Privacy Policy | Newmarket

1. Introduction

Newmarket Investment Management, LP, Newmarket Global Management, LP and their affiliate companies (together, “Newmarket,” “we,” “us” or “our”) recognizes the importance of protecting the privacy of our current, prospective and former clients and investors, our online visitors of the website www.newmarketcapital.com (the “Site”), our service providers and counterparties, individuals whose personal data are disclosed to us in the context of our operations, including investment due diligence, and other third parties (“you”). It is our intent to balance our legitimate business interests in collecting and using information received from and about you with your reasonable expectations of privacy. This privacy policy (“Privacy Policy”) explains how we collect, use, disclose, share and protect personal data (as defined below) from and about you that we process through your interactions with us, including your interactions with this Site.

This Privacy Policy contains information on our use of your personal data in accordance with relevant laws and regulations, including, where applicable, the EU General Data Protection Regulation (2016/679) (“EU GDPR”) and the EU GDPR as it forms part of the laws of the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (“UK GDPR”, and, together with the EU GDPR, “GDPR”). If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) and subject to the GDPR, please review this Privacy Policy and see the below Section 7 for a description of your rights and other information related to the GDPR.

Please read this Privacy Policy carefully to understand what we do with your personal data. The rights discussed in certain sections of this Privacy Policy may be subject to exemptions or other limitations under applicable law.

2. Collection of Personal Data

We may collect nonpublic personal information and other personal information about you, including information that can help us directly or indirectly identify you (“personal data”).

We may collect certain categories of personal data from or about you, including:

identifiers and similar information, such as name, address, email address, telephone number, date of birth and birth place, social security number, tax identification number, passport details, driver’s license details and other national identity documentation details, online identifiers or other similar identifiers;
personal details, such as gender, national origin, or marital status;
commercial information, including records of products or services purchased, obtained, or considered, or other transaction histories or tendencies, including funds in which you are invested, investments considered, risk tolerance and investment activity;
financial information, such as bank account details, credit card details, account balances, wire instructions, tax status, income, assets, and source of wealth;
professional or employment-related information, such as education information, investment experience, occupation, compensation, employer, title, employment history, investment experience;
certain information that may qualify as “special category” data under the GDPR, such as data revealing race or ethnical origin, political opinions, religious or philosophical beliefs, trade union membership, health or sexual orientation;
internet or other electronic network activity information, including interactions with the Site or use of certain online tools; and
audio, electronic, visual, or similar information.

3. Sources of Personal Data

We may collect personal data directly from you and/or your intermediaries through sources such as: (i) account applications, subscription agreements, and other forms or related documentation; (ii) written, electronic, or verbal correspondence with us or our service providers; (iii) investor transactions; (iv) an investor’s brokerage or financial advisory firm, financial advisor, or consultant; and/or (v) from information captured on applicable websites, fund data rooms and/or investor reporting portals (as applicable).

We may also collect personal data from different sources, such as: (i) our service providers; (ii) public websites or other publicly accessible directories and sources, including bankruptcy registers, tax authorities, governmental agencies and departments, and regulatory authorities; and/or (iii) from credit reporting agencies, sanctions screening databases, or from sources designed to detect and prevent fraud.

In certain circumstances, we may be provided with your personal data in the context of our operations, including investment due diligence.

4. Purposes for Collection and Use of Personal Data

We may collect, use or process personal data for business or commercial purposes, such as:

performing services on behalf of a fund, including fulfilling your requests, maintaining or servicing accounts, providing investor relations service, processing subscriptions, withdrawals and redemptions (as applicable), verifying information, processing payments, or providing similar services;
communicating with you;
performing our contractual and regulatory obligations to a subscriber to a fund, including providing updates on a fund’s performance, providing tax reporting and other operational matters; • detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activity, including preventing fraud and conducting “Know Your Client,” anti-money laundering, terrorist financing, and conflict checks;
enabling or effecting commercial transactions;
where permitted by applicable law, providing you with marketing or promotional materials;
establishing, exercising or defending legal claims and in order to protect and enforce our (or another person’s) rights, property, or safety, or to assist others to do the same;
complying with legal or regulatory requirements;
administering and improving our Site; and
internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

We may from time to time control or process personal data for the purposes of operating our business, including in respect of marketing and advertising. Any person who does not wish their personal data to be processed for marketing purposes may opt out of such processing by contacting us as set out in Section 12 below.

We will only use personal data for the purposes that it has been collected for, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose of the control or processing. Any person requiring information with respect to any additional purpose for which personal data may be controlled or processed may obtain such information by contacting us as set out in Section 12 below. If we need to control or process personal data for an unrelated purpose, we will use its reasonable endeavors to notify affected persons and to explain the basis on which we are permitted to undertake the same.

We may be legally obliged to process certain personal data in order to be able to perform services and business operations or to comply with contractual requirements. If you choose not to provide us with the necessary personal data or to restrict us from processing personal data, we may not be able to meet our obligations or deliver the products or services requested. This may lead to cancellation of contracts; if this is the case, we will endeavor to contact you to discuss this.

5. Disclosure of Personal Data

We may share personal data with certain third parties for the purposes set out above, including as follows:

We share your personal data with our service providers to perform the functions for which we engage them. For example, we may share your personal data with professional service providers such as banks, auditors, law firms, tax advisors, consultants and other third parties.
We may also use third parties to host the Site or assist us in providing functionality on the Site, provide data analysis and research as regards the Site, to send out email updates about the Site or remove repetitive information from our user lists. • We may share your personal data with regulatory, legal and tax authorities, including for example to respond to a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process. We may also share personal information as required to pursue available remedies or limit damages we may sustain. We also may share your personal data with third parties (including, but not limited to, governmental organizations and self-regulatory organizations) to enforce our rights, protect our property or protect the rights, property or safety of others, to prevent fraud, unauthorized transactions or liability; or as needed to support external auditing, compliance and corporate governance functions.
We may transfer information, including your personal data, in connection with a change of ownership or control by or of us or any affiliated entity (in each case whether in whole or in part) and where we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation)

Newmarket does not share your personal information with third parties for those third parties’ marketing purposes.

6. Security and Retention of Personal Data

Newmarket uses reasonable security measures designed to prevent unauthorized intrusion to the Site and to protect your personal data from unauthorized access, alteration, acquisition or misuse. We will take reasonable steps to use technical, administrative, organizational and physical security measures appropriate to the nature of the personal data we are processing and that comply with applicable laws to protect personal data against unauthorized access and exfiltration, acquisition, theft, or disclosure. We generally restrict access to personal data to those employees and agents who have been advised as to the proper handling of such information and who need to know such data to provide services to clients. Given the nature of information security, there is no guarantee that such safeguards will always be successful. To the extent permitted under applicable law, we will not be responsible for loss, corruption or unauthorized acquisition or misuse of personal information that you provide through the Site that is stored by us, or for any damages resulting from such loss, corruption or unauthorized acquisition or misuse.

How long we keep your personal data will vary depending on the type of personal data and our reasons for collecting it. The retention period will be determined by various criteria, including the purposes for which we are using it (as it will need to be kept for as long as is necessary for any of those purposes) and our legal obligations (as laws or regulations may set a minimum period for which we have to keep your personal data). In general, we will retain your personal data for as long as we require it to perform our contractual rights and obligations or for periods required by our legal and regulatory obligations.

7. Additional Information for EEA and UK Data Subjects

The GDPR imposes certain obligations on us, as a data controller, and grants certain rights to data subjects located in the EEA or UK (“data subject,” “you” or “your” in this Section) in certain circumstances. “Personal data” and other terms as used in this Section have the same meaning provided in the GDPR. If you are located in the EEA or UK and your personal data is disclosed to us in the context of our investment due diligence, the GDPR may not be applicable to us in the context of such processing of personal data and you may not have the rights described in this Section. However, we will take reasonable steps to protect the privacy and security of your personal data, as described in the other Sections of this Privacy Policy.

a. Legal Basis

As described above in Sections 2 and 4, we process personal data for various purposes. Our lawful bases for processing such personal data include:

where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
to comply with certain legal and regulatory requirements;
depending on the circumstances, we may need to process your personal data for the performance of a contract to which you are a party, or related pre-contractual steps; and
with your consent, as required by the GDPR.

b. Rights Applicable to Certain EEA or UK Data Subjects

Under the GDPR and any other applicable EU or UK data privacy laws, certain data subjects have a right to: (i) request access to and rectification of your personal data; (ii) correct personal data that we hold where it is incomplete or inaccurate; (iii) restrict the processing of your personal data in certain circumstances; (iv) object to the processing of your personal data in certain circumstances, including where we process personal data for direct marketing purposes or where we have processed such data on the basis of our legitimate interests; (v) request that we erase your personal data under certain circumstances; (vi) ask for a copy of your personal data to be provided to you, or to a third party, in a digital form; (vii) withdraw your consent to the processing of your personal data (where applicable); and (viii) lodge a complaint about the processing of your personal data with your local data protection authority. We particularly appreciate it when you make your question, problem or complaint known. Please contact us as set out in Section 12 below so we can try to find a suitable solution. If you wish to lodge a complaint, the UK data protection authority for example is the Information Commissioner. (You can contact the Information Commissioner at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; telephone: +44 (0)303 123 1113; email: casework@ico.org.uk).

c. How to Exercise Your Rights Under the GDPR

If you wish to exercise any of these rights as an EEA or UK data subject, you should contact us as set out in Section 12 below.

d. Transfers of Personal Data Outside the EEA or the UK

Our activities and the jurisdictions in which we are established are such that it may be necessary for personal data that we obtain from you to be transferred and/or processed outside of the EEA or the UK, chiefly but not limited to the United States. Personal data may be accessible by employees and other persons working on our behalf, located outside of the EEA or the UK, including to certain service providers (including but not limited to technical service providers and electronic data storage providers) who may process the information you give us. In circumstances where we transfer personal data outside the EEA or the UK, we will seek to ensure a similar degree of protection is afforded to it by ensuring that, where possible, personal data is generally transferred only to persons in countries outside the EEA or the UK in one of the following circumstances:

to persons and undertakings in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or the relevant Secretary of State in the United Kingdom, as applicable (an “adequacy decision”);

to persons and undertakings based in the United States if they are part of the EU-U.S. Data Privacy Framework which requires them to provide similar protection to personal data shared between the EEA and the United States, as well as between the UK and the United States pursuant to the Data Protection (Adequacy) (United States of America) Regulations 2023 for the UK Extension to the EU-U.S. Data Privacy Framework (the UK-US Data Bridge);
to persons and undertakings to whom the transfer of such personal data is made pursuant to a contract that is compliant with the model contracts for the transfer of personal data to third countries from time to time approved by the European Commission or in the form of the international data transfer agreement adopted by the Information Commissioner’s Office and the UK Parliament or an equivalent or replacement agreement (the IDTA), as applicable, and as supplemented where and if required;
to persons and undertakings outside of the EU or the UK pursuant to other appropriate safeguards for the transfer of personal data; and
only on one of the conditions allowed under the GDPR in the absence of an adequacy decision or appropriate safeguards.

You can contact us through the information provided in Section 12 below for further information on specific mechanisms we utilize for transferring personal data outside the EEA or the UK and the countries to which such transfer may be made (which may include, but are not limited to, the United States).

8. Cookies and Similar Technologies

Cookies are small text files that are stored in your computer’s memory and hard drive, in your mobile device or tablet when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website, or other third parties which receive data obtained from that website. Currently, our website does not use cookies or similar tracking technologies. Please note that some of our third party service providers may use cookies and similar technologies to support our operations. These entities may be collecting such information in order to provide services to or for us. You should be aware that these third party services providers may have different privacy policies and information security practices, as such, we encourage you to read the privacy statements provided by other websites before you provide personal data to them.

Our Site does not currently take any action when it receives a Do Not Track request. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on Do Not Track, visit www.donottrack.us.

9. Links to External Websites

Our Site contains links to third party websites. Any access to and use of such third party websites is not governed by this Privacy Policy, but instead is governed by the privacy policies of those third party websites, and we are not responsible for the information practices of such third party websites.

10. Children

Our services are not directed at individuals under the age of 18. We do not knowingly solicit or collect personal data from children under the age of 18. If we become aware that a child under 18 has provided us personal data, we will delete such data from our files. As a parent or guardian, if you become aware that your child has provided us with personal data, please contact us at the email address or telephone number provided at the end of this Privacy Policy and we will delete your child’s personal data within a reasonable time.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time-to-time and any changes to our Privacy Policy will be posted to this page. Accordingly, please refer back to this Privacy Policy frequently as it may change. If you do not agree to any changes we make to this Privacy Policy, you must not continue to use our services.

12. How to Contact Us

If you have any questions, comments or requests regarding this Privacy Policy, please contact us at 215-701-9690 or email us at info@newmarketcapital.com.