Privacy Policy

Effective Date: 6th January 2026

Skratch, operated by Zero Dawn Ltd ("we," "us," or "our"), is committed to protecting the privacy of your personal information. This Privacy Policy explains how we collect, use, store, share, and safeguard your information when you use the Skratch platform, including our website, mobile applications, and eSIM services (collectively, the “Services”).

By accessing or using our Services, you consent to the practices described in this Privacy Policy and the terms outlined in our Terms of Use.

1. Definitions

  • Device: The mobile phone, tablet, or hardware from which you access the Services.
  • Camera Roll Data: Data stored in your device’s camera roll, accessed with your permission and stored only in hashed form.
  • IMEI: International Mobile Equipment Identity, a unique identifier for your Device.
  • EID: eSIM Identifier, a unique code for the embedded SIM in your Device.
  • ICCID: Integrated Circuit Card Identifier, a unique number associated with your eSIM profile.
  • MNOs: Mobile Network Operators, the telecommunications providers that enable connectivity for eSIM services.
  • Services: Includes our website, mobile applications, eSIM offerings, and related features.

2. Information We Collect

a. Account Information

  • Required: Name, username, email address, and mobile number (for account SMS verification).
  • For eSIM or Top-ups without a Skratch account: We collect your name, email, and optional mobile number.
  • Optional: With your permission, we may access Camera Roll Data for features such as trip planning. We only store this in hashed form and do not access metadata (e.g., location) unless you explicitly consent.

b. Payment Information

  • For purchases (e.g., eSIM, top-ups), payment details (e.g., card number, expiration) are securely processed by third-party providers (e.g., Stripe, PayPal).
  • We do not store complete payment card details.

c. Non-Personal & Usage Information

  • Log Data: Device type, unique device ID, IP address, OS, browser type, crash data, and other technical and usage statistics.
  • Cookies: Session or persistent cookies are used for login, store preferences (e.g. Language), and analytics. You can manage or disable cookies via your browser or device settings.
  • Device Information: Includes type of device (e.g., iPhone, Android), OS, crash data, and device settings. For eSIMs, we collect device-specific identifiers (IMEI, EID) for secure profile installation, activation, and connectivity. Temporary data such as ICCID, timestamps, and error logs may also be collected for troubleshooting and compliance with telecom standards.
  • Usage Data: Includes eSIM operator, days of use, number of top-ups, and data consumption to optimize our services.
  • Location Data: With your consent, we may collect GPS or inferred location (e.g., from eSIM usage). You can enable/disable location services in device settings.

d. Communication Data

  • Customer support inquiries, feedback, and requests you send to us.
  • We do not collect sensitive data (e.g., health, biometric) or communication content (e.g., browsing history, SMS).

3. How We Use Information

We use collected information to:

  • Provide and manage your account, and Services including eSIM activation, provisioning, order processing, billing, refunds, and customer support.
  • Authenticate devices and enable network connectivity through IMEI/EID.
  • Monitor data consumption, detect disruptions, and optimize roaming services.
  • Process payments securely and prevent fraud.
  • Improve our Services and develop new features.
  • Send service-related communications (updates, confirmations).
  • Send marketing communications (optional, opt-out available).
  • Respond to inquiries and provide technical support.
  • Comply with legal, regulatory, and telecommunications requirements.

We do not engage in profiling or automated decisions that significantly affect you without consent.

4. How We Share Information

We may share your information only in these limited cases:

  • With Your Consent: For example, linking Skratch to third-party platforms.
  • Service Providers: Trusted third parties who process payments, analytics, support, or eSIM provisioning under strict obligations.
  • Mobile Network Operators (MNOs): For eSIM provisioning and network access, we share minimal necessary identifiers (IMEI, EID, ICCID). These partners are contractually bound to limit use.
  • Legal Compliance: To meet legal obligations or protect against fraud and technical risks.
  • Aggregated/Anonymized Data: Shared for research, analytics, or marketing, without identifiers such as IMEI/EID.
  • Business Transfers: In case of merger, acquisition, or reorganization, with notice provided in advance.

5. International Data Transfers

Your data may be processed outside your country, including the UK, EU/EEA, and U.S.

  • Safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or Binding Corporate Rules are applied.
  • For eSIM data transfers to non-adequate countries, we conduct transfer impact assessments to reduce risks.

6. Data Retention

  • Personal data is kept only as long as needed for service or legal obligations.
  • Billing records: retained for up to 6 years (for legal obligations).
  • eSIM activation logs: retained up to 12 months post-service unless longer retention is legally required.
  • Unnecessary data is securely deleted.

7. Your Choices & Rights

We provide tools to help you manage your information and exercise rights under applicable laws (e.g., GDPR, UK GDPR, CCPA/CPRA):Control who accesses your Skratch map and revoke access anytime.

  • Control access to your Skratch map.
  • Enable/disable location services via device settings.
  • Link/unlink third-party accounts.
  • Manage cookies preferences in browser or device settings.
  • Request access, correction, deletion, or portability of your personal information.
  • Withdraw consent to object to marketing communications.
  • Request deletion of eSIM profile data (subject to retention laws).
  • Deactivate your account at any time (with “proof of authority”) your account will be closed, and associated data deleted, except for where data is legally required to be retained.

8. Security of Your Information

  • Accounts are protected by mobile number verification.
  • We implement administrative, technical, and physical safeguards, including encryption, firewalls, and access controls.
  • For eSIM data, we follow GSMA industry standards for secure provisioning and storage.
  • However, no online or mobile transmission is 100% secure, and we cannot guarantee absolute protection.

9. Children’s Information

  • Skratch and its Services (including eSIMs, eVisas, Travel Insurance) are not intended for children under 13.
  • We do not knowingly collect personal data from children under 13.
  • If discovered, we will attempt to delete such information promptly.
  • Parents cannot consent on behalf of a child under-13.

10. Changes to This Policy

We may update this Privacy Policy from time to time.

  • The latest version will always be available on our website.
  • If significant changes are made, we will notify you (e.g., email, in-app alerts) and, where required, request your consent.
  • Continuing to use the Services indicates acceptance of the revised policy.

11. Contact Us

For questions or concerns about this Privacy Policy or your data:

Contact

support@skratch.world