Privacy Policy

1. Who We Are and How to Contact Us

This website is operated by Kemet Heritage Consultancy LLC, a limited liability company registered in the Arab Republic of Egypt with Tax ID 647-382-091. Our registered office is at 14 Talaat Harb Street, 4th Floor, Downtown Cairo, 11511, Egypt. We are the data controller for all personal information collected through this website and in the course of our commercial services.

If you have questions about how we process your personal information, or if you wish to exercise any of the rights described below, please contact us at: [email protected] or by post to the address above. We will respond to all substantive privacy enquiries within fifteen business days.

2. Scope of This Policy

This privacy policy applies to personal information collected through the website at history-egypt.sbs ("the website"), through email correspondence with our team, and through the provision of our consulting and document services. It does not apply to third-party websites that may be linked from our website — those sites maintain their own privacy policies, and we have no responsibility for their practices.

We do not operate a social media presence in the name of Kemet Heritage Consultancy LLC. Any account using our name on social media is not authorised by us, and we are not responsible for any personal data practices associated with such accounts.

3. What Personal Information We Collect

We collect personal information directly from you when you interact with us. The categories of information we collect are as follows:

• Identity information: your full name, as provided in our contact or enquiry forms.
• Contact information: your email address and, if you choose to provide it, your telephone number and mailing address.
• Enquiry content: the content of messages you send us through the website contact form or by email, including details of your travel plans, professional affiliation, or research requirements as you choose to describe them.
• Payment information: when you proceed to an engagement with us, we collect the bank account details you provide for transfer purposes and the invoicing information you supply (billing name, address, VAT number if applicable). We do not store card numbers — we do not process card payments directly.
• Correspondence records: records of our email and written exchanges with you, as needed to fulfil our service obligations and to maintain an accurate account of client requirements.
• Technical access data: our web server logs record standard technical data for each connection — IP address, browser type, page requested, date and time, and HTTP status code. This data is retained for thirty days for security monitoring purposes and is then automatically deleted. We do not use this data to build personal profiles.

We do not knowingly collect special categories of sensitive personal data (health, religion, political views, biometric data) through this website. If you mention such information in a free-text message field, we treat it with particular care, use it only to fulfil your specific request, and do not retain it beyond what is necessary for that purpose.

4. How and Why We Use Your Information

We process your personal information for the following purposes, each of which has a distinct legal basis under applicable Egyptian personal data protection requirements:

• Responding to enquiries (legitimate interest and contractual performance): when you submit a contact form or email us, we use your name and email address to respond. If your enquiry leads to a service engagement, we retain the enquiry record as part of the client file.
• Providing our services (contractual performance): when we agree to provide museum guides, site briefings, itinerary consulting, or group orientation, we use your contact and requirement information to deliver those services to the agreed specification and timeline.
• Invoicing and payment processing (contractual performance and legal obligation): we retain invoice records in accordance with Egyptian commercial accounting requirements. Invoices are retained for a minimum of seven years from the date of issue, as required by Egyptian commercial law.
• Improving our services (legitimate interest): feedback provided by clients — whether solicited or spontaneously offered — may be used in anonymised form to improve our documents and processes. We do not use identifiable client information for improvement purposes without your explicit consent.
• Security and fraud prevention (legitimate interest): server access logs and, where applicable, records of unusual contact patterns, are reviewed for security purposes and to protect against fraudulent use of our contact infrastructure.

We do not use your personal information for automated decision-making or profiling. We do not send marketing communications without your explicit consent, and we do not use your information to infer characteristics beyond those directly relevant to fulfilling your service request.

5. Who We Share Your Information With

We do not sell, rent, or trade your personal information to any third party. We do not share your information with advertising networks, data brokers, or marketing platforms. We share your information only in the following limited circumstances:

• Within our team: your enquiry and client details are accessible to Kemet Heritage Consultancy team members whose roles require it to deliver your service (research specialists, client coordinator, director). All team members are subject to confidentiality obligations.
• Service providers acting as processors: we use a small number of external service providers to support our operations — specifically, our email hosting provider (whose servers process email communications) and our bank (which processes payment transfers). These providers are contractually prohibited from using your data for any purpose other than fulfilling their contracted function for us.
• Legal requirements: we will disclose personal information if required to do so by applicable Egyptian law, court order, or governmental authority. We will, to the extent legally permitted, notify you if such a disclosure is required.
• Business transfer: in the event of a merger, acquisition, or transfer of our business assets, personal information held by us may be transferred to the successor entity, subject to the same privacy protections described in this policy.

6. International Data Transfers

Because we serve clients internationally and use email infrastructure hosted outside Egypt, your personal information may be transferred to and processed in countries other than Egypt. Where such transfers occur, we take steps to ensure adequate protection is in place — including using providers who have committed to appropriate data protection standards and, where required, implementing contractual clauses equivalent to those recognised by Egyptian personal data protection requirements.

Our email correspondence with clients based in the European Union is subject to the additional safeguards of the EU General Data Protection Regulation (GDPR) to the extent that we act as a data controller in relation to EU-resident individuals. If you are based in the EU and wish to exercise GDPR rights, please contact us and we will handle your request accordingly.

7. How Long We Keep Your Information

We retain personal information only for as long as necessary for the purposes described in this policy, subject to the following specific retention periods:

• Enquiries that do not result in a service engagement: your contact details and enquiry content are retained for twelve months from the date of your last contact with us, then deleted. This period allows us to re-engage if you return with a follow-up enquiry.
• Client service records: your name, contact information, and the records of services provided (itinerary, documents delivered, correspondence) are retained for three years from the date of the last service delivery to you. This allows us to provide continuity of service if you return as a client.
• Invoice and payment records: as required by Egyptian commercial accounting law, invoice records are retained for a minimum of seven years from the date of issue.
• Server access logs: retained for thirty days, then automatically deleted.

At the end of these retention periods, data is securely deleted from our systems or anonymised such that it can no longer be associated with you.

8. Your Rights Over Your Personal Information

You have the following rights with respect to personal information we hold about you. To exercise any of these rights, please contact us at [email protected] with your name and a description of your request. We will respond within fifteen business days.

• Right of access: you may request a copy of the personal information we hold about you, together with an explanation of how we use it.
• Right to rectification: if information we hold about you is inaccurate or incomplete, you may ask us to correct it.
• Right to erasure: you may ask us to delete your personal information. We will do so where we have no legal obligation to retain it and where deletion does not impair an ongoing contractual obligation.
• Right to restrict processing: in certain circumstances, you may ask us to suspend processing of your information while a dispute or complaint is resolved.
• Right to data portability: where technically feasible and where our processing is based on your consent or a contract with you, you may request your information in a structured, machine-readable format.
• Right to object: where our processing is based on legitimate interests, you may object to that processing. We will assess your objection and cease the relevant processing unless we have compelling legitimate grounds to continue.
• Right to withdraw consent: where processing is based on consent (which, for the purposes of this website, applies only to any marketing communications you may have explicitly opted into), you may withdraw that consent at any time by contacting us or using any unsubscribe mechanism provided.

9. Cookies and Tracking Technologies

This website does not use advertising cookies, tracking pixels, or third-party analytics scripts. We do not embed Facebook, Google, or any other platform's tracking code. The website operates without a cookie consent banner because no consent-requiring cookies are set.

The website's web server sets a standard session cookie solely to maintain a consistent browsing experience (for example, to remember your navigation position within a single session). This cookie contains no personally identifiable information, is not shared with any third party, and expires when you close your browser. No persistent cookies are set by this website.

If you have arrived at this website via a third-party link or advertisement, the originating platform may have set its own cookies on your device. Those cookies are subject to that platform's privacy policy, not ours.

10. Security of Your Information

We take reasonable and appropriate technical and organisational measures to protect personal information from unauthorised access, disclosure, alteration, or destruction. These measures include: encrypted email transmission (TLS) for all communications, access restrictions so that client data is accessible only to team members with a business need, and password-protected file storage for client documents.

No method of electronic transmission or storage is completely secure. While we work hard to protect your personal information, we cannot guarantee its absolute security. If we become aware of a security breach that is likely to result in harm to individuals whose data was affected, we will notify relevant authorities and affected individuals as required by law.

11. Children's Privacy

Our services are directed at adult travellers, academic researchers, and heritage tourism professionals. We do not knowingly collect personal information from individuals under the age of eighteen. If you believe a person under eighteen has provided personal information to us without appropriate parental consent, please contact us and we will delete the information as quickly as practicable.

12. Third-Party Links

Our website may include links to external websites — for example, the websites of archaeological institutions, the Supreme Council of Antiquities, or academic resources we reference. These external sites are not operated by us and are not covered by this privacy policy. We recommend reading the privacy policy of any third-party site before submitting personal information to it. We are not responsible for the content or privacy practices of any external website.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, applicable law, or the technical environment in which we operate. When we make material changes, we will update the "last updated" date at the top of this page. For significant changes that affect how we process your personal information, we will make reasonable efforts to notify existing clients by email. Your continued use of this website or our services after any change to this policy constitutes acceptance of the updated terms. We encourage you to review this policy periodically.

14. Governing Law and Dispute Resolution

This privacy policy and any disputes arising from it are governed by the laws of the Arab Republic of Egypt, including the provisions of Egypt's Personal Data Protection Law (Law No. 151 of 2020) and its executive regulations. Any disputes that cannot be resolved by direct contact with our team will be referred to the competent courts in Cairo, Egypt. If you are based in the European Union, you also have the right to lodge a complaint with your national data protection supervisory authority.