Privacy Policy

The data controller is Uvaree Group LLC, 30 N Gould St, Ste R, Sheridan, WY 82801, USA. For privacy questions, contact privacy@uonfly.com.

Only what we need to deliver the service:

• Order info: name, email, billing address, payment details (handled by our payment processor — we never see your card number).
• Device info: phone model, IMEI/EID (for eSIM provisioning).
• Usage info: data consumption, country of connection, network used (for billing and fair-use enforcement).
• Support data: emails you send us, screenshots you share.

We do not collect: browsing history, location beyond country-level, contacts, photos, or anything else on your phone.

• To provision and activate your eSIM.
• To process payments and refunds.
• To answer your support requests.
• To send transactional emails (order confirmations, low-data warnings).
• To detect and prevent fraud or abuse.
• To comply with tax and telecom regulations.

We only send marketing emails (travel deals, new countries, blog content) if you explicitly opt in at checkout or via a newsletter form. Every marketing email has an instant unsubscribe link. We don't sell, rent, or share your email with anyone.

We share minimal data only with parties that help deliver the service:

• Local network operators in your destination country (eSIM provisioning).
• Payment processors (Stripe, PayPal, Apple Pay, Google Pay).
• Email service providers for transactional and (opt-in) marketing emails.
• Analytics (Google Analytics or similar) — anonymized usage stats only.

We never sell personal data. Period.

Order records: 7 years (tax law requirement). Marketing data: until you unsubscribe. Support emails: 3 years. Account data: until you ask us to delete it.

Some service providers (payment, email, network partners) may be located outside the EU/EEA. When that happens, we use Standard Contractual Clauses approved by the European Commission, plus encryption in transit and at rest.

See our Cookie Policy for the full breakdown. We use essential cookies (cart, login, security) without consent, and analytics/marketing cookies only with your explicit opt-in via our cookie banner.

You have the right to:

• Access a copy of your data.
• Correct inaccurate data.
• Delete your data ("right to be forgotten").
• Restrict or object to processing.
• Portability — get your data in a machine-readable format.
• Withdraw consent at any time.
• Lodge a complaint with your national data protection authority.

To exercise any right: email privacy@uonfly.com. We respond within 30 days, usually within 48 hours, free of charge.

We use HTTPS everywhere, encrypt data at rest, restrict employee access, and never store payment card details ourselves. If a breach affects your data, we'll notify you within 72 hours as required by GDPR.

Uonfly is not intended for users under 16. We don't knowingly collect data from children. If you believe a child has given us data, email privacy@uonfly.com and we'll delete it.

We may update this policy. Material changes will be announced by email to customers and posted here at least 14 days before they take effect.