Privacy Rights · Effective July 4, 2026
EU/UK GDPR Notice
This notice supplements the Privacy Policy for users in the European Economic Area, Switzerland, and the United Kingdom.
Controller
Lainey is the controller for customer account, order, subscription, support, and marketing data. Some providers, such as payment and eSIM infrastructure providers, may act as independent controllers for their own processing.
Contact
Use support@lainey.app for EU/UK privacy requests. If a representative or DPO is required as Lainey scales, this notice should be updated with those details.
1. Personal Data Categories
We process account/contact data, order and eSIM data, connectivity usage status, payment records, device and security data, preferences, support communications, and marketing consent as described in the Privacy Policy.
2. Lawful Bases
- Contract: to sell, provision, support, renew, and manage eSIM plans and accounts.
- Legitimate interests: fraud prevention, security, service improvement, analytics, support operations, network abuse prevention, and business records.
- Consent: optional marketing, certain cookies or similar technologies, push notifications, and any processing where consent is required.
- Legal obligation: tax, accounting, consumer protection, sanctions, law enforcement, and dispute obligations.
- Vital interests or public interest: only if an exceptional situation legally requires it.
3. Special Category Data
Lainey does not intentionally request special category data. Do not send health, biometric, political, religious, or similarly sensitive data in support messages unless necessary.
4. Your Rights
- Access your personal data.
- Correct inaccurate data.
- Request deletion where applicable.
- Restrict or object to certain processing.
- Request portability where applicable.
- Withdraw consent where processing is based on consent.
- Complain to your local supervisory authority, including the ICO in the UK where applicable.
5. International Transfers
Lainey and its providers may process data in the United States and other countries. Where required, transfers should rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, the UK Addendum, or other valid mechanisms.
6. Retention
We keep data only as long as needed for the purposes described, including service delivery, subscriptions, support, fraud prevention, tax/accounting, disputes, and legal obligations.
7. Automated Decisions
We may use automated controls for fraud, security, rate limiting, payment risk, and abuse prevention. We do not currently use automated decision-making that produces legal or similarly significant effects without meaningful human review.
8. Requests
Submit requests to support@lainey.app. We may verify your identity and may refuse or limit requests where permitted by law, such as to protect another person, comply with legal obligations, prevent fraud, or preserve dispute records.