Carrefour eSIM data travel - Privacy Policy

Privacy Policy

1. Introduction
  • This privacy policy (“Notice“) is intended to inform you about how your Personal Data will be handled by Gott Soluções Tecnologicas, Unipessoal, Lda (“Gott” “we” “us” or “our”) and sets out the information including personal information detailed below relating to you or which you provide to us (“Personal Data“) that will be collected and processed by Gott and/or on its behalf by its third party service providers when you contact us through our channels, such as our website or, once you have contracted for our services. We are required to give you this information, including to inform you about your data protection rights, under the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
2. Gott as data controller
  • For the purposes of this Notice, the controller of your personal data is Gott. Gott is responsible for your Personal Data.
  • Gott is committed to respecting your fundamental right to the protection of your Personal Data and this Notice is intended to inform you about the processing of your Personal Data by us.
3. Types of Personal Data we process about you
  • 3.1 Website Usage and Device Data: When you visit our website. Your visits and interactions with our website including which webpages you visit, time and date of access, what you click on, when you perform these actions; Your device data including your IP address, location data, device type and language, browser type and other related information; and Any linked websites that you access through the website. Most of this Personal Data is collected using cookies on the Website. Please see our Cookies Policy for more information about how the website uses cookies.
  • 3.2 Customer Data: When you purchase an e-SIM or data plan. Full name; country of residence; current location; tax number, residential address; network provider; telephone number; payment information; e-mail address; device type (e.g. model); and if necessary by authorities a copy of your passport, driving licence or similar documentation for identification (where necessary); and other details relating to you when you interact with us regarding the purchase of an e-SIM.
4. Sources of your Personal Data
  • During the course of our contractual relationship with you or when you visit our website, we will collect Personal Data either: (1) directly from you, or (2) indirectly from third parties (for example, once you have contracted for our services, through our affiliates or partners).
    When you browse on our website, different cookies and other tracking devices may be installed on your device, as set out in our Cookies Policy. Where we collect your Personal Data by using cookies on our website, which are not necessary for the Website to operate, we require your consent to do so.
5. For what purpose and on what legal basis do we process personal data?
  • We have set out in the below table the key context upon which (“Legal Basis“) we process your Personal Data. We also explain how (“Nature of Processing“) and why (“Purposes“) we obtain and collect your Personal Data.
  • Legal Basis

    Nature of Processing and Purposes

    Categories of Personal Data

    Compliance with a Legal Obligation

    Gott may process your Personal Data where it is necessary to comply with legal obligations to which we are subject under European Union and/or applicable laws, including but not limited to safeguarding and complying with law enforcement requests.  

    Customer Data Website Data

    Performance of a Contract

    • To provide you with access to the website and to allow you to use the website.
    • To manage the purchase of the e-SIM or data plan that we sell on our website and the payment relating to such products.
    • To calculate and issue charges for services provided to you.
    • To review and attend to customer incidents, queries, complaints or requests relating to our products and services.
    • To manage and perform any after-sales services.
    • To manage your registration as a user of our website, as well as to allow your access to the Gott’s private user area.

    Customer Data Website Data

    Legitimate Interest

    • To facilitate the use of your e-SIM or data plan, including the administration of your account, and to provide customer care to you.
    • To better understand how our customers use our website in order to improve it. To tailor products and services to you and, if you consent to direct marketing, to tailor direct marketing.
    • To monitor against and prevent cyber-security issues and unauthorized use of our information, IT systems and/or equipment.
    • To streamline our business processes by using external platforms;
    • To conduct internal business reviews and, if necessary, contact the customer in the event that fraud or identity theft is detected or there are reasonable suspicions of fraud, identity theft or illegal activity.
    • To conduct periodic reviews of our services and carry out satisfaction surveys to evaluate and improve the quality of the service we provide.
    • To carry out any other activities necessary to the running of our business, including system testing, network monitoring, staff training, and quality control.

    Customer Data Website Data

6. With whom do we share Personal Data?

Depending on the Purpose for which we process your Personal Data, we may share such Personal Data with some or all of the following recipients to the extent necessary:

  • 6.1 Gott´s internal/ intra-group entities: Internal departments and services (such as our sales department, marketing department or IT department).
  • 6.2 Telecommunications service providers: Service providers located in the appropriate jurisdiction for which the e-SIM service was purchased.
  • 6.3 Regulatory authorities and law enforcement agencies: Where we are under a duty to disclose or share your Personal Data in order to comply with any legal or regulatory obligation or request.
  • 6.4 Third party vendors: subcontractors where we hire services to the end user identification and verification process (eKYC) and payment gateway (stripe).
  • 6.5 Third party advisors/ professionals: Professional advisors who provide professional services to us e.g. consultants, legal advisors.
7. Your data protection rights
  • Right of Access

    You have the right to request a copy of the Personal Data held by Gott about you and to access the Personal Data which we hold about you.

  • Right to Object

    You have a right to object at any time to the processing of your Personal Data where Gott processes your Personal Data on the legal basis of pursuing its legitimate interests.

  • Right to Rectification

    You have the right to have any inaccurate Personal Data which Gott holds about you updated or corrected.

  • Right to Erasure

    In certain circumstances, you may also have your Personal Data deleted. For example, if you exercise your right to object and Gott does not have an overriding reason to process your Personal Data or if we no longer require your Personal Data for the purposes as set out in this Notice.

  • Right to Restriction of Processing

    You have the right to ask Gott to restrict processing your Personal Data in certain cases, including if you believe that the Personal Data that we hold about you is inaccurate or if our use of your Personal Data is unlawful.

  • Right to Data Portability

    You may request Gott to provide you with your Personal Data which you have given Gott in a structured, commonly used and machine-readable format.

  • Right to lodge a complaint

    You have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or in the place where an alleged infringement occurred.

  • Right to Object to Automated Decision-Making, including Profiling

    You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning Data Subjects or similarly significantly affects them. We may not be able to comply with this request where the processing is necessary to enter or perform our contract with them or when the processing is authorised under a law to which we are subject.

8. How long do we retain your Personal Data

In general, we will store your Personal Data in accordance with our obligations under applicable European Union laws and/or for as long as we have a relationship with you plus a reasonable period of time after that. Your Personal Data will be stored as long as necessary in light of the purpose(s) for which it was obtained. The criteria used to determine the retention periods include:

  • The length of the contractual relationship plus 3 years after that from the date of termination;
  • Whether retention is prudent in light of Gott’s legal position (such as with respect to statutes of limitations, litigation or regulatory investigations); and/or
  • Whether there is a legal obligation to which Gott is subject.
9. Children’s Personal Data
  • Gott understands the importance of safeguarding the Personal Data of children, which we consider to be an individual under the age of 18 in Europe or the equivalent age as specified by law in your jurisdiction.
  • Users must be (i) 18 or older, or (ii) 13 and older if either (a) an emancipated minor, or (b) he/she possess legal parental or guardian consent. In the event that we learn that we have collected any personal information from a user under the age of 13, we will attempt to identify and delete that information from our database.
10. Who should I contact in order to exercise my data protection rights or for any questions relating to my Personal Data?
  • Gott has a Data Protection Officer in accordance with applicable laws. If you have any questions about the information detailed in this Notice or would like to exercise your data protection rights, please contact our data protection at or our customer service team at
11. Updates to this Notice and other information
  • We will make best efforts to keep this Notice up to date. This Notice will be regularly reviewed and may be amended and updated from time to time as necessary. Any updates to this Notice will be posted to this section of the website.
  • This Notice is drafted in the English language. In the event that there is a conflict between this English language version of the Notice and any translated copies of the Notice, the English version shall prevail.