Privacy Policy

App: eSIM Check (Android)
Publisher: Nordicnode
Effective date: 14 May 2026
Last updated: 14 May 2026

1. Summary

eSIM Check is a small Android utility that tells you whether your phone supports eSIM. The compatibility check itself runs entirely on your device — no information about your phone leaves the device for the check itself. We do collect anonymous usage analytics, crash reports, and (with your consent) serve ads. This page explains exactly what is collected, why, and how to opt out.

2. Who we are

The app is published by Nordicnode, based in the Netherlands. The data controller for the purposes of the EU General Data Protection Regulation (GDPR / AVG) is Nordicnode. You can reach us at the contact address at the bottom of this page.

3. What data is collected

3.1 On-device data used for the eSIM check (not transmitted)

To detect whether your device supports eSIM, the app reads the following from Android's public APIs locally:

Phone manufacturer (e.g. Google, Samsung)
Phone model (e.g. Pixel 8)
Android API level (e.g. 34)
Whether EuiccManager reports eSIM as enabled
Whether the system declares the android.hardware.telephony.euicc feature

This information is used only to compute the verdict shown on the result screen. It is not stored persistently and is not sent to our servers — we don't have any.

3.2 Anonymous usage analytics (Firebase Analytics)

If you give consent, we collect anonymous, aggregated usage events through Google Firebase Analytics to understand how the app is used and to improve it. The events we send are:

Event	When	Parameters
`check_started`	You tap "Check my phone"	None
`verdict_shown`	The result screen appears	verdict (supported / region_locked / unsupported), Android API level, device manufacturer, device model, eSIM hardware flags, whether your model was found in our bundled compatibility list
`affiliate_click`	You tap an offer card	Provider identifier (e.g. `airalo`), the result verdict shown when you clicked (`supported` / `region_locked` / `unsupported`), and the active app language tag (e.g. `nl-NL`)

Firebase Analytics also collects an anonymous app instance identifier, your approximate region (derived from IP and discarded after geolocation), Android version, app version, and similar standard signals. We do not ask for or transmit your name, email, phone number, contacts, photos, location coordinates, or SIM/eSIM identifiers (ICCID/EID/IMSI/IMEI). The app does not request any runtime permissions.

3.3 Crash and stability data (Firebase Crashlytics)

If a crash or non-fatal error occurs and you have given consent, anonymized crash diagnostics — stack trace, device model, Android version, app version — are sent to Firebase Crashlytics so we can fix the bug. No personal content is collected.

3.4 App configuration (Firebase Remote Config)

Firebase Remote Config is used to deliver configuration values to the app (e.g. which affiliate offers to show, default in-app product price). This is a one-way fetch from Google to the app — no user data is sent in the request beyond standard HTTP/SDK metadata.

3.5 Advertising (Google AdMob)

If you give consent, the app shows ads served by Google AdMob. AdMob may collect the Android Advertising ID, IP address, device characteristics, and interaction data with the ad to serve and measure ads. If you decline ads consent, only non-personalized or no ads are shown, depending on your region's legal regime.

Ad personalization, ad storage, ad user data, and analytics storage are defaulted to "denied" under Google's Consent Mode v2 until you grant consent through the in-app consent dialog provided by the Google User Messaging Platform (UMP) SDK.

3.6 Consent state (UMP)

Your consent choices are recorded by Google's User Messaging Platform (UMP) SDK and stored locally on your device so the app remembers them. You can change your choices at any time — see "Your choices" below.

4. Why we collect this data (purposes)

Run the eSIM check — strictly local, on-device computation.
Improve the app — understand which devices use it, which results are most common, where users drop off.
Fix bugs — diagnose crashes.
Deliver configuration — update offers and content without forcing an app update.
Fund the app — show ads and earn affiliate commissions when you tap an offer card and buy from a partner.

5. Legal basis (GDPR / AVG)

Consent (Art. 6(1)(a) GDPR) — for analytics, ads, ad personalization, and crash diagnostics. You can withdraw consent at any time.
Legitimate interest (Art. 6(1)(f) GDPR) — for technical configuration delivery (Remote Config) and for security/fraud prevention.

6. Third-party SDKs and services

Provider	Purpose	Privacy policy
Google Firebase (Analytics, Crashlytics, Remote Config)	Analytics, crash reporting, config delivery	firebase.google.com/support/privacy
Google AdMob	Advertising	policies.google.com/technologies/ads
Google User Messaging Platform (UMP)	Consent management	policies.google.com/privacy
Affiliate partners (if activated — see §7)	Destination websites opened in a Chrome Custom Tab when you tap an offer card	Airalo · Holafly · Saily · GigSky

7. Affiliate links

Current status: at the time of writing, no affiliate partners are configured and the result screen does not show offer cards — the offer slot is filled by a regular AdMob native ad instead (see §3.5). The behaviour described below only takes effect when one or more partners are later activated through Firebase Remote Config; no app update is required for that to happen.

When active, the result screen may show offers from third-party eSIM providers (such as Airalo, Holafly, Saily, GigSky). When you tap an offer, the app opens that provider's website in a Chrome Custom Tab. Some links carry an affiliate identifier so we may earn a small commission if you make a purchase — at no extra cost to you. The link may also include a short non-personal tag identifying that the click came from this app, the result verdict shown to you, and your active app language (e.g. esimcheck_supported_nl) so we can see in our affiliate dashboards which offers are useful. This tag does not identify you. Once you leave the app, the third party's own privacy policy applies; we do not share any personal data about you with them.

8. Your choices

Change consent — open the app, navigate to the privacy options screen, and update your choices. (Available in regions where consent is required.)
Reset Advertising ID — Android Settings → Privacy → Ads → "Reset advertising ID" or "Delete advertising ID".
Disable analytics — withdraw consent in the in-app dialog; analytics will stop being collected.
Uninstall — uninstalling the app removes all locally stored consent state and analytics identifiers.

9. Data retention

Firebase Analytics: default 14 months for user-level data.
Firebase Crashlytics: 90 days for individual crash sessions; aggregated trends retained longer.
AdMob: per Google's retention policies — see the AdMob privacy policy linked above.
On-device data (eSIM check inputs): not retained; recomputed each time you run the check.

10. International data transfers

Firebase and AdMob are operated by Google LLC in the United States and other countries. Where data leaves the European Economic Area, Google relies on the European Commission's Standard Contractual Clauses (SCCs) and supplementary measures as the legal basis for transfer.

11. Children

The app is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has used the app, please contact us so we can remove any associated identifier.

12. Your rights under GDPR / AVG

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the right to:

Request access to the personal data we process about you
Request rectification or erasure
Request restriction of processing
Object to processing based on legitimate interest
Request data portability
Withdraw consent at any time
Lodge a complaint with your supervisory authority — for the Netherlands, this is the Autoriteit Persoonsgegevens (AP)

Because the app does not collect direct identifiers (name, email, phone), an erasure request typically resolves to resetting your Advertising ID and uninstalling the app. If you contact us with a specific Firebase App Instance ID, we can request deletion through Google's data deletion tooling.

13. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you specific rights regarding personal information we may process about you:

The right to know what categories of personal information we collect and the purposes for which it is used.
The right to request deletion of personal information.
The right to opt out of the "sale" or "sharing" of personal information for cross-context behavioural advertising. We do not sell personal information for money. If you decline ads consent in the in-app dialog (or use Android's "Delete advertising ID" setting), no Advertising ID is shared with AdMob for personalised advertising — only non-personalised or no ads are shown.
The right to non-discrimination for exercising these rights.

To exercise any of these rights, contact us using the details in §15. Because we do not collect direct identifiers (name, email, phone), we may need to ask you for your Firebase App Instance ID or Advertising ID to locate and act on the request.

14. Changes to this policy

If we materially change this policy we will update the "Last updated" date above and, where required, surface the change in the app. Continued use of the app after the change constitutes acceptance of the updated policy.

15. Contact

Privacy questions and GDPR requests:

Email: privacy@nordicnode.nl
Subject line suggestion: eSIM Check — privacy

You may write to us in English or Dutch.