Part I
Privacy Policy
This Privacy Policy explains how Barjeel Management Consulting L.L.C — a company established in Dubai, United Arab Emirates, operating under the Barjeel and Barjeel AI brands ("Barjeel", "Company", "we", "us", or "our") — collects, uses, stores, shares, and protects personal data and other information in connection with the Barjeel AI website, application, platform, intelligence tools, casework tools, document libraries, assistant features, and related services (collectively, the "Services").
1. Who We Are and Scope
The Services are designed for professional, corporate, advisory, legal-support, intelligence, strategy, documentation, research, and case management use. This Privacy Policy applies to visitors to the Barjeel AI website and to customers, users, administrators, consultants, invited collaborators, and other authorized persons who access or use the Services.
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. Where consent is required by law, your use of the Services, account creation, submission of data, or affirmative acceptance of this Privacy Policy will be treated as consent to the processing described here.
2. Information We Collect
2.1 Account and identity information
Names, business email addresses, phone numbers, job titles, organization names, login credentials, profile information, authentication data, user role, permissions, account settings, billing identifiers, and other information required to create, administer, secure, and support user accounts.
2.2 Customer content and case data
The Services may allow users to upload, create, import, store, analyze, save, export, or transmit documents, evidence, notes, project files, case files, prompts, instructions, chat messages, AI outputs, findings, search terms, intelligence results, timelines, reports, deliverables, comments, labels, tags, and related metadata ("Customer Content"). Customer Content may contain personal data, confidential business information, third-party information, and sensitive or regulated information depending on what users submit.
2.3 Intelligence queries and results
When users use Intelligence features — including Live Intelligence, Historical Intelligence, exposure review, link analysis, entity resolution, or other intelligence capabilities — we may process search inputs, target identifiers, selected filters, results, result metadata, confidence indicators, source labels, saved findings, links between entities, and user actions taken in response to results.
2.4 AI interaction data
When users interact with the Assistant or other AI features, we may process prompts, selected mode settings such as Internal, External, or Hybrid, retrieved context, selected case or project, chat history, generated outputs, user feedback, document references, and system metadata needed to provide, debug, improve, and secure the AI functions.
2.5 Technical, device, and usage data
IP addresses, device identifiers, browser type, operating system, referral URLs, session identifiers, pages viewed, features used, timestamps, error logs, diagnostics, access logs, audit logs, security events, API usage, rate-limit events, and approximate location inferred from technical signals.
2.6 Billing, payment, and commercial information
If paid services, subscriptions, invoices, consulting engagements, or other commercial arrangements are enabled, we may process billing contact details, invoice records, subscription status, transaction metadata, payment status, tax information, and related commercial records. Payment card or banking details may be processed by payment providers and may not be stored directly by Barjeel.
2.7 Communications and support
Communications sent to us by email, forms, chat, support tools, meetings, calls, demos, onboarding sessions, feedback channels, and similar interactions.
3. How We Collect Information
We collect information directly from users, customers, administrators, and invited collaborators; automatically through technical systems, cookies, logs, analytics, and security tools; from third-party service providers supporting the Services; from public or accessible sources used by intelligence features; and from integrations that customers or users authorize.
If you submit information about another person, organization, case, company, employee, counterparty, witness, client, source, or third party, you represent that you have the lawful authority, legal basis, consent, legitimate professional reason, or other valid authorization required to provide that information to the Services and to permit Barjeel to process it as described in this document.
4. How We Use Information
We may use information for the following purposes:
- Providing, operating, maintaining, hosting, securing, and supporting the Services.
- Creating and administering accounts, workspaces, projects, cases, libraries, permissions, teams, and organization settings.
- Processing uploads, documents, evidence entries, notes, timelines, deliverables, and other Customer Content.
- Providing AI-assisted functionality, including document analysis, case summarization, drafting assistance, internal retrieval, external search support, and hybrid research workflows.
- Providing intelligence capabilities, including open-source lookup, database lookup, exposure review, entity resolution, relationship mapping, and source-based search.
- Generating reports, findings, responses, search results, export files, audit trails, and other platform outputs requested by users.
- Improving user experience, product design, reliability, performance, quality, security, and feature development.
- Monitoring for prohibited activity, abuse, security incidents, fraud, unauthorized access, system misuse, or violations of our terms.
- Communicating with customers and users about accounts, security, support, updates, onboarding, notices, changes, billing, and service-related matters.
- Complying with applicable laws, regulations, court orders, lawful requests, contractual obligations, tax obligations, audit obligations, and internal governance requirements.
- Enforcing our agreements, protecting rights and property, resolving disputes, and defending or pursuing legal claims.
5. AI Processing and Mode-Based Context
Barjeel AI may use artificial intelligence systems, large language models, embeddings, retrieval systems, classifiers, search tools, and related technologies to process prompts, documents, case materials, and other Customer Content.
Where the platform offers modes such as Internal, External, or Hybrid, Barjeel aims to apply the selected mode as follows:
- Internal mode is intended to use only information available within the selected case, project, library, workspace, or other internal platform context available to the user.
- External mode is intended to use external or public-source information, web search, public records, indexed sources, or other non-case sources available through the relevant tool or integration.
- Hybrid mode is intended to combine internal platform context with external or public-source information to create a unified output.
Mode selection is a platform control intended to guide context retrieval. It is not a guarantee that an AI output is complete, accurate, legally sufficient, or suitable for a specific use. Users must review all outputs and verify important information independently.
Customer Content may be transmitted to AI infrastructure providers, search providers, hosting providers, database providers, storage providers, security providers, and related technical service providers where necessary to provide the Services. We require users to avoid submitting information to AI features unless they have authority to process that information through the Services.
6. Lawful Basis, Consent, and User Responsibility
Depending on the circumstances and applicable law, we may process personal data based on consent, contractual necessity, legitimate interests, compliance with legal obligations, protection of rights, security, fraud prevention, user request, or another lawful basis available under applicable law.
The Services may be used by organizations that determine the purposes and means of processing Customer Content. In those cases, the customer or organization may act as the controller or equivalent party for Customer Content, and Barjeel may act as a processor or service provider to the extent required by applicable law and contract.
Users and customers are solely responsible for ensuring that their collection, upload, search, processing, analysis, export, retention, disclosure, and use of Customer Content comply with applicable laws, professional obligations, contractual duties, court orders, employment rules, privacy rights, data protection laws, intellectual property rights, confidentiality obligations, and ethical requirements.
7. Sharing and Disclosure
We may share or disclose information in the following circumstances:
- With service providers, infrastructure providers, hosting providers, database providers, AI providers, storage providers, analytics providers, security providers, communications providers, payment processors, professional advisers, and contractors who support the Services.
- With authorized users, organization administrators, team members, invited collaborators, or client workspace members according to workspace settings, permissions, and user actions.
- With Barjeel affiliates, related entities, and specialist providers, including third-party intelligence data and tooling providers engaged by Barjeel where relevant to the Services.
- With third-party integrations or tools that a customer or user enables, authorizes, or uses through the Services.
- Where required or permitted by law, regulation, legal process, court order, government request, national security request, law enforcement request, tax authority request, or regulatory obligation.
- To enforce our agreements, protect security, prevent fraud or abuse, investigate prohibited activity, resolve disputes, collect fees, or protect the rights, safety, property, and legitimate interests of Barjeel, users, customers, third parties, or the public.
- In connection with a merger, acquisition, financing, restructuring, sale of assets, insolvency, corporate transaction, transfer of business, or due diligence process, subject to appropriate confidentiality protections where commercially reasonable.
8. International Transfers
Barjeel is based in the United Arab Emirates. The Services may involve processing, hosting, storage, support, or technical operations in the UAE or other countries, including jurisdictions where our service providers, AI providers, hosting providers, infrastructure providers, contractors, or support teams operate. These countries may have data protection laws that differ from the laws in your location.
By using the Services or submitting information, you understand that information may be transferred to, stored in, accessed from, or processed in countries outside your country of residence or the country where the information was originally collected, subject to applicable legal requirements and reasonable safeguards.
9. Retention
We retain information for as long as reasonably necessary to provide the Services, maintain accounts, operate workspaces, support case management, comply with legal and contractual obligations, resolve disputes, enforce agreements, maintain security, preserve audit logs, prevent abuse, and protect legitimate business interests.
Customer Content is generally retained for the duration of the relevant customer relationship, workspace, project, case, or account unless deleted earlier by authorized users or retained longer where required or permitted by law, contract, backup practices, audit obligations, dispute preservation, or security requirements.
Deletion requests may not immediately remove information from backups, logs, audit trails, legal holds, archived records, security records, or third-party systems where retention is required or permitted. We may retain de-identified, aggregated, statistical, or non-personal information for legitimate business purposes.
10. Security
We use reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, or disclosure. Measures may include access controls, authentication, encryption in transit or at rest where appropriate, audit logging, role-based permissions, separation of workspaces, security monitoring, vulnerability management, backup practices, and internal access restrictions.
No website, AI system, storage system, transmission method, security control, or online service can be guaranteed to be completely secure. Users are responsible for safeguarding passwords, devices, authentication methods, workspace invitations, exported files, and access credentials. Barjeel is not responsible for unauthorized access caused by user error, compromised credentials, unsafe devices, insecure networks, misconfigured permissions, or third-party breaches outside our reasonable control.
11. Privacy Rights and Choices
Subject to applicable law and verification of identity, individuals may have rights to request access to personal data, correction of inaccurate personal data, deletion, restriction of processing, objection to processing, withdrawal of consent where processing is based on consent, data portability, or information about processing. These rights may be limited by law, confidentiality obligations, legal privilege, security, rights of others, business records, legal claims, or customer instructions.
Where we process Customer Content on behalf of an organization, we may direct requests concerning Customer Content to the relevant customer or organization administrator. To submit a privacy request, contact info@barjeel.net. We may require verification before acting on a request and may decline or limit requests where permitted by law.
12. Cookies and Similar Technologies
We may use cookies, local storage, pixels, SDKs, analytics tools, session tokens, and similar technologies to provide login sessions, remember preferences, secure the Services, measure usage, improve performance, detect abuse, and support product analytics. Users can control certain cookies through browser settings, but disabling required cookies may affect functionality or access.
13. Children and Minors
The Services are intended for business and professional users who are at least 18 years old. The Services are not directed to children or minors. Users must not knowingly submit personal data of minors unless they have clear lawful authority, a legitimate professional need, and all required consents or approvals. Barjeel may delete or restrict such data where it believes use is inappropriate, unauthorized, or unlawful.
14. Confidentiality of Workspaces
The Services may include organization-level workspaces, administrator roles, team permissions, case-level access controls, and client or consultant access. Organization administrators may be able to view, export, manage, delete, or control information submitted by users within their workspace. Users should not assume that workspace activity is private from their organization, administrators, project owners, or authorized collaborators.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be effective when posted on the Barjeel AI website or platform, unless a different effective date is stated. Continued use of the Services after an update means you accept the updated Privacy Policy to the extent permitted by law.
16. Privacy Contact
For privacy questions, requests, or complaints, contact Barjeel at info@barjeel.net. We will review reasonable requests in accordance with applicable law and operational requirements.
