Legal

Privacy Policy

Last updated: 5 February 2026. This page explains what personal data MuseuPass Heritage Media L.L.C. collects, why we collect it, how long we keep it and how you can exercise your rights under Egyptian data-protection law and, where it applies, the European Union GDPR.

1. Who runs this website

This website is published and operated by:

MuseuPass Heritage Media L.L.C.
27 El-Galaa Street, Zamalek
Cairo 11211, Egypt
Commercial Registry: 219874
Tax ID (ETA): 712-394-825
Email: [email protected]
Phone: +20 2 2735 6094

MuseuPass Heritage Media L.L.C. acts as the data controller for any personal data processed through this website and through the printed monthly briefing. Questions about this policy or about how your personal data is handled can be sent to the same email address as general inquiries; we will respond within thirty days as required by Egyptian law and, in most cases, considerably faster.

2. Applicable legal framework

Our processing of personal data complies with Egyptian Personal Data Protection Law No. 151 of 2020 and the executive regulations published under it. Where readers in the European Economic Area, the United Kingdom or Switzerland submit personal data through our forms or email, we additionally apply the principles of the EU General Data Protection Regulation (GDPR), the UK GDPR and the Swiss Federal Act on Data Protection on a voluntary basis. Compliance with one of these frameworks is enough to satisfy the strictest of the others in almost every practical case, but if a tension arises we apply whichever framework is more protective of the reader.

3. What personal data we collect

We collect only the personal data you provide while interacting with this website or with the editorial desk by email:

  • Contact-form data: full name, email address, optional phone number, selected reader plan, subject line and the body of your message. All other fields are optional.
  • Email correspondence: any personal data you include voluntarily when writing directly to [email protected] or any other published address.
  • Subscription data: name, billing address, email address and the minimum information required by the payment processor to charge a card legally. The card number itself is never seen by us — it is tokenised by the payment processor.
  • Postal subscribers: postal address for the monthly printed briefing, kept on a single offline list inside the office for printing the envelopes.
  • Technical server logs: standard access logs at the hosting provider containing IP address, user-agent string, requested URL and timestamp, kept for security and abuse-prevention purposes only.

This website does not run third-party advertising trackers, social-media pixels, behavioural analytics scripts, push-notification services or any other tracking mechanism that profiles readers. We do not maintain a tracking pixel of our own either.

4. Why we use this data

We process personal data only for the following clearly defined purposes:

  • To answer the inquiry you sent through the contact form or by direct email.
  • To deliver the reader plan you have subscribed to — open archive access, the monthly briefing, or itinerary work.
  • To send transactional emails such as invoices and renewal notices.
  • To meet the bookkeeping and tax obligations imposed on a Cairo L.L.C. under Egyptian law.
  • To protect the website and its readers against abuse, automated attacks and other security incidents.

We do not use personal data for marketing, profile building, lookalike audiences or any form of cross-site advertising. We do not sell, rent, lease or trade personal data to any third party for any purpose.

5. Legal basis for processing

  • Your consent: when you tick the consent box on the contact form.
  • Performance of a contract: when you subscribe to a paid plan, the data we collect is necessary to fulfil the subscription.
  • Compliance with legal obligations: tax, accounting and L.L.C. recordkeeping under Egyptian law.
  • Legitimate interest: security logging, prevention of abuse, and direct replies to unsolicited inquiries you sent us.

6. Retention periods

Different categories of personal data are kept for different periods:

  • Contact-form submissions and the thread of correspondence that follows them are kept for up to twenty-four months after the last interaction, then deleted.
  • Invoicing and accounting records linked to paid plans are kept for the minimum period required by Egyptian tax law — currently five years from the end of the relevant tax year.
  • Postal-subscriber addresses are deleted from the printing list within thirty days of the end of the paid subscription period.
  • Server security logs are rotated automatically after thirty days unless they contain evidence of a security incident that we are required to retain longer.

7. Sharing personal data with third parties

We share personal data only with the small number of providers we genuinely cannot avoid in order to operate the website and the subscription system:

  • Our hosting provider, strictly for the technical operation of this website.
  • Our certified accountant in Cairo, strictly for the legally required handling of invoices and tax returns.
  • The payment processor we use for card transactions, strictly for processing your payment.
  • The Cairo printing house and the postal service that handle the monthly briefing — for printed subscribers only.
  • Egyptian authorities, where a formal legal request requires us to disclose information.

None of these third parties is permitted to use the personal data we share with them for any purpose other than performing the specific service we have contracted them for.

8. Cookies and similar technologies

This website does not set marketing cookies, analytics cookies, profiling cookies or any cookies operated by third parties. A single first-party technical cookie may be used to remember whether you have already submitted the contact form within the current browser session. The cookie contains no personal data, expires when you close the browser, and is not shared with any third party.

9. Your rights

Under Egyptian Law No. 151 of 2020 you have, at all times, the right to:

  • Know what personal data we hold about you.
  • Request correction of any personal data that is inaccurate or incomplete.
  • Request deletion of your personal data, where its retention is no longer legally required.
  • Withdraw your consent at any time, without this affecting the lawfulness of prior processing.
  • Object to processing based on legitimate interest where your particular situation justifies the objection.
  • Lodge a complaint with the Egyptian Personal Data Protection Centre.

If you are a reader in the European Economic Area, the United Kingdom or Switzerland, you also have the right to data portability and the right to lodge a complaint with your local supervisory authority. To exercise any of these rights, write to [email protected]. We respond within thirty days and we will not charge for handling a reasonable, identifiable request.

10. International data transfers

Personal data submitted through this website is stored on servers physically located within Egypt. Some of the technical providers we rely on (for example, email delivery infrastructure) may process metadata outside Egypt for routing purposes; in those cases we use providers that comply with the recognised international data-protection frameworks. We do not transfer reader personal data to advertising networks or analytics companies, in or outside Egypt.

11. Security

Personal data is stored on servers protected by encrypted connections (HTTPS/TLS) and access controls. Only authorised members of the editorial team are able to read reader inquiries, and only the editor-in-chief and the accountant have access to invoicing records. Postal-subscriber lists are kept on a single offline list inside the office. We maintain reasonable technical and organisational measures to protect personal data against accidental loss, unauthorised access and unlawful disclosure.

12. Children

This website is intended for adult readers. We do not knowingly collect personal data from children under sixteen. If you believe a minor has submitted personal data through this site, please write to us and we will delete it promptly.

13. Changes to this policy

If we update this privacy policy, the updated version is published on this page with a new “last updated” date. Substantial changes are additionally announced on the home page for at least thirty days, and existing subscribers are notified by email so that they have time to consider their position before the new version takes effect.

14. Contact for privacy matters

Questions about this Privacy Policy or about how we handle your personal data can be sent to [email protected] or by post to the office address listed at the top of this page. Our published response time for privacy matters is the same as for editorial inquiries, with a maximum of thirty days as required by Egyptian law. We treat privacy requests as fully editorial priority work, not as a separate compliance backlog.