• Enable network and information security throughout our Services; and
• Share Personal Data among our affiliates.
• Consent. We may rely on consent to collect and process Personal Data as it relates to how we communicate with you and for the provision of advertising in relation to future Services. When we process data based on your consent, you have the right to withdraw your consent at any time by contacting us at esimsupport@stafftraveler.com. Withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal, or processing that is being done on the basis of other lawful grounds.

Minors

The Services are not directed to minors, including children under the age of 13, and we request that they not provide Personal Data through the Services. In some countries, we may impose higher age limits as required by applicable law.

International data transfers

• We may transfer your Personal Data to countries other than your own country, including to the United States. These countries may have data protection rules that are different from your country. When transferring data across borders, we take measures to comply with applicable data protection laws related to such transfer. In certain situations, we may be required to disclose Personal Data in response to lawful requests from officials (such as law enforcement or security authorities).
• Where applicable law requires a data transfer mechanism, we use one or more of the following:

• Transfers to certain countries or recipients that are recognised as having an adequate level of protection for Personal Data under applicable law.
• EU Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum issued by the Information Commissioner’s Office. You can obtain a copy of the relevant Standard Contractual Clauses.
• or other legal methods available to us under applicable law.
• We note that your Personal Data will also be independently collected by the applicable host operator(s) in order to provide services to you, and this data will be processed in accordance with the host operator(s)’ privacy policy. You can identify the applicable host operator at any given time on your device.

Will this policy change?

This privacy policy may change from time to time for either legal or business reasons. In particular, you should check this Policy regularly for compliance purposes. If any changes are made a revised privacy policy will be published here.

Contact us

If you have any questions or complaints about this Policy, please contact us at esimsupport@stafftraveler.com.