Ready when you land. Instant eSIM coverage in 190+ countries
Pre-launch legal draft

Privacy policy

How Wisp expects to collect, use, share and protect personal information.

Last reviewed: 12 July 2026

1. Who is responsible

The Wisp legal entity will be the controller of personal information described in this policy. Its registered name, address and privacy contact must be added before launch.

This notice is structured around UK GDPR transparency requirements and must be updated once Wisp’s final suppliers, processing locations and retention schedule are known.

2. Information we collect

The information collected depends on how you use Wisp.

  • Identity and contact information, such as name and email address.
  • Account, order, plan, activation and support history.
  • Payment status and transaction references; full card details should be handled by the payment provider rather than stored by Wisp.
  • Device, browser, IP address, approximate location, language and diagnostic information.
  • Cookie choices, marketing preferences and interactions with the website or messages.

3. Why we use information

We use personal information only where there is a lawful basis.

  • Contract: to create accounts, process orders, deliver eSIM details, provide support and manage refunds.
  • Legal obligation: to keep required accounting records, respond to lawful requests and meet consumer-protection duties.
  • Legitimate interests: to secure the service, prevent fraud, improve reliability and understand aggregated product performance where those interests are not overridden by your rights.
  • Consent: for optional marketing or non-essential cookies where consent is required.

4. Who receives information

Information may be shared with carefully selected providers where necessary to operate Wisp.

  • eSIM platform, connectivity and mobile-network partners.
  • Payment, fraud-prevention and accounting providers.
  • Cloud hosting, email delivery, customer-support and security providers.
  • Analytics or marketing providers only in line with cookie choices.
  • Authorities, advisers or potential corporate purchasers where lawfully required.

5. International transfers

Some suppliers may process information outside the UK. Before launch, Wisp must identify those locations and document the relevant adequacy regulation, UK International Data Transfer Agreement, UK Addendum or other permitted safeguard. You will be able to request information about applicable safeguards.

6. How long information is kept

Wisp will retain information only for as long as needed for the stated purpose, legal duties, dispute handling and security. The final schedule must be confirmed before launch.

As an initial operating assumption, account data will be kept while an account is active; support records for a limited period after resolution; and transaction records for the period required by tax and accounting law, which may commonly be up to six years in the UK.

7. Your data-protection rights

Depending on the circumstances, you may have rights to access, correct, erase or restrict personal information; object to certain processing; receive portable data; and withdraw consent. Some rights are limited where Wisp must retain or process information for legal or contractual reasons.

You may also complain to the UK Information Commissioner’s Office. Wisp should be given an opportunity to resolve the concern first, but this is not a requirement.

8. Security, children and changes

Wisp will use proportionate technical and organisational safeguards, but no online service can promise absolute security. Customers should protect account credentials and eSIM installation details.

The service is not directed to children under 13. This policy may be updated when the service, suppliers or law changes; significant changes will be highlighted.