This Privacy Policy explains how Black Sheep Management (“Black Sheep”, “we”, “us”) collects, uses, stores, and shares personal data when you use blacksheepuae.com (the “Site”) or interact with us through the Site.

This policy is written for a professional, B2B audience. If you have questions, use the contact details in the Contact Us section.

1) Who We Are

Black Sheep Management is a Dubai-based advisory firm working with fund managers, financial institutions, and family offices across MENA, India, and global markets. We help funds design strategies, structure vehicles, and build operations that scale with capital.

Controller: Black Sheep Management (we decide how and why personal data is processed).

---

2) What This Policy Covers

This policy covers personal data processed through:

• The Site (pages, forms, newsletter signup, login areas, cookies)

• Business communications started through the Site (email follow-ups, meeting scheduling, proposal discussions)

It does not cover personal data processed on third-party sites that you access through links on our Site.

3) Personal Data We Collect

We collect personal data in three main ways: data you give us, data collected automatically, and data received via trusted business channels.

A) Data You Provide

Depending on how you interact with the Site, you may provide:

• Name

• Work email

• Phone number

• Company name

• Role or title

• Country or region

• Message content (enquiry details, project context, questions)

• Documents or files you upload through forms (if enabled)

• Newsletter preferences (if you subscribe)

• Login credentials (if you create or use an account area)

B) Data Collected Automatically

When you browse the Site, we may collect technical and usage data such as:

• IP address

• Browser type and device details

• Operating system

• Pages viewed and time spent

• General location (city or country level, based on IP)

• Site interactions (clicks, scroll depth, form events)

• Cookie identifiers and similar tracking signals

C) Data Received Via Business Channels

In some cases, we may receive business contact data through:

• A colleague introducing you

• A corporate directory or event list you opted into

• Your organisation sharing contact details for a relevant work discussion

We use this data only for professional, relevant communication.

4) Why We Use Personal Data

We use personal data for these purposes:

1. Respond to enquiries and communicate about potential work

2. Provide the Site and keep it working reliably

3. Send insights or updates if you subscribe or request them

4. Improve the Site by understanding what content is useful

5. Protect the Site against spam, misuse, and security incidents

6. Manage business operations (record keeping, internal reporting, audits)

7. Meet legal or regulatory duties that apply to our business

5) Legal Grounds We Rely On

We process personal data only when we have a valid reason. Depending on the situation, this may include:

• Consent (example: newsletter signup)

• Contract steps (example: responding to a request for proposal or onboarding discussions)

• Legitimate interests (example: improving Site performance, securing systems, B2B relationship management)

• Legal obligations (example: compliance and record retention duties)

You can withdraw consent at any time where consent is the basis (see Section 9).

6) How We Share Personal Data

We do not sell personal data.

We may share personal data with:

A) Service Providers (Processors)

Vendors that help us run the Site and operate the business, such as:

• Website hosting and infrastructure providers

• Email delivery or newsletter tools

• Analytics tools

• Security tools (spam prevention, threat detection)

• CRM tools used for enquiry management

These providers are permitted to process personal data only to deliver services to us, under contractual obligations.

B) Professional Advisers

Lawyers, accountants, auditors, or consultants, only when needed for legitimate business purposes.

C) Legal and Safety Reasons

We may share data if required by law, court order, or to protect rights, safety, and security.

D) Business Transfers

If we go through a merger, acquisition, restructuring, or asset sale, personal data may be transferred as part of that process, with appropriate safeguards.

7) International Data Transfers

Because we operate across regions, personal data may be processed outside the country where you live. When we transfer personal data internationally, we use appropriate safeguards such as:

• Contractual protections with vendors

• Access controls and minimised permissions

• Security measures designed to reduce transfer risk

If you want details about safeguards used in a specific case, contact us.

8) Data Retention

We keep personal data only as long as needed for the purpose it was collected.

Typical retention logic:

• Enquiries: kept for a reasonable period to manage follow-ups and maintain business records

• Newsletter subscriptions: kept until you unsubscribe, plus a short period to respect suppression requests

• Security logs: kept for a limited period to detect abuse and maintain system integrity

• Client engagement data: retained according to contract needs, operational requirements, and legal duties

When retention ends, we delete, anonymise, or securely archive data.

9) Your Rights and Choices

Your rights depend on applicable law and your location. In many cases, you can request:

• Access to personal data we hold about you

• Correction of inaccurate data

• Deletion of data (in certain situations)

• Restriction of processing (in certain situations)

• Objection to processing based on legitimate interests (in certain situations)

• Data portability (in certain situations)

• Withdrawal of consent (where consent is the basis)

Marketing Choices

• If you receive emails you no longer want, use the unsubscribe link in the email or contact us to stop messages.

• If you opt out, we may keep a minimal record of your request so we do not contact you again.

How To Exercise Rights

Send a request using the details in Section 14. We may ask for reasonable verification before action.

10) Cookies and Similar Technologies

We use cookies and similar tools to:

• Make the Site function properly

• Remember preferences (where enabled)

• Understand traffic and improve content

• Protect the Site against spam and misuse

You can control cookies through your browser settings. If you block certain cookies, parts of the Site may not work as intended.

reCAPTCHA and Spam Protection

We may use automated spam protection tools (including Google reCAPTCHA or similar services). These tools may collect technical signals to evaluate risk and prevent abuse.

11) Security

We use reasonable technical and organisational safeguards designed to protect personal data, such as:

• Access controls

• Secure authentication for admin systems

• Monitoring and logging designed to detect abuse

• Vendor reviews where relevant

No method of storage or transmission is fully risk-free. If a security incident affects your personal data in a material way, we will take reasonable steps to address it and meet any notification duties that apply.

12) Third-Party Links

The Site may link to third-party websites. We are not responsible for privacy practices on third-party sites. Review their privacy notices before sharing personal data.

13) Children

The Site is designed for a professional, institutional audience. We do not knowingly collect personal data related to children.

14) Contact Us

To ask questions or submit a privacy request, contact:

Black Sheep Management

Privacy contact email: contact@blacksheepuae.com
Phone: 
Address: 

If you prefer, you can also add a dedicated contact form route on the Site and reference it here.

15) Changes To This Policy

We may update this Privacy Policy to reflect changes in the Site, services, or legal requirements. We will update the “Last updated” date at the top. If changes are significant, we may also place a notice on the Site.