Privacy Notice

Ancient Egypt Education Trust L.L.C. ("the Trust", "we", "us") is an educational organisation registered in Egypt. We operate the website at egypthistory.xyz and handle the personal data of anyone who submits the contact form on that site. This notice sets out our practices honestly and in plain language. We have written it to comply with Egyptian Data Protection Law No. 151 of 2020 and its executive regulations, and to reflect the standards of the EU General Data Protection Regulation (GDPR) where those apply to readers based in Europe.

The data controller — meaning the legal entity responsible for deciding how and why personal data is processed — is:

All data-related questions, access requests and deletion requests should be directed to the email address above, using the subject line "Privacy — [your request]".

We collect personal data through one route only: the contact form at egypthistory.xyz/contact.html. The fields in that form are:

• Full name — mandatory. Used to address replies correctly.
• Email address — mandatory. The address to which our reply is sent.
• Role — optional. Provided by the sender to give us context (e.g. secondary teacher, undergraduate student, museum professional). Helps us tailor our response.
• Area of interest — a dropdown selection (Free Reader, Classroom, Institution). Optional context for routing the message internally.
• Message text — mandatory. The substance of the enquiry, question or correction.

We do not ask for, and you should not include, sensitive categories of data — such as health information, financial details, religious beliefs or identity document numbers — in your message. If such information is included, it will be deleted from our records and not stored.

We collect no data from visitors who read the site without submitting a form. There are no account registrations, no newsletter sign-ups and no user profiles on this site.

When you submit the contact form, your browser sends the form fields over an encrypted HTTPS connection to our hosting server. The data is held in a secure message queue and forwarded to our editorial team's inbox. No form data is written to a publicly accessible database or log file that persists beyond the processing of your message. Standard web server access logs (IP address, request path, timestamp) are retained for a maximum of thirty days for security and error-monitoring purposes only; they are not cross-referenced with form submissions.

We process the personal data you submit for a single purpose: to read your message and send you a reply. There is no secondary use. The legal basis for this processing is your freely given, specific and informed consent, obtained at the point of form submission through the checkbox you tick before sending. Under Egyptian Data Protection Law No. 151/2020 and under GDPR Article 6(1)(a), that consent is the lawful ground on which we act.

We do not process your data for any of the following purposes:

• Building behavioural profiles or audience segments
• Targeting advertisements on this site or on any other platform
• Automated decision-making or profiling that produces legal or similarly significant effects
• Selling or renting data to any third party
• Passing data to partners for their own marketing or research purposes

Your message and the contact details you provide are seen only by the editorial staff of the Trust who are responsible for responding to correspondence. Internally, access is limited by role: only the editorial coordinator and the member of staff assigned to answer your enquiry will read your message.

We use a third-party email hosting provider to receive and send messages. That provider processes data solely as a data processor acting on our documented instructions and is contractually bound not to use the data for its own purposes. We do not use audience-measurement or advertising platforms, customer-relationship management tools fed by behavioural tracking, or any cloud service that uses submitted data to train machine-learning models.

We will share your data with a third party only if required to do so by a lawful order from an Egyptian court or competent public authority, and only to the extent strictly required by that order. We will inform you of any such disclosure where we are legally permitted to do so.

Our hosting infrastructure is located in the European Union. Routing your form submission from Egypt to an EU-based server constitutes a transfer of personal data outside Egypt under Law No. 151/2020. We make this transfer on the basis that the EU is a jurisdiction recognised as providing an adequate level of data protection, consistent with the framework of the Egyptian Data Protection Authority's transfer provisions. For readers based in the EU, your data is processed within the EU and is not transferred outside it for storage or processing.

We do not transfer personal data to countries or organisations that do not provide an adequate level of protection equivalent to that required under Egyptian law and the GDPR.

We retain the correspondence record — your name, email address, message and our reply — for 20 months from the date on which the exchange concludes. This period allows us to respond to any follow-up questions arising from the original exchange without asking you to repeat yourself, and to maintain an accurate editorial record of corrections and content requests we have received and acted upon.

After 20 months, correspondence records are permanently deleted from our email system and any internal filing. Deletion is performed on a rolling monthly basis. We do not archive old correspondence in backup systems beyond this period.

If you request deletion of your data before the 20-month period ends, we will act on that request within 30 days (see section 9 below).

This website uses no advertising cookies, no cross-site tracking cookies and no audience-measurement or advertising platform scripts of any kind. There are no third-party scripts loaded from external domains for the purpose of measuring, profiling or targeting visitors.

The only technical cookie this site may set is a session cookie used by the web server to handle form submission state. This cookie contains no personal identifier, is deleted when you close your browser, and is not readable by any third party. It does not require consent under Egyptian or EU cookie rules because it is strictly necessary for the operation of the form.

We do not use fingerprinting, pixel tracking, or any other technique for identifying or following individual visitors across browsing sessions or across other websites.

Under Egyptian Data Protection Law No. 151/2020 and, where applicable, under the GDPR, you hold the following rights in relation to the personal data we process about you:

• Right of access: You may request a copy of the personal data we hold about you and information about how it is processed.
• Right to rectification: If the data we hold is inaccurate or incomplete, you may ask us to correct it.
• Right to erasure: You may ask us to delete your personal data where there is no compelling reason for us to continue holding it.
• Right to restrict processing: In certain circumstances you may ask us to suspend processing while a dispute about accuracy or lawfulness is resolved.
• Right to object: Where we rely on a legitimate interest as a lawful basis (we do not currently do so), you may object to that processing. You also have an unconditional right to object to processing for direct marketing purposes (we carry out none).
• Right to withdraw consent: Because we rely on consent as our lawful basis, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
• Right to data portability: Where processing is based on consent and carried out by automated means, you may request your data in a structured, machine-readable format.

To exercise any of these rights, write to us at [email protected] with the subject line "Privacy — [type of request]". We will respond within 30 days. Where a request is complex or voluminous, we may extend this period by a further 60 days and will inform you of that extension within the initial 30-day window. Requests are free of charge.

The content on egypthistory.xyz is written for a general educated readership and is widely used in secondary and post-secondary educational settings. Teachers regularly submit questions and content requests on behalf of their classes, and school librarians and curriculum coordinators use the site in lesson planning. We are therefore conscious that our contact form may occasionally be used by individuals under 16.

We do not knowingly collect personal data from children under 13 without verifiable parental or guardian consent. If a pupil wishes to submit a question, we ask that this be done by their teacher or a parent on their behalf. If we become aware that we have inadvertently received a submission directly from a child under 13, we will delete that record promptly. Any teacher or parent who believes such a submission has been made should contact us immediately at [email protected] and we will act within two working days.

Pupils between 13 and 16 may use the contact form with parental awareness. We do not profile young people or treat their data differently from adult data in terms of security or retention — it is held under the same 20-month limit and the same deletion protocol.

We take reasonable technical and organisational steps to protect the personal data we hold. These include: transmission over HTTPS (TLS); server-side access controls limiting which staff accounts can read the correspondence inbox; a policy of not printing or copying correspondence to unprotected local storage; and regular review of access permissions when team membership changes. No method of electronic transmission or storage is completely secure, but we apply proportionate safeguards for the small volume and low sensitivity of the data we handle.

If you believe we have handled your personal data in a way that does not comply with this notice or with applicable law, please write to us first at [email protected]. We take all complaints seriously and will investigate and respond within 30 days.

If you are not satisfied with our response, or if you prefer to go directly to a supervisory authority, you may lodge a complaint with the Egyptian Personal Data Protection Centre (PDPC) established under Law No. 151/2020. EU-based readers may alternatively lodge a complaint with the data protection authority in their country of residence.

We review this privacy notice at least once a year and update it whenever our practices change in a way that affects how we handle personal data. Material changes — for example, a new processing purpose or a new category of data — will be reflected in an updated "last updated" date at the top of this page. Where a change is significant, we will note it briefly at the top of the notice for a period of 60 days following the update. Continued use of the contact form after an update constitutes acceptance of the revised notice.

The version published on this page is always the current, operative version. Previous versions are not archived publicly but are available on request to [email protected].