Last updated: 27 March 2026 · Cookie Policy
Contents
The Data Controller is:
BlackSheep SGR S.p.A. is an Alternative Investment Fund Manager (AIFM) authorized and supervised by the Bank of Italy (Banca d'Italia) pursuant to Directive 2011/61/EU, registered under number 15518.4.
The Data Protection Officer (DPO) is:
This Privacy Policy describes how BlackSheep SGR S.p.A. collects, uses, stores and protects personal data of individuals who interact with the website blacksheep.ventures (the "Website"), including through its contact forms, investor relations communications, and other channels described below.
This Policy does not cover personal data processed in the context of employment relationships, fund subscription agreements, or regulatory reporting, which are governed by separate notices provided to the relevant data subjects at the time of collection.
Depending on how you interact with the Website, we may collect the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Identity data | First name, last name, professional title | Provided directly by you |
| Contact data | Email address, phone number, company name | Provided directly by you |
| Professional data | Role, organisation, investment history, AUM | Provided directly by you |
| Business data | Startup name, pitch deck, funding stage, sector, financial projections | Provided directly by you (pitch submissions) |
| Navigation data | IP address, browser type, pages visited, timestamps | Automatically collected via server logs |
| Communication data | Content of messages submitted via contact forms or email | Provided directly by you |
We do not collect special categories of personal data (as defined under Art. 9 GDPR) through the Website.
When you submit a general enquiry through our contact form, we process your name, email address, and message to respond to your request.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in responding to enquiries; or pre-contractual steps at your request (Art. 6(1)(b) GDPR).
If you are a limited partner (LP) of one of the funds managed by BlackSheep SGR S.p.A., we process your contact data to send periodic updates, reports, and fund communications.
Legal basis: Performance of contract and legal obligations under fund documentation (Art. 6(1)(b) and 6(1)(c) GDPR); and legitimate interest in maintaining investor relations (Art. 6(1)(f) GDPR).
If you have expressed interest in BlackSheep II — Domain-Specific AI Fund, we process your contact and professional data to provide fund information, schedule meetings, and share relevant materials during the fundraising process.
Legal basis: Consent (Art. 6(1)(a) GDPR) and/or pre-contractual steps (Art. 6(1)(b) GDPR). You may withdraw consent at any time by contacting our DPO.
If you submit a spontaneous application or CV, we process your personal and professional data to evaluate your profile for current or future positions.
Legal basis: Consent (Art. 6(1)(a) GDPR), provided by voluntarily submitting your application. You may withdraw consent at any time.
If you submit a pitch or business plan for potential investment, we process the information provided — including data about founders, the company, and its business model — to evaluate the investment opportunity.
Legal basis: Consent (Art. 6(1)(a) GDPR) and pre-contractual steps (Art. 6(1)(b) GDPR). Voluntary submission constitutes consent to the processing described herein.
Server logs automatically collect technical data for security, fraud prevention, and website administration. This data is not used for profiling or behavioural tracking.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in maintaining the security and proper functioning of the Website.
As an AIFM regulated by the Bank of Italy, BlackSheep SGR S.p.A. may process personal data to comply with AML, KYC, and other applicable regulatory obligations.
Legal basis: Legal obligation (Art. 6(1)(c) GDPR).
| Processing activity | Retention period |
|---|---|
| General contact enquiries | 24 months from last interaction, unless a contractual relationship is established |
| LP communications | Duration of the fund + 10 years (applicable financial regulation) |
| Fund II investor relations | Up to 36 months from initial contact; extended if subscription commences |
| Job applications | 12 months from receipt, unless extended consent is given |
| Pitch submissions | 24 months from submission; extended if due diligence commences |
| Navigation / server logs | 90 days, unless longer retention is required for security purposes |
| Regulatory / AML / KYC data | 10 years from end of business relationship (as required by law) |
At the end of each retention period, personal data is securely deleted or anonymised.
Personal data may be disclosed to the following categories of recipients:
Personal data will not be sold or shared with third parties for commercial or marketing purposes.
Some of our service providers operate outside the European Economic Area (EEA). Where personal data is transferred to a third country, we ensure appropriate safeguards are in place, including:
For details on safeguards applicable to specific transfers, contact our DPO at antonio.dettoli@blacksheep.ventures.
Under the GDPR, you have the following rights regarding your personal data:
| Right | Description |
|---|---|
| Access (Art. 15) | Obtain confirmation of whether we process your data and receive a copy |
| Rectification (Art. 16) | Request correction of inaccurate or incomplete data |
| Erasure (Art. 17) | Request deletion where there is no longer a lawful basis for processing |
| Restriction (Art. 18) | Request limitation of processing in certain circumstances |
| Portability (Art. 20) | Receive your data in a structured, machine-readable format |
| Objection (Art. 21) | Object to processing based on legitimate interest or for direct marketing |
| Withdraw consent (Art. 7(3)) | Withdraw consent at any time without affecting lawfulness of prior processing |
To exercise any right, contact our DPO at antonio.dettoli@blacksheep.ventures. We will respond within one month of receipt (extendable by two months for complex requests, with prior notice).
You have the right to lodge a complaint with the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it), Piazza Venezia 11, 00187 Rome — or with the supervisory authority of your country of residence or establishment.
The Website uses only strictly necessary technical cookies required for the proper functioning of the site. No analytics, profiling, or third-party marketing cookies are used.
For full details, see our Cookie Policy.
The Website is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently done so, please contact us and we will promptly delete such data.
We may update this Policy from time to time to reflect changes in our practices or applicable law. The date of the most recent revision is shown at the top of this page. Material changes will be communicated via a notice on the Website.
For any questions or requests relating to this Policy or the processing of your personal data: