Privacy Policy

This Privacy Policy forms an integral part of the Agreement and explains the purposes of processing by the Company of Customer’s personal data, the types of information processed, the ways of processing and the Customer’s rights regarding such processing.

  1. DEFINITIONS

    "Account" means a Customer’s account, which is identified by the Customer’s information entered during the registration of the Customer in the Company’s system, and which contains the Customer’s balance;

    "Agreement" means the terms and conditions of Services set out collectively in the Terms and Conditions, the Description of Services and in this Privacy Policy;

    "Company", means MTX Connect S.a.r.l. and/or any of its affiliates, subsidiaries, and parent companies involved in rendering the Services to the Customer;

    "Customer" means a registered or potential user of the Services;

    "Data Privacy Laws" mean a set of rules, including their respective modifications, re-enactments and substitutions, which govern the protection of information provided by the Customer to the Company and/or to its third-party subcontractors. Data Privacy Laws applicable to the Company include, in particular: the European Union’s General Data Protection Regulation EU 2016/679 (“GDPR”), Directive 2002/58/EC o privacy in electronic communications, the Luxembourg Law of 30 May 2005 concerning the protection of privacy in the electronic communications sector;

    "Service" means the telecommunication services consisting of conveyance of specific types of communication signals and provided by the Company in accordance with the Agreement;

    "Permanent Roaming" means the use of Services within the same country for more than 60 (sixty) cumulative days within any 4 (four) consecutive months’ period;

    "Personal Data", has the meaning as defined in the GDPR;

    "Processing" or to "Process" means any operation(s) performed on the Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

    "SIM Card" means, as the case may be, either:

    - a physical SIM card manufactured upon request of and in accordance with requirements of the Company; or

    - an eSIM, a downloadable SIM profile that is remotely provisioned on a compatible Customer’s mobile device,

    which is designed to facilitate internet access on the designated territory, at the price of and under the terms and conditions as are set out on in the Agreement;

    "Website" means the Company’s website www.mtxc.eu.

    A reference to applicable laws means a reference to statutory or other regulatory requirement, including its respective modifications, re-enactments and substitutions, that is applicable to a given person, services or a situation. With respect to the Company, the applicable laws include, inter alia, Luxembourg Law of 17 December 2021 transposing Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code.

  2. PURPOSE OF PROCESSING

    The Processing is performed exclusively for the purposes of rendering the Services, which comprise a set of activities (such as: administrative, financial, marketing, sales, management, technical, engineering and other support services) aimed to enable, operate and facilitate the conveyance of electronic communication signals, to improve the performance and utilization of the Services, to develop new features, to protect the security and safety of the Services and the Customers, and to provide customer support. In particular, the Personal Data is processed for: billing purposes (such as: verification of payment instruments, application of money owed for the Services, calculation of charges depending on the roaming parameters, etc.); SIM Card shipping; fraud and similar incident prevention; implementation and maintenance of telecommunications network safety measures; control over and prevention of Permanent Roaming; contract management; compliance with applicable laws (including lawful interception); resolution of disputes; enforcement of the Company’s rights under the Agreement, or other legal rights, or as may be required by applicable laws and/or requested by any judicial or governmental authorities; and other similar auxiliary processing.

    The Customer hereby acknowledges and agrees with the purposes of Processing of his/her Personal Data stated in this Privacy Policy.

    The Company recognizes the importance of protecting the Customer’s Personal Data. The Company is committed to safeguarding the Customer’s privacy through instituting policies and security measures intended to ensure that Customer’s Personal Data is handled in a responsible and safe manner, and in compliance with Data Privacy Laws.

    The Company is a data controller of the Processing of Personal Data.

  3. NOT FOR CHILDREN

    A Customer must be at least 18 years old. Persons under 18 years old are not permitted to use the Services and must not send the Company any information. If a person under 18 submits any information through any part of the Website, such information will be treated by the Company as the information submitted by a person over 18 years old. Should the Company become aware that the person submitting the information is under 18, the Company will attempt to delete this information as soon as possible and to the extent permitted by applicable law. The Company neither knowingly collects any Personal Data about persons under 18, nor it knowingly uses nor discloses or otherwise processes such information.

  4. PERSONAL DATA COLLECTION AND PROCESSING POLICY

    1. INFORMATION PROVIDED BY THE CUSTOMER

      SIM Card Ordering and Account Opening. When the Customer orders a SIM Card or opens an Account, the Company needs to collect certain information about identity of the Customer, his/her registered address, billing information and contact details. For these purposes the Company will ask for the Customer to provide his/her: name; date of birth; registered, billing, shipping and email addresses; contact phone number; personal identification documents; bank account details; documents confirming the Customer’s strong ties with a particular country for the roaming purposes; other documents and information that may be requested by the Company in accordance with applicable laws and/or requested by relevant regulatory authorities.

      Authentication data. The Company may store certain Personal Data for the purposes of authentication in connection with the use of the Services or access to the information related to the Services, such as: user name, password, personal identification number, password hints, and similar data.

      Payment Information. When the Customer adds his/her payment instrument information to the Account, that information is directed to our third-party payment processors under the Data Privacy Laws requirements. The Company does not store the Customers’ payment instrument information on the Company systems; however, the Company has access to, and may retain, the Customer’s payment instrument information through the Company’s third-party payment processors for the purposes of: financial and audit control of the Company; any legal interception in case of fraudulent or similar incidents or dispute resolution; applying the funds owed to the Company as a result of Services rendered.

      Communications. If a Customer contacts the Company directly, the Company may ask such Customer to provide the following Personal Data in order to properly handle a respective query to the Customer’s satisfaction: name, email address, phone number, and any other information the contacting Customer may choose to provide along with his/her query.

    2. INFORMATION COLLECTED WHEN THE CUSTOMER USES THE SERVICES, INCLUDING INFORMATION RECEIVED FROM THE THIRD PARTIES:

      Cookies and Other Tracking Technologies.

      To allow the Company to constantly improve the workability, usefulness and efficiency of the Website and to better respond to the Customers’ orders and requests, the Company uses "cookies" to track the Customers’ visits to and activity on the Website. Such tracking is performed for statistics purposes and all information thus collected is Processed in anonymous form without identification of each particular visitor.

      Anonymous tracking of the Website visits and activity may be done either by the Company or its third-party subcontractors. The Company also uses third-party vendors to help managing the Company’s online advertising on other websites. The third-party vendors also use cookies to serve the Company’s advertisements, which enables the Company to handle the advertisements’ statistics, and to improve and, where necessary, customize the Website to the Customers’ needs.

      A cookie is a piece of information sent to the website visitor’s browser by a web server that uniquely identifies the website visitor’s browser and tracks a visit. This information does not identify the Website visitor’s personally and such visitor remains anonymous, unless the visitor visits the Website under his/her login and password and can be identified in accordance with his/her previously provided Personal Data. Most browsers are structured to accept cookies but the Customer can set his/her browser to turn the cookies off or to set up a notification upon receipt of a cookie, which gives the Customer an option whether to accept the cookie or not. The Customer can see the cookies in the cookies folder on his/her devise used to access the Website and can delete the cookies at any time. However, if the Customer disables the cookies, he/she may not be able to access certain areas or to take advantage of certain features or services available on the Website.

      Device Identification Data. For transmission of communications the Company needs an information that identifies a device from which (or to which) electronic communications are sent (or received). Such information may include: Internet Protocol (IP) address; International Mobile Equipment Identity (IMEI) number; International Mobile Subscriber Identity (IMSI) number; Serial Number; Unique Device Identifier (UDID).

      Electronic Communications Metadata. For the purposes of transmitting, distributing, or exchanging electronic communications content (but excluding the content itself), the Company Processes certain metadata in an electronic communications network. Such metadata includes: data used to trace and identify the source and destination of a communication; data on the location of the device generated in the context of providing electronic communications services; the date, time, duration, and type of communication.

      Data Received from Third-Party Accounts. Should the Customer choose to link the Company’s Services to a third-party account, the Company will receive information about that account, such as authentication token from the third-party account, to authorize the linking. Should the Customer wish to limit the third-party information available to the Company, the Customer should visit the privacy settings of his/her third-party accounts to learn about available options.

  5. INFORMATION SHARING POLICY

    The Company may sub-Process the Customer’s Personal Data by the Company’s affiliates and third-party contractors in a form, for the purposes and within the limits stated below, but at all times subject to the requirements of the Data Privacy Laws.

    Third-Party Subcontractors. The Company may sub-Process certain Personal Data to its third-party service providers that participate in the provision of or in facilitation of rendering of the Services.

    Aggregate Information. Where legally permissible, the Company may sub-Process the Personal Data in aggregated or de-identified form that cannot reasonably be used to identify the Customer.

    Advertising The Company engages various third-party advertising partners to market and promote the Services. For the marketing and promotional purposes the Company may make available certain Personal Data to such partners in aggregated and anonymized form.

    Analytics. The Company uses third-party analytics providers which use cookies to collect non-identifying information. Such analytics provides have their own privacy policies regarding their analytics cookies available at their respective websites.

    Business Transfers. Subject to the provisions of Data Privacy Laws, a Personal Data may be made available to any potential acquirer, successor, or assignee of the Company as a part of any proposed merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which the Company information, including its Customers’ Personal Data, is transferred to one or more third parties as one of the Company’s business assets.

    As Required By Law and Similar Disclosures. The Company may make available the Personal Data to its third-party subcontractors and judicial or governmental authorities to: (i) satisfy any applicable law, regulation, legal process, or governmental request; (ii) enforce the Agreement, including investigation of potential violations thereof; (iii) detect, prevent, or otherwise address fraud, spam/malware or similar incident, security, or technical issues; (iv) respond to the Customer’s requests; (v) protect the Company’s rights and property; insure and protect the safety of the Customers and the public.

    The Customer hereby acknowledges and agrees that the Company may sub-Process the Personal Data in accordance with this section E.

  6. INFORMATION RETENTION POLICY

    The Company retains the collected Personal Data for the purposes of ongoing legitimate business needs, such as: billing, contract management, compliance with applicable legal, tax, and accounting requirements and for other similar legitimate purposes.

    In case where there is no ongoing legitimate business needs to process the Personal Data, the Company either deletes or anonymizes it or, if this is not possible (for example in a situation when the Personal Data has been stored in backup archives), then it is securely stored and isolated from any further processing until deletion is possible.

    The Personal Data provided by the Customer may be archived or stored periodically by the Company according to the backup processes conducted in the ordinary course of business for the disaster recovery purposes.

    The Company stores the Customer’s Personal Data only for as long as it is necessary to achieve the purpose for which it was collected. The Personal Data required for identification purposes under the mandatory provisions of applicable laws is stored for the whole period while the Services are rendered plus certain period after deactivation of the respective Account as the applicable laws may command. Should the Customer want his/her Personal Data deleted at any time, the Customer shall contact the Company at: privacy@mtxc.eu. For the avoidance of doubt, the Customer hereby acknowledges and agrees that deletion of his/her Personal Data makes it impossible for the Company to render the Services to such Customer. The Company may take reasonable steps to verify the Customer’s identity before deleting the Customer’s Personal Data.

  7. DATA ACCESS

    Certain Persona Data is accessible on the Customer’s Account. For other Personal Data the Customer needs to contact the Company at privacy@mtxc.eu.

    The Customer’s ability to access and correct the Customer’s information may be temporarily limited where access and correction could: inhibit the Company’s ability to comply with a legal obligation; inhibit the Company’s ability to investigate, make or defend legal claims; result in disclosure of Personal Data about a third party; or result in a breach of contract or disclosure of trade secrets or other proprietary business information belonging to the Company or to a third party.

    To protect the Customer’s privacy and security the Company may take reasonable steps to verify the Customer’s identity before updating or removing Customer’s Personal Data.

  8. CUSTOMER DATA PROTECTION RIGHTS UNDER DATA PRIVACY LAWS

    The Customer may at any time access, correct, update, or request deletion of the Customer’s Personal Data by emailing to privacy@mtxc.eu.

    The Customer may at any time object to the Processing of Customer’s Personal Data, ask the Company to restrict the Processing of Customer’s Personal Data, request portability of Customer’s Personal Data or withdraw his/her consent to Process the Personal Data. The Customer can exercise these rights by emailing to privacy@mtxc.eu. Withdrawing the consent by the Customer will not affect the lawfulness of any Processing the Company conducted prior to the withdrawal, nor will it affect the Processing of the Customer’s Personal Data conducted in reliance on lawful processing grounds other than consent. For the avoidance of doubt, the Customer hereby acknowledges and agrees that withdrawal of consent, objection to or restriction of any Processing of his/her Personal Data makes it impossible for the Company to render the Services to such Customer.

    Customer has the right to complain to a data protection authority about the Company’s Processing of the Customer’s Personal Data. For more information, the Customer should contact the local data protection authority.

    The Company responds to all requests received from individuals wishing to exercise their data protection rights in accordance with Data Privacy Laws.

  9. OPTING IN AND OUT

    Upon registering an Account or anytime thereafter, the Customer may consent to an option of receiving the information from the Company about updates to the Services, promotions, special offers and other marketing and promotional communications. To unsubscribe or opt out from such communications the Customer shall withdraw his/her consent through the Website, or use the unsubscribe weblink contained in a respective communication, or send a request at privacy@mtxc.eu.

    Should the Customer choose any opt-in option for the Company’s third-party contractors’ marketing and promotional communications, the Customer shall follow the relevant third party’s privacy policy for the Customer’s opt-in and opt-out rights with respect to such communications.

  10. WEBSITE LINKS

    The Website may contain links to other websites or other websites may be linked to the Website. The privacy policies posted on such other websites shall be observed by the Customer. The Company is not responsible for privacy practices, content, information collection practices and security measures of any websites except for the Website. This Privacy Policy solely applies to the Website. The Company does not exercise any control over the websites displayed as links or advertisements from within the Company’s various services. These other websites may place their own cookies or other files on the Customer’s device, collect data or solicit Personal Data from the Customer. This Privacy Policy is inapplicable to such activity.

  11. SECURITY

    The Company is committed to protecting its Customers’ Personal Data. To do so, the Company maintains physical, electronic, and procedural safeguards in connection with the Processing of the Customer’s Personal Data, designed to protect the information from unauthorized access, use, or disclosure. The measures the Company uses are designed to provide a level of security appropriate to the risk of Processing Personal Data.

  12. INTERNATIONAL DATA TRANSFERS

    The Company is engaged in a global business. The Company may transfer a Personal Data to countries other than the country in which such Personal Data was originally collected. These countries may not have the same data protection laws as the country in which the Customer initially provided the information. When the Company transfers the Customer’s Personal Data to other countries, the Company will protect and will procure the protection of that information in accordance with this Privacy Policy and Data Privacy Laws.

    The Customer hereby acknowledges and agrees to the international Personal Data transfer by the Company.

  13. CHANGES TO PRIVACY POLICY

    This Privacy Policy is subject to any further amendments or modifications at any time due to development of the Website and the Services or as may be required by the Data Privacy Laws. Any such amendment or modification will become effective for a particular Customer when posted on the Website AND accepted by such Customer through a separate consent. For any queries regarding this Privacy Policy, please contact the Company’s Data Protection Officer at privacy@mtxc.eu, or via post addressed to:

    MTX Connect S.à r.l. 4, 37 Grand Rue, L-4393 Pontpierre, Luxembourg.

    Refusal to accept this Privacy Policy and any amendments or modifications hereto makes it impossible for the Company to render the Services to a respective Customer.

    All other matters of data privacy not covered in this Privacy Policy shall be governed by GDPR and respective guidelines clarifying the GDPR provisions. In case of any discrepancy between the provisions of this Privacy Policy and mandatory rules of GDPR (together with respective guidelines) the latter shall prevail.

Logo top

Download PDF

Download PDF