Privacy Policy

This Privacy Policy explains how IGBS — International Group for Business Solutions ("IGBS," "we," "us," or "our") collects, uses, discloses, and protects personal data when you visit our website at ig-bs.com (the "Site"), engage our legal services, or otherwise interact with us.

We are committed to handling your personal data in accordance with the Egyptian Personal Data Protection Law No. 151 of 2020 (the "PDPL"), the EU General Data Protection Regulation (Regulation 2016/679) ("GDPR") where applicable to visitors located in the European Economic Area, and other applicable data protection laws.

1. Who we are

IGBS is an intellectual property and business solutions firm headquartered in Cairo, Egypt. Founded in 2006 (formerly operating as IGIPS), IGBS provides trademark registration, patent prosecution, industrial design protection, IP enforcement, company formation, and corporate compliance services for clients in Egypt and the broader MENA region.

For the purposes of the PDPL and the GDPR, IGBS is the data controller of personal data collected through the Site and through our client engagements.

2. Personal data we collect

We collect the following categories of personal data:

2.1 Information you provide directly

• Contact information: name, email address, phone number, company name, job title, country/region — collected when you submit our contact forms, request a consultation, subscribe to communications, or correspond with us by email or WhatsApp.
• Service-related information: trademark or intellectual property details, brand information, commercial registration documents, and any other information you provide to enable us to deliver the legal services you have requested.
• Identification documents: where required for client onboarding under Egyptian anti-money-laundering rules or for representation before the Egyptian Trademark Office (EIPA) or other authorities — including passport or national ID, Power of Attorney documents, and corporate registry extracts.

2.2 Information collected automatically

When you visit the Site, we automatically collect:

• Device and browser information: IP address, browser type and version, operating system, device type, screen resolution, time zone.
• Usage information: pages viewed, time spent on pages, click patterns, scroll depth, links clicked, referring URL, search queries that led you to the Site.
• Session recordings and heatmaps: we use Microsoft Clarity, which records aggregated and anonymized interactions with our Site to help us improve usability. See Section 6 for details.
• Cookies: small text files stored on your device. See Section 5.

3. How we use personal data

We process personal data for the following purposes:

• To provide our legal services — communicating with you about prospective or active engagements, preparing and filing trademark applications, conducting clearance searches, responding to office actions, and representing you before EIPA and the courts.
• To respond to your inquiries — including consultation requests submitted via the Site, email, WhatsApp, or phone.
• To improve our Site and services — analyzing usage patterns, identifying technical issues, and testing changes to our content and design.
• To send communications — service updates, newsletters (where you have subscribed), and changes to our legal terms.
• To comply with legal obligations — including obligations under Egyptian anti-money-laundering rules, tax law, and the rules governing registered trademark agents under Law No. 82 of 2002.
• To protect our rights and prevent fraud — investigating and preventing security incidents, unauthorized access, and misuse of the Site.

4. Legal basis for processing

Under the PDPL and the GDPR, we process personal data on one or more of the following legal bases:

• Consent: for marketing communications, non-essential cookies, and any processing that requires consent under applicable law. You may withdraw consent at any time.
• Performance of a contract: for delivering legal services you have engaged us to provide.
• Legal obligation: for compliance with Egyptian law (AML, tax, EIPA regulations) and other applicable regulatory regimes.
• Legitimate interests: for improving our Site, securing our systems, communicating with prospective clients who have contacted us, and conducting analytics. Where we rely on legitimate interests, we balance these against your rights and freedoms.

5. Cookies and tracking technologies

We use cookies and similar technologies to operate the Site, remember your preferences, analyze how you use the Site, and (where you consent) deliver tailored marketing. For full details, see our Cookie Policy.

Cookies on this Site fall into four categories:

• Strictly necessary — required for the Site to function. Always active.
• Performance and analytics — help us understand how visitors use the Site (Google Analytics 4 via Google Tag Manager, Microsoft Clarity). Active only with your consent.
• Functionality — remember preferences such as language. Active only with your consent.
• Targeting and advertising — used by Google Ads to display relevant ads on third-party sites. Active only with your consent.

When you first visit the Site, a consent banner allows you to accept or reject non-essential cookies. You can change your preferences at any time via the cookie settings link in the footer.

6. Third-party services and data processors

To operate the Site and provide our services, we engage the following third-party processors. Each processor is bound by data processing terms that include appropriate safeguards under the PDPL and GDPR:

6.1 Google (Google LLC, Mountain View, USA)

We use the following Google services:

• Google Tag Manager — a tag-management container that loads other tags (Analytics, Ads) on the Site.
• Google Analytics 4 (GA4) — measures Site usage on an aggregated and pseudonymized basis. IP anonymization is enabled. Data is retained for 14 months from collection.
• Google Ads / Google Ads Manager — used (where you consent to targeting cookies) to measure ad performance and deliver remarketing to users who have visited the Site.

For Google's own data handling, see Google's privacy policy: policies.google.com/privacy.

You may opt out of Google Analytics tracking using the official browser add-on at: tools.google.com/dlpage/gaoptout.

6.2 Microsoft Clarity (Microsoft Corporation, Redmond, USA)

We use Microsoft Clarity to record anonymized and aggregated Site interactions including click patterns, scroll behavior, and heatmaps. Clarity also captures session recordings of how visitors interact with the Site. Clarity is configured to:

• Mask all sensitive form input by default (you cannot see your typed data played back in recordings)
• Apply IP truncation
• Retain data no longer than 90 days by default

For Microsoft's data handling, see Microsoft's privacy statement: privacy.microsoft.com/privacystatement.

You can opt out of Microsoft Clarity by rejecting non-essential cookies in our consent banner or by enabling Do Not Track in your browser.

6.3 Pexels (Pexels GmbH, Berlin, Germany)

Some imagery on the Site is licensed under the Pexels License from pexels.com. Pexels does not collect personal data when its hosted images are displayed on our Site.

6.4 Cloudflare (Cloudflare Inc., San Francisco, USA)

Where Cloudflare serves as a content delivery network or DDoS-mitigation layer, your IP address is processed for security and traffic-routing purposes. See: cloudflare.com/privacypolicy.

6.5 Bluehost / Newfold Digital (web hosting)

The Site is hosted on Bluehost servers. Server access logs are retained by the hosting provider in line with its standard practice. See: bluehost.com/about/privacy.

6.6 WhatsApp (Meta Platforms Inc.)

Where you contact us via the WhatsApp link displayed on the Site, your message and phone number are processed by WhatsApp under Meta's privacy practices: whatsapp.com/legal/privacy-policy.

7. Sharing your personal data

We do not sell your personal data. We may share personal data only:

• With our service providers and processors listed in Section 6, strictly to enable them to provide their services to us.
• With official authorities where required by Egyptian law — including the Egyptian Trademark Office (EIPA), the Egyptian Customs Authority, the Commercial Registry, the Egyptian Patent Office, and courts of competent jurisdiction.
• With our associate network across MENA jurisdictions, where required to deliver trademark or IP services in jurisdictions outside Egypt for which you have engaged us. All associates are bound by professional confidentiality.
• With legal advisors, auditors, or insurers under appropriate confidentiality obligations.
• In connection with a corporate transaction such as a merger, acquisition, or sale of assets — with appropriate confidentiality obligations.
• To comply with legal process including court orders, subpoenas, or regulatory investigations.

8. International data transfers

Some of our processors (Google, Microsoft, Cloudflare, Meta/WhatsApp) are based outside Egypt and may process data in the United States, the European Economic Area, or other jurisdictions. We rely on the following safeguards:

• For EEA-origin data: Standard Contractual Clauses (Module 2 — Controller to Processor) approved by the European Commission.
• For Egyptian-origin data: compliance with Article 14 of the PDPL governing cross-border transfers, including ensuring an adequate level of protection.

9. Data retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. Indicative retention periods:

• Contact form submissions: 24 months from last interaction.
• Active client matters: for the duration of the engagement plus 10 years thereafter (matching the Egyptian trademark validity period for record-keeping continuity).
• Closed client matters: 10 years from matter closure (Egyptian Bar Association recommendation).
• Microsoft Clarity recordings: 90 days from collection.
• Google Analytics user-level data: 14 months from collection.
• Server logs: 12 months from collection.
• Newsletter subscribers: until you unsubscribe.

10. Your rights

Under the PDPL and the GDPR (where applicable), you have the following rights regarding your personal data:

• Right of access: request confirmation of whether we process your data and obtain a copy of that data.
• Right to rectification: request correction of inaccurate or incomplete data.
• Right to erasure ("right to be forgotten"): request deletion of your data in specific circumstances.
• Right to restrict processing: request that we limit how we process your data in specific circumstances.
• Right to data portability: receive your data in a structured, commonly used, machine-readable format.
• Right to object: object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
• Right to lodge a complaint: with the Egyptian Personal Data Protection Center or, where applicable, with the data protection authority in your EEA country of residence.

To exercise any of these rights, email us at privacy@ig-bs.com. We will respond within 30 days (or 60 days where the request is complex, with notice of the extension).

11. Data security

We implement appropriate technical and organizational security measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These include:

• HTTPS encryption for all data transmitted to and from the Site
• HSTS (HTTP Strict Transport Security) enforcement
• Access controls and authentication for staff handling client data
• Encryption of stored client documents
• Regular review of third-party processor security practices
• Staff confidentiality obligations under professional ethics rules applicable to Egyptian trademark agents

In the event of a personal data breach affecting your data, we will notify the Egyptian Personal Data Protection Center within 72 hours of becoming aware of the breach, in accordance with the PDPL, and will notify affected individuals where required.

12. Children's privacy

The Site is not directed to children under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us at privacy@ig-bs.com and we will delete it promptly.

13. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Where changes are material, we will notify you by prominent notice on the Site or, where appropriate, by email.

14. How to contact us

For any privacy-related questions, requests, or complaints, contact us at:

• Email: privacy@ig-bs.com
• General contact: info@ig-bs.com
• Address: IGBS — International Group for Business Solutions, Cairo, Egypt

If you are not satisfied with our response, you have the right to lodge a complaint with the Egyptian Personal Data Protection Center or, where applicable, with the data protection authority in your country of residence.