Privacy Policy

Effective date: 5th October 2025
Last updated: 5th October 2025

Who we are

Egyptson MGT provides privately guided travel services.
Registered in: Sweden. Reg./Org. No.: 559151-8963
Registered address: Höllvikstrandsvägen 67B, Höllviken, Sweden
Contact: privacy@egyptson.com | +46 761880211
Data Protection Officer / Privacy contact (if applicable): Pia Egyptson | +46 761880211 | pia.egyptson@egyptson.se

Personal data we collect

We collect and process the following categories of personal data, only as needed to arrange and deliver your trip:

  • Identity & contact: name, email, phone, postal address, nationality, date of birth.

  • Travel documentation: passport/ID details, visa information (where required).

  • Booking details: travel dates, itinerary components, cabin/room category, companions, payment status.

  • Preferences & requirements: dietary needs, accessibility/mobility notes, bed configuration, special occasions.

  • Communications: emails, forms, call notes, message history.

  • Payments: we use Stripe to process payments; we do not store full card numbers.

  • Website & device data: IP address, pages viewed, browser type, cookies/analytics. See our Cookie Policy.

Special category data. When necessary to arrange your trip (e.g., dietary needs related to health; accessibility needs), we process such information only with your explicit consent and limit sharing strictly to relevant suppliers.

Children. For guests under 18, we collect only data needed to arrange travel and require consent or authorization from a parent or guardian where required by law.

How we collect data

  • Directly from you (enquiry forms, emails, calls, bookings).

  • From your travel companion or agent (when they book on your behalf).

  • From suppliers confirming services (e.g., hotels, cruise lines).

  • Automatically via our website (cookies/analytics).

Why we use your data (lawful bases)

  • To perform a contract (or take steps at your request): plan, book, and operate your trip; manage payments; provide support.

  • Legitimate interests: service quality, itinerary optimization, fraud prevention, securing our services, limited direct marketing to existing customers (you can opt out).

  • Legal obligations: tax, accounting, regulatory reporting, sanctions screening where applicable.

  • Consent: marketing communications to non-customers, cookies beyond strictly necessary, and any special category data. You may withdraw consent at any time.

How we share your data

We share only what is necessary to deliver your trip or run our business:

  • Travel partners: hotels and lodges, cruise/vessel operators, airlines/rail, local guides/Egyptologists, destination management companies, transfer providers, ticketing services, attractions.

  • Support services: payment processors, IT hosting and CRM, communications tools, analytics, professional advisors (legal/accounting), insurance providers/brokers.

  • Authorities: if legally required (e.g., border/immigration, law enforcement).

We require our suppliers and processors to protect your data and to use it only for the agreed purpose.

International transfers

To arrange services in destinations outside the EEA (for example, Egypt), we may transfer personal data to countries that may not provide the same level of data protection. Where we do so, we rely on appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) with our processors/partners, and/or

  • Transfers necessary for the performance of your contract (e.g., providing your name and travel dates to a hotel or guide), and

  • Risk assessments and minimization, sharing only what is necessary.

You may contact us for copies of relevant safeguards.

Retention

We keep personal data only as long as needed:

  • Booking records & invoices: up to 6–7 years to meet accounting/tax obligations.

  • Enquiries (no booking): 12 months after last contact.

  • Passport/ID copies: deleted within 30 days after trip completion unless a longer period is legally required (we prefer not to store copies unless essential).

  • Marketing data: until you withdraw consent or opt out.

  • Website analytics: per our Cookie Policy.

Security

We apply technical and organizational measures to protect your data: encrypted transport (HTTPS), access controls, least-privilege permissions, staff training, vendor due diligence, and incident response procedures. No method is 100% secure, but we continuously improve our safeguards.

Your rights (EU/EEA, incl. Sweden)

You have the right to access, rectify, or erase your data; restrict or object to processing; and data portability. Where processing is based on consent, you may withdraw consent at any time.

To exercise your rights, contact us at [privacy@yourdomain.com].
You also have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY), the Swedish Authority for Privacy Protection.

Marketing choices

We send marketing only with your consent or where permitted by law (e.g., to existing customers). You can opt out at any time via unsubscribe links or by contacting us.

Cookies

We use cookies and similar technologies for essential site functions, performance, and (optionally) personalization/marketing. See our Cookie Policy for details and consent choices.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated on this page and, where appropriate, by email. Please check the “Effective date” above.

Contact

Questions or requests:
Email: privacy@egyptson.com
Address: Höllvikstrandsvägen 67B, Höllviken, Sweden
Phone: +46761880211
DPO/Privacy lead: Pia Egyptson