Legal

Privacy Policy

This policy explains what personal data Nile Heritage Guides LLC collects, why we collect it, how we store and protect it, and what rights you hold over your information. Last revised: 3 June 2026.

1. Who We Are

The data controller for all personal information processed through the visit-egypt.sbs website and related services is:

Nile Heritage Guides LLC
14 Talaat Harb Street, Floor 3, Downtown Cairo, 11511, Egypt
GAFI Registry No.: 483921
Tax ID: 672-481-039
Email: [email protected]
Telephone: +20 2 2393-7841

We are a limited liability company registered in Egypt under the General Authority for Investment and Free Zones (GAFI). All data processing activities described in this policy are carried out by Nile Heritage Guides LLC or by processors acting on our documented instruction. We do not operate as part of any larger corporate group, and no parent company or affiliate has access to personal data collected through this website.

2. Data We Collect

We collect the following categories of personal data:

2.1 Contact and Enquiry Data

When you submit the contact form on contact.html, we collect your first name, last name, email address, enquiry type, and the content of your message. This information is collected because it is necessary to respond to your enquiry.

2.2 Subscription Data

When you activate a research plan subscription, we additionally collect your billing name, billing address, payment card details (processed and stored by our payment processor — we do not store full card numbers on our systems), and subscription tier.

2.3 Server Log Data

Our hosting infrastructure automatically records standard server log data: the IP address of the requesting device, the pages requested, the date and time of the request, the HTTP status code returned, and the browser user agent string. This data is retained for 30 days for security and operational purposes and is not used for behavioural profiling.

2.4 Data You Voluntarily Provide

If you contact us by email directly rather than through the contact form, we will store your email address and any personal information you choose to include in your message for the purpose of responding to your communication.

3. How We Collect Data

We collect data in the following ways:

  • Contact form submissions — when you complete and submit the form on our contact page.
  • Email correspondence — when you email [email protected] directly.
  • Subscription activation — when you initiate a research plan subscription and provide billing information.
  • Server logs — automatically, as a standard function of web hosting infrastructure, for every page load.

We do not use tracking pixels, session recording tools, behavioural analytics platforms, advertising networks, or social media widgets that collect personal data. We do not use Google Analytics, Facebook Pixel, Google Tag Manager, or any equivalent third-party tracking service. The only JavaScript file loaded on our pages is our own js/main.js, which runs entirely in the visitor's browser and transmits no data to any third party.

4. Legal Basis for Processing

Under Egyptian data protection law (Law No. 151 of 2020 on the Protection of Personal Data) and applicable international frameworks, we process personal data on the following legal bases:

  • Contract performance — processing that is necessary to deliver the research plan subscription you have purchased, including maintaining access to the archive, processing billing, and sending subscription-related notifications.
  • Legitimate interests — processing that is necessary for our legitimate interest in operating a responsive research service, including responding to enquiries, maintaining server logs for security purposes, and detecting and preventing fraudulent activity. We have assessed that these interests are not overridden by your rights in these cases.
  • Consent — where we send discretionary communications (for instance, a notification that a major site update has been published), we do so only on the basis of your explicit consent, given when activating your subscription. You can withdraw this consent at any time by contacting [email protected].

5. How We Use Your Data

We use the personal data we collect for the following purposes:

  • Responding to your enquiry via email, including assigning it to the relevant researcher and providing a personalised research response.
  • Processing and managing your research plan subscription, including activation, billing, and cancellation.
  • Sending you subscription-related administrative communications — billing confirmations, renewal reminders, and cancellation confirmations.
  • Where you have consented, sending you optional notifications about significant archive updates relevant to your stated areas of interest.
  • Maintaining server logs for the purposes of security, uptime monitoring, and abuse prevention.
  • Complying with our legal obligations under Egyptian law, including record-keeping obligations applicable to registered companies.

We do not use your personal data for any form of behavioural advertising, profiling, or automated decision-making that produces legal or similarly significant effects on you. We do not sell your personal data to any third party for any commercial purpose. We do not combine your personal data with data from third-party sources to build profiles about you.

6. Data Retention

We retain personal data for the following periods:

  • Contact and enquiry data — retained for three years from the date of the enquiry, after which it is permanently deleted. This retention period allows us to reference previous correspondence when a subscriber sends a follow-up enquiry.
  • Subscription data — retained for seven years from the date of the last transaction, as required by Egyptian commercial law for financial record-keeping purposes.
  • Server logs — retained for 30 days and then automatically deleted.
  • Email correspondence — retained for the same period as contact enquiry data (three years).

At the end of each retention period, data is permanently deleted from our systems and from any backup copies in a manner that renders recovery impossible. We do not archive personal data beyond the stated retention periods.

7. Data Sharing

We share personal data with the following categories of third party only where strictly necessary:

  • Payment processor — we use a third-party payment processor to handle subscription billing. The processor receives your name, billing address, and card details for the purpose of processing payment only. The processor operates under a data processing agreement with us and is prohibited from using your data for any other purpose.
  • Hosting provider — our website and email infrastructure is hosted by a provider based in the EU. Server log data is stored on that provider's servers. The provider operates under a data processing agreement and does not access log content for any purpose beyond infrastructure management.
  • Legal requirements — we may disclose personal data to Egyptian regulatory or law enforcement authorities if required to do so by applicable law, valid court order, or regulatory direction. We will notify you of any such disclosure where we are legally permitted to do so.

We do not share personal data with tour operators, travel agencies, hotels, cruise lines, or any commercial organisation with a stake in Egypt's tourism industry. This restriction is absolute and flows directly from our editorial independence policy.

8. International Transfers

Our primary operations and data storage are located in Egypt. When personal data is transferred to our EU-based hosting provider, the transfer is governed by standard contractual clauses approved by the European Commission, which provide equivalent protections to those applicable within the EU. No personal data is transferred to jurisdictions outside Egypt and the EU without equivalent safeguards in place.

9. Security Measures

We implement the following technical and organisational security measures to protect personal data:

  • All data in transit between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS).
  • Access to personal data held in our internal systems is restricted to staff members who require access to perform their specific function.
  • Our contact form data is stored in an access-controlled internal database with no public-facing interface.
  • Payment card data is handled entirely by our PCI-DSS compliant payment processor. We do not store card numbers, CVV codes, or full card data on our systems at any point.
  • Server access is protected by key-based authentication. No passwords are used for server login.
  • We conduct an internal review of access controls and data handling procedures annually.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay and will report the breach to the relevant Egyptian data protection authority within 72 hours of becoming aware of it, as required by Law No. 151 of 2020.

10. Cookies

This website does not use cookies for tracking, analytics, advertising, or personalisation purposes. No third-party cookies are placed by any service we use. The only browser storage used by our site is a session-level item set by our navigation toggle JavaScript, which is automatically cleared when the browser tab is closed and contains no personal information. You do not need to consent to any cookie to access this website, and no cookie consent banner is shown because there is genuinely nothing to consent to.

11. Your Rights

Under Egyptian data protection law and, where applicable, international frameworks, you have the following rights regarding your personal data:

  • Access — you may request a copy of the personal data we hold about you.
  • Correction — you may request that inaccurate personal data be corrected.
  • Erasure — you may request deletion of your personal data where we have no legal basis for retaining it beyond the period necessary for the original purpose.
  • Restriction — you may request that we restrict our processing of your data while a dispute about accuracy or legal basis is resolved.
  • Objection — you may object to processing carried out on the basis of legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.
  • Withdrawal of consent — where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing that occurred before withdrawal.
  • Portability — where technically feasible, you may request your personal data in a structured, machine-readable format.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before acting on a request.

12. Children's Privacy

Our research content and subscription services are directed at adults and are not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16 without verifiable parental consent, we will delete that data promptly. If you believe we may have inadvertently collected data from a child, please contact us immediately at [email protected].

13. Contact and Complaints

For any questions about this privacy policy, requests to exercise your data rights, or complaints about how we handle personal data, contact:

Nile Heritage Guides LLC — Data Queries
14 Talaat Harb Street, Floor 3, Cairo 11511, Egypt
Email: [email protected]
Telephone: +20 2 2393-7841

We aim to resolve all complaints within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Egyptian Personal Data Protection Centre (PDPC), which is the designated supervisory authority under Law No. 151 of 2020.

This privacy policy was last updated on 3 June 2026. Any material changes to how we handle personal data will be reflected in an updated version of this policy, which will be published at this URL. If changes materially affect your rights, we will notify active subscribers by email.