PRIVACY POLICY
Last Updated: January 2025

1. Introduction
Newmarket Investment Management, LP, Newmarket Global Management, LP and their affiliate
companies (together, “Newmarket,” “we,” “us” or “our”) recognizes the importance of protecting the
privacy of our current, prospective and former clients and investors, our online visitors of the
website www.newmarketcapital.com (the “Site”), our service providers and counterparties,
individuals whose personal data are disclosed to us in the context of our operations, including
investment due diligence, and other third parties (“you”). It is our intent to balance our
legitimate business interests in collecting and using information received from and about you with
your reasonable expectations of privacy. This privacy policy (“Privacy Policy”) explains how we
collect, use, disclose, share and protect personal data (as defined below) from and about you that
we process through your interactions with us, including your interactions with this Site.
This Privacy Policy contains information on our use of your personal data in accordance with
relevant laws and regulations, including, where applicable, the EU General Data Protection
Regulation (2016/679) (“EU GDPR”) and the EU GDPR as it forms part of the laws of the United
Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the
Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019
(“UK GDPR”, and, together with the EU GDPR, “GDPR”). If you are located in the European Economic
Area (“EEA”) or the United Kingdom (“UK”) and subject to the GDPR, please review this Privacy
Policy and see the below Section 7 for a description of your rights and other information related
to the GDPR.
Please read this Privacy Policy carefully to understand what we do with your personal data. The
rights discussed in certain sections of this Privacy Policy may be subject to exemptions or other
limitations under applicable law.

2. Collection of Personal Data
We may collect nonpublic personal information and other personal information about you, including
information that can help us directly or indirectly identify you (“personal data”).
We may collect certain categories of personal data from or about you, including:
• identifiers and similar information, such as name, address, email address, telephone number,
date of birth and birth place, social security number, tax identification number, passport details,
driver’s license details and other national identity documentation details, online identifiers or
other similar identifiers;
• personal details, such as gender, national origin, or marital status;

• commercial information, including records of products or services purchased, obtained, or
considered, or other transaction histories or tendencies, including funds in which you are
invested, investments considered, risk tolerance and investment activity;
• financial information, such as bank account details, credit card details, account balances, wire
instructions, tax status, income, assets, and source of wealth;
• professional or employment-related information, such as education information, investment
experience, occupation, compensation, employer, title, employment history, investment experience;
• certain information that may qualify as “special category” data under the GDPR, such as data
revealing race or ethnical origin, political opinions, religious or philosophical beliefs, trade
union membership, health or sexual orientation;
• internet or other electronic network activity information, including interactions with the Site
or use of certain online tools; and
• audio, electronic, visual, or similar information.

3. Sources of Personal Data
We may collect personal data directly from you and/or your intermediaries through sources such as:
(i) account applications, subscription agreements, and other forms or related documentation; (ii)
written, electronic, or verbal correspondence with us or our service providers; (iii) investor
transactions; (iv) an investor’s brokerage or financial advisory firm, financial advisor, or
consultant;
(v) from information captured on applicable websites, fund data rooms and/or investor reporting
portals (as applicable); and/or (vi) survey-style questionnaires you submit to us, as described in
Section 9 below.
We may also collect personal data from different sources, such as: (i) our service providers; (ii)
public websites or other publicly accessible directories and sources, including bankruptcy
registers, tax authorities, governmental agencies and departments, and regulatory authorities;
and/or (iii) from credit reporting agencies, sanctions screening databases, or from sources
designed to detect and prevent fraud.
In certain circumstances, we may be provided with your personal data in the context of our
operations, including investment due diligence.

4. Purposes for Collection and Use of Personal Data
We may collect, use or process personal data for business or commercial purposes, such as:

• performing services on behalf of a fund, including fulfilling your requests, maintaining or
servicing accounts, providing investor relations service, processing subscriptions,
withdrawals and redemptions (as applicable), verifying information, processing payments, or
providing similar services;

• communicating with you;
• performing our contractual and regulatory obligations to a subscriber to a fund, including
providing updates on a fund’s performance, providing tax reporting and other operational matters;
• detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal
activity, including preventing fraud and conducting “Know Your Client,” anti-money laundering,
terrorist financing, and conflict checks;
• enabling or effecting commercial transactions;
• where permitted by applicable law, providing you with marketing or promotional
materials;
• establishing, exercising or defending legal claims and in order to protect and enforce our (or
another person’s) rights, property, or safety, or to assist others to do the same;
• complying with legal or regulatory requirements;
• administering and improving our Site; and
• internal operations, including troubleshooting, data analysis, testing, research, statistical
and survey purposes.

We may from time to time control or process personal data for the purposes of operating our
business, including in respect of marketing and advertising. Any person who does not wish their
personal data to be processed for marketing purposes may opt out of such processing by contacting
us as set out in Section 14 below.
We will only use personal data for the purposes that it has been collected for, unless we
reasonably consider that we need to use it for another reason and that reason is compatible with
the original purpose of the control or processing. Any person requiring information with respect to
any additional purpose for which personal data may be controlled or processed may obtain such
information by contacting us as set out in Section 14 below. If we need to control or process
personal data for an unrelated purpose, we will use its reasonable endeavors to notify affected
persons and to explain the basis on which we are permitted to undertake the same.
We may be legally obliged to process certain personal data in order to be able to perform services
and business operations or to comply with contractual requirements. If you choose not to provide us
with the necessary personal data or to restrict us from processing personal data, we may not be
able to meet our obligations or deliver the products or services requested. This may lead to
cancellation of contracts; if this is the case, we will endeavor to contact you to discuss this.

5. Disclosure of Personal Data
We may share personal data with certain third parties for the purposes set out above, including as
follows:

• We share your personal data with our service providers to perform the functions for which we
engage them. For example, we may share your personal data with professional service providers such
as banks, auditors, law firms, tax advisors, consultants and other third parties. We may also use
third parties to host the Site or assist us in providing functionality on the Site, provide data
analysis and research as regards the Site, to send out email updates about the Site or remove
repetitive information from our user lists.
• We may share your personal data with regulatory, legal and tax authorities, including for
example to respond to a subpoena, regulation, binding order of a data protection agency, legal
process, governmental request or other legal or regulatory process. We may also share personal
information as required to pursue available remedies or limit damages we may sustain. We also may
share your personal data with third parties (including, but not limited to, governmental
organizations and self-regulatory organizations) to enforce our rights, protect our property or
protect the rights, property or safety of others, to prevent fraud, unauthorized transactions or
liability; or as needed to support external auditing, compliance and corporate governance
functions.
• We may transfer information, including your personal data, in connection with a change of
ownership or control by or of us or any affiliated entity (in each case whether in whole or in
part) and where we sell or transfer all or a portion of our business or assets (including in the
event of a reorganization, dissolution or liquidation)
Newmarket does not share your personal information with third parties for those third parties’
marketing purposes.

6. Security and Retention of Personal Data
Newmarket uses reasonable security measures designed to prevent unauthorized intrusion to the Site
and to protect your personal data from unauthorized access, alteration, acquisition or misuse. We
will take reasonable steps to use technical, administrative, organizational and physical security
measures appropriate to the nature of the personal data we are processing and that comply with
applicable laws to protect personal data against unauthorized access and exfiltration, acquisition,
theft, or disclosure. We generally restrict access to personal data to those employees and agents
who have been advised as to the proper handling of such information and who need to know such data
to provide services to clients. Given the nature of information security, there is no guarantee
that such safeguards will always be successful. To the extent permitted under applicable law, we
will not be responsible for loss, corruption or unauthorized acquisition or misuse of personal
information that you provide through the Site that is stored by us, or for any damages resulting
from such loss, corruption or unauthorized acquisition or misuse.
How long we keep your personal data will vary depending on the type of personal data and our
reasons for collecting it. The retention period will be determined by various criteria, including
the purposes for which we are using it (as it will need to be kept for as long as is necessary for
any of those purposes) and our legal obligations (as laws or regulations may set a minimum period
for which we have to keep your personal data). In general, we will retain your personal data for as
long as we require it to perform our contractual rights and obligations or for periods required by
our legal and regulatory obligations.

7. Additional Information for EEA and UK Data Subjects
The GDPR imposes certain obligations on us, as a data controller, and grants certain rights to data
subjects located in the EEA or UK (“data subject,” “you” or “your” in this Section) in certain
circumstances. “Personal data” and other terms as used in this Section have the same meaning
provided in the GDPR. If you are located in the EEA or UK and your personal data is disclosed to us
in the context of our investment due diligence, the GDPR may not be applicable to us in the context
of such processing of personal data and you may not have the rights described in this Section.
However, we will take reasonable steps to protect the privacy and security of your personal data,
as described in the other Sections of this Privacy Policy.
a. Legal Basis
As described above in Sections 2 and 4, we process personal data for various purposes. Our lawful
bases for processing such personal data include:
• where it is necessary for our legitimate interests (or those of a third party) and your
interests and fundamental rights do not override those interests;
• to comply with certain legal and regulatory requirements;
• depending on the circumstances, we may need to process your personal data for the performance of
a contract to which you are a party, or related pre-contractual steps; and
• with your consent.
As described below in Section 9, we also process any personal data in survey data you submit to us.
Our lawful basis for processing such personal data include:
• our legitimate interests, or the legitimate interests of a third party, where those legitimate
interests are not outweighed by your interests or fundamental rights and freedoms; and/or
• your consent.

b. Rights Applicable to Certain EEA or UK Data Subjects
Under the GDPR and any other applicable EU or UK data privacy laws, certain data subjects have a
right to: (i) request access to and rectification of your personal data; (ii) correct personal data
that we hold where it is incomplete or inaccurate; (iii) restrict the processing of your personal
data in certain circumstances; (iv) object to the processing of your personal data in certain
circumstances, including where we process personal data for direct marketing purposes or where we
have processed such data on the basis of our legitimate interests; (v) request that we erase your
personal data under certain circumstances; (vi) ask for a copy of your personal data to be provided
to you, or to a third party, in a digital form; (vii) withdraw your consent to the processing of
your personal data (where applicable); and (viii) lodge a complaint about the processing of your
personal data with your local data protection authority. We particularly appreciate it when you
make your question, problem or complaint known.

Please contact us as set out in Section 14 below so we can try to find a suitable solution. If you
wish to lodge a complaint, the UK data protection authority for example is the Information
Commissioner. (You can contact the Information Commissioner at: Information Commissioner’s Office,
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; telephone: +44 (0)303 123 1113; email:
casework@ico.org.uk).

c. How to Exercise Your Rights Under the GDPR

If you wish to exercise any of these rights as an EEA or UK data subject, you should contact us as
set out in Section 14 below.

d. Transfers of Personal Data Outside the EEA or the UK
Our activities and the jurisdictions in which we are established are such that it may be necessary
for personal data that we obtain from you to be transferred and/or processed outside of the EEA or
the UK, chiefly but not limited to the United States. Personal data may be accessible by employees
and other persons working on our behalf, located outside of the EEA or the UK, including to certain
service providers (including but not limited to technical service providers and electronic data
storage providers) who may process the information you give us. In circumstances where we transfer
personal data outside the EEA or the UK, we will seek to ensure a similar degree of protection is
afforded to it by ensuring that, where possible, personal data is generally transferred only to
persons in countries outside the EEA or the UK in one of the following circumstances:

• to persons and undertakings in countries that have been deemed to provide an adequate level of
protection for personal data by the European Commission or the relevant Secretary of State in the
United Kingdom, as applicable (an “adequacy decision”);
• to persons and undertakings based in the United States if they are part of the EU-U.S. Data
Privacy Framework which requires them to provide similar protection to personal data shared between
the EEA and the United States, as well as between the UK and the United States pursuant to the Data
Protection (Adequacy) (United States of America) Regulations 2023 for the UK Extension to the
EU-U.S. Data Privacy Framework (the UK-US Data Bridge);
• to persons and undertakings to whom the transfer of such personal data is made pursuant to a
contract that is compliant with the model contracts for the transfer of personal data to third
countries from time to time approved by the European Commission or in the form of the international
data transfer agreement adopted by the Information Commissioner’s Office and the UK Parliament or
an equivalent or replacement agreement (the IDTA), as applicable, and as supplemented where and if
required;
• to persons and undertakings outside of the EU or the UK pursuant to other appropriate safeguards
for the transfer of personal data; and
• only on one of the conditions allowed under the GDPR in the absence of an adequacy decision or
appropriate safeguards.

You can contact us through the information provided in Section 14 below for further information on
specific mechanisms we utilize for transferring personal data outside the EEA or the UK and the
countries to which such transfer may be made (which may include, but are not limited to, the United
States).

8. Cookies and Similar Technologies
Cookies are small text files that are stored in your computer’s memory and hard drive, in your
mobile device or tablet when you visit certain web pages. They are used to enable websites to
function or to provide information to the owners of a website, or other third parties which receive
data obtained from that website. Currently, our website does not use cookies or similar tracking
technologies. Please note that some of our third party service providers may use cookies and
similar technologies to support our operations. These entities may be collecting such information
in order to provide services to or for us. You should be aware that these third party services
providers may have different privacy policies and information security practices, as such, we
encourage you to read the privacy statements provided by other websites before you provide personal
data to them.
Our Site does not currently take any action when it receives a Do Not Track request. Do Not Track
is a privacy preference that you can set in your web browser to indicate that you do not want
certain information about your webpage visits collected across websites when you have not
interacted with that service on the page. For details, including how to turn on Do Not Track, visit
www.donottrack.us.

9. Use of Survey Data
In addition to the personal data described above, we may collect information from you through
optional survey-style questionnaires available on our website. These questionnaires are designed to
gather insights and feedback for purposes such as improving our services, understanding user
preferences, and responding to specific inquiries.
Categories of Data Collected
The information collected through these surveys may include, but is not limited to:

• Personal identifiers (e.g., name, email address, phone number).
• Demographic information (e.g., age range, location).
• Feedback and preferences related to our services.

Purpose and Use of Survey Data
We will use survey data for the following purposes:

• To better understand the needs and preferences of our clients and site visitors.
• To improve our products, services, and website functionality

• To respond to inquiries or requests submitted through the survey.

Consent and Participation
Participation in these surveys is entirely voluntary. Before submitting a survey, you will be asked
to provide explicit consent acknowledging that your responses will be processed in accordance with
this Privacy Policy.
Sharing of Survey Data
Survey responses may be shared with internal teams and select third-party service providers who
assist us in analyzing feedback. We will ensure that these third parties adhere to strict
confidentiality and data protection standards. Survey data will not be used for third-party
marketing purposes or shared without your consent.
Retention of Survey Data
Survey data will be retained only for as long as necessary to fulfill the purposes described above
or as required by applicable laws. You may request the deletion of your survey responses by
contacting us through the channels provided in Section 14.

10. Certain State Residents
You may be aware that there are various state data privacy laws currently in effect in the United
States. Our services are not currently subject to any state laws providing rights in connection
with personal information. However, we do provide notice and transparency about our collection and
use of personal information as described in Privacy Policy.

11. Links to External Websites
Our Site contains links to third party websites. Any access to and use of such third party websites
is not governed by this Privacy Policy, but instead is governed by the privacy policies of those
third party websites, and we are not responsible for the information practices of such third party
websites.

12. Children
Our services are not directed at individuals under the age of 18. We do not knowingly solicit or
collect personal data from children under the age of 18. If we become aware that a child under 18
has provided us personal data, we will delete such data from our files. As a parent or guardian, if
you become aware that your child has provided us with personal data, please contact us at the email
address or telephone number provided at the end of this Privacy Policy and we will delete your
child’s personal data within a reasonable time.

13. Changes to this Privacy Policy
We may update this Privacy Policy from time-to-time and any changes to our Privacy Policy will be
posted to this page. You can always check the “Last Updated” date at the top of this document
to see when the Privacy Policy was last changed. Accordingly, please refer back to this Privacy
Policy frequently as it may change. If you do not agree to any changes we make to this Privacy
Policy, you must not continue to use our services.
14. How to Contact Us
If you have any questions, comments or requests regarding this Privacy Policy, please contact us at
215-701-9690 or email us at info@newmarketcapital.com.