EV Private Equity Privacy Policy Notice

WHO ARE WE?

For the purposes of this Privacy Policy Notice (the “Notice”), “EVPE” (and “we“, or “us“, or “our”) shall mean EV Private Equity and its related affiliated companies and its or their partners, members, directors, officers and employees, as the context requires. “You”, or “your” refers to you and any authorised person acting on your behalf.

EVPE is committed to maintaining, protecting and respecting your privacy and the confidentiality, integrity and security of personal information about yourself or others that you may provide. If you do give us any personal information about yourself or others, we are committed to treating it securely, fairly and lawfully.

This Privacy Policy Notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, and how we comply with our responsibilities under applicable data protection laws and regulations, (“Data Protection Laws and Regulations“).

The “Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Union (“EU”), the European Economic Area (“EEA”) and their member states, the United Kingdom and the United States, including the General Data Protection Regulation 2016/679/EU (“GDPR”) and the Data Protection Act 2018 (“DPA”) in the UK and the corresponding legislation in Norway or their successors, applicable to the protection of natural persons with regard to the processing of personal data (as defined under the GDPR) and on the free movement of such data and under the Terms of Use of this site.

Please read this Privacy Policy Notice carefully.

THE DATA CONTROLLERS

For the purpose of the Data Protection Laws and Regulations, the data controller of the personal data you submit to this site is EV Private Equity IV AS in Norway and together with EV Private Equity Limited in the United Kingdom, are responsible for, and control the processing of, your personal information.

Further information can be obtained by contacting us. (See the “How to Contact Us” section below.)

Details of the EV related affiliates can be obtained by contacting us. (See the “How to Contact Us” section below.)

WHAT THIS PRIVACY POLICY NOTICE COVERS

We may collect, record and process the following categories of personal data:

3.1 Investor/Client Information

This covers any personal data relating to our customers, clients, investors and related contacts. The data that we may collect, record and process may include contact details (including name, title, address, telephone number, personal email address), date of birth, copies of passport, driving licences and utility bills, national insurance number (or equivalent), bank account details and details relating to investment activity.

3.2 Business Contact Information

This covers any personal data relating to our business contacts. The data that we may collect, record and process may include data about contacts provided including name, date of birth, address, email address, telephone numbers, the place of work and job title.

3.3 Website Information

This covers any personal data relating to any visitors to our site. The data that we may collect, record and process may include technical data (including internet protocol (“IP”) address, source of access to the website, login data, browser type and version, time zone setting and location, operating system and platform and other technology on the devices used to access our website, usage data (including information about how the website is used) and marketing and communications preferences (including preferences in receiving marketing and other communication preferences).

Our website sets out the cookies we use in order to collect any data.

We do not collect, record and process “special categories” of sensitive personal data from our website. This includes details about race or ethnicity, religious or philosophical beliefs, criminal convictions and offences.

This Privacy Policy Notice also covers the home page, any splash page and all other pages under the domain name https://www.evprivateequity.no/ (our “site”) and all content contained on those pages. This Privacy Policy Notice (together with our site’s Terms of Use and any other agreements referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed and used by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

If you do not agree with the terms of this Privacy Policy Notice, please do not use our site, https://www.evprivateequity.no/.

CONFIDENTIALITY

We acknowledge that the information you provide us may be confidential. We do not sell, rent, distribute or otherwise make your personal data commercially available to any third party, except that we may share information with our service providers for the purposes set out in this Privacy Policy Notice. We will maintain the confidentiality of and protect your information in accordance with our Privacy Policy Notice and all applicable Data Protection Laws and Regulations.

INFORMATION WE MAY COLLECT FROM YOU
You may give us information about you by filling in forms on our site or forms that we have given to you to fill in, by corresponding with us via telephone, email, facsimile or otherwise. This includes information you provide when you register to use our site, log in to a service, when you report an issue with our site and/or you subscribe to a service and/or a product provided by us.

The information you give us may include:

Your name;
Your email address;
Your telephone number;
Your date of birth;
Your gender;
Your financial information;
The information about your investment strategies, objectives and risk tolerances;
Your credit card information and/or your bank account details; and
Any further personal information required as part of the provision of our services or required as part of a product application or which you share through our site.
Information we collect about you

Each time you visit our site we may automatically collect the following information:

Technical information including the internet protocol (“IP”) address used to connect your computer to the internet, your log-in information, browser type and version, time zone setting, operating system and platform; and
information about your visit, including the Uniform Resource Locators (“URL”) clickstream to, through and from our site (including date and time); items you searched for; page response times; download errors, length of time spent on pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page and any phone number used to call us.

We also use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.

INFORMATION WE RECEIVE FROM OTHER SOURCES

We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, criminal records check agencies). We receive personal data from these third parties from time to time. We may combine this information with information you give to us and information we collect about you. We may use this information and combined information for the purposes set out below (depending on the types of information we receive).

Monitoring and recording communications
We may monitor and record communications with you (such as telephone conversations, emails and other electronic communications) for the purpose of quality assurance, training, fraud prevention and compliance with our obligations under applicable legislation.

Personal information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:

Give consent on his/her behalf to the processing of his/her personal data;
Receive on his/her behalf any data protection notices; and
Give consent to the processing of his/her personal data which may include all of the information listed above.

COOKIES
Our site uses cookies to distinguish you from other users of our site and to make the site work more efficiently. For detailed information on the cookies we use and the purposes for which we use them please refer to our website.

HOW WE USE YOUR INFORMATION

We use information which you have given to us and we have collected and hold about you in the following ways:

To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
To provide and improve our services to you;
To comply with our legal obligations to carry out identity and anti-money laundering checks;
To maintain our statutory registers;
To manage our relationship with you and our clients;
To process and respond to inquiries;
To alert you to new features, special events, and service offerings;
To provide you with information about other products and services that we offer that are similar to those that you have already purchased or enquired about;
To provide you, or permit selected third parties to provide you with information about products or services we feel may interest you;
To notify you about changes to our service;
To allow you to participate in interactive features of our service, when you choose to do so;
To measure or understand the effectiveness of marketing communications, advertising and or financial promotions we serve to you and others, and to deliver relevant marketing communications, advertising and or financial promotions to you;
To ensure that content from our site is presented in the most effective manner for you and for your computer;
To administer our site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes;
As part of our efforts to keep our site safe and secure;
To market our services; and
For other legitimate business purposes.

LEGAL BASIS FOR PROCESSING
We need to use the personal data to enable us to perform our contract with you (“Contract”) and/or to enable us to comply with legal obligations (“Legal”). In some cases we may use your personal data to pursue legitimate interests of the Firm or those of third parties (“Legitimate Interest”), provided your interests and fundamental rights do not override those interests.

Some of the reasons for processing will overlap and there may be several grounds which justify our use of your personal data. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

We do not anticipate being required to obtain your consent for the processing of your personal data. If we consider it necessary to use your personal data for other purposes which do require your consent, we will contact you to request this consent.

In such circumstances, we will provide you with full details of the personal data that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.

Providing your consent is not a condition of any contractual agreement with us. If you decide to provide your consent, you have the right to withdraw your consent at any time, although that will not affect the lawfulness of processes based on consent before its withdrawal.

To withdraw your consent, please contact our Data Protection Officer (“DPO”), see the “How to Contact Us” section below.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

MARKETING
We would like to send you information by post, email, telephone, text message (“SMS”) or automated calls about our products, services and/or news which may be of interest to you. Other related affiliates may also send you similar marketing messages, depending on what you agree with us. We will only ask whether you would like us to send you marketing communications when you tick the relevant boxes when you signed an agreement with us or filled out a form provided by us or on our site.

You can change your preferences for receiving marketing communications and other information from us at any time. You can unsubscribe at any time through either an automated online service or, if this is not available, by the method referred to in the footer of sent marketing communications, or by contacting us. (See the “How to Contact Us” section below.)

Email marketing messages may contain tracking beacons and/or tracked clickable links or similar server technologies in order to track subscriber activity. Where used, such marketing communications may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.

If you have consented to such receive marketing communications from us, you can opt out at any time. See the “Your Rights” section below for further information.

Please note that we may use your marketing and content preferences, and other information you provide to us (including details of your attendance at, or interest in, events) in order to build a profile for you. We may supplement this profile with information about how you use our site, review our content and interact with us. We use this profile to try and ensure that you only receive information that you are likely to find of interest.

IDENTITY AND ANTI-MONEY LAUNDERING CHECKING
We may do an identity check on you:

So that we and other related affiliates can verify your identity; and
To prevent and detect fraud and money laundering.
If you provide false or inaccurate information to us and we suspect fraud, we will record this.

If you want to see your identity check, please contact us using the contact information below and we will provide you with the details of the agencies which we use so that you can contact them directly to obtain the relevant information.

DISCLOSURE OF YOUR INFORMATION
We may disclose your personal data to another entity for the purposes of outsourcing one or more of the services provided by us; or, to confirm or update information provided by you; or to inform you of events, information about our services, and other important information, or for other purposes disclosed at or before the time the information is collected. We may share your information when legally required to do so.

We may share your personal information with:

Other companies affiliated with us;
Our agents and service providers (including custodians);
Our business partners in accordance with the “Marketing and opting out” section above;
Suppliers and sub-contractors for the performance of any contract we enter into with them or you;
In the event that we buy or sell any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, where requested by regulatory agencies, or in order to enforce or apply our Terms and Conditions and other agreements or to protect the rights, property or safety of EV and its affiliated entities. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
Financial institutions and other similar organisations that we deal with in the course of the services we offer; and
Auditors, accountants, legal counsel or contractors or other advisers auditing, assisting with or advising on any of our business purposes, in any jurisdiction where we operate.
When we share your information with third parties they will process your information either as a data controller or as our data processor and this will depend on the purpose of our sharing the personal data. We will only share your personal data in compliance with the applicable data protection legislation and the Data Protection Laws and Regulations.

A list of our selected third parties with whom we may share your information is available by contacting our DPO, please see “Contact Us” below.

WHERE WE STORE YOUR PERSONAL DATA
All information you provide to us is stored on our secure servers located in the EEA.

SECURITY
We have put in place what we consider to be appropriate security measures against unlawful or unauthorised processing of the personal data we hold about you, and against the accidental loss of, or damage to, such personal data.

We use both technical and procedural methods to maintain the integrity and security of our databases, including firewalls. But please be aware though that no security measures are perfect or impenetrable.

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.

We will not be responsible or liable for any damages, losses or causes of action arising out of or in connection with the disclosure of your personally identifiable information.

If you have any particular concerns about your information, please contact us (see “How to Contact Us” section below).

You are responsible for keeping your password, user name and other log-in identity details secure and confidential.

If you want detailed information on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org or www.nettvett.no. Get Safe Online is supported in the United Kingdom by HM Government and leading businesses and Nettvett is supported by the Norwegian public authorities.

ACCURACY OF PERSONAL DATA
We will try to ensure that the information we hold about you is accurate and kept up-to-date by contacting you at regular intervals and asking you to confirm that this is the case, or if not, to provide us with updated details. However, if at any time you believe that any information we are holding about you is inaccurate, out-of-date or incomplete, you can notify us (please see “Contact Us” section below), as soon as possible. We will promptly correct or delete any information found to be incorrect.

TRANSFERS OF YOUR INFORMATION OUT OF THE EEA
We operate internationally and, as such, personally identifiable information may be used in countries outside of the European Economic Area (“EEA“), which may not have data protection regulations as stringent as those in Europe.

When you signed up for our services and entered into an agreement with us in respect of those services and provided your personal data to us, you agreed that we may transfer your personal data to countries located outside the EEA for the purposes as set out in your agreement with us and to each jurisdiction in which we conduct business, or has a service provider, for the purposes set out in this Privacy Policy Notice.

Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data including entering into European Commission (“EC”) approved contracts that that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach.

Details of any third parties located outside of the EEA to which your personal data is transferred will be communicated to you in accordance with the terms of the agreement with you. We do not transfer your information outside of the EEA other than in accordance with an agreement you have with us.

ACCESS AND YOUR RIGHTS
You have:

The right to ask us to stop contacting you with direct marketing
Even if you have accepted the processing of your personal data for marketing communication purposes (by ticking the relevant box), you have the right to ask us to stop processing your personal data for such purposes.

Let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).

You can exercise this right at any time by contacting us, please see “Contact Us” section below.

The right to request a copy of your information
You can request a copy of your information which we hold (this is known as a “Data Subject Access Request” or “DSAR”).

If you would like a copy of some or all of your information, please contact us (see section below) and let us know the specific information you want a copy of.

Any data subject access request may be subject to a reasonable fee to cover the administration cost of providing you with details of the information we hold about you.

The right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please contact us at (see section below); and let us know the specific information that is incorrect and the specific information you want it replaced with.

The right to request we cease processing your information
You may request that we cease processing your personal data. If you make such a request, we shall retain only the amount of personal data pertaining you that is necessary to ensure that no further processing of your personal data takes place.

The right to request deletion of your information
You can ask us to erase all your personal data (also known as the “right to be forgotten”) in the following circumstances:

It is no longer necessary for us to hold that personal data with respect to the purpose for which it was originally collected or processed;
You wish to withdraw your consent to us holding and processing your personal data;
You object to us holding and processing your personal data (and there is no overriding legitimate interest to allow us to continue doing so);
The personal data has been processed unlawfully; or
The personal data needs to be erased in order for us to comply with a particular legal obligation.
Unless we have reasonable grounds to refuse to erase your personal data, all requests for erasure shall be complied with.

CHANGES TO OUR PRIVACY POLICY NOTICE
We may change this Privacy Policy Notice from time to time. Any changes to our Privacy Policy Notice in the future will be posted on our site (https://www.evprivateequity.no/) and where appropriate notified to you in writing or by email. Please refer back frequently to our site to see any updates or changes to our Privacy Policy Notice.

HOW TO CONTACT US
If you have any questions about this Privacy Policy Notice or the information we hold about you, or you wish to submit a Data Subject Access Request or raise a complaint about the way your personal data has been handled, please contact our Data Protection Officer at the following EV entities:

EV Private Equity IV AS
P.O. Box 202

4001 Stavanger

Norway

Or call on 00 47 51 84 12 95

EV Private Equity Limited
15 Albert Street

Aberdeen

AB25 1XX

United Kingdom

Or call 00 44 (0)1224 628 280

Or email dpo@evpe.com

EV Private Equity IV AS is registered with Norway’s data protection regulatory authority, the Norwegian Data Protection Authority (“NDPA”) under the following NDPA Registration Number: 993892955.

EV Private Equity Limited is registered with the United Kingdom’s data protection regulatory authority, the Information Commissioner’s Office (“ICO”) under the following ICO Registration Number: ZA462305. For more details, please see https://ico.org.uk/ESDWebPages/Entry/ZA462305.

COMPLAINTS
If you are not satisfied with our response to any queries or complaints you raise with us or believe we are not processing your personal data in accordance with the Data Protection Laws and Regulations, in the United Kingdom, you have the right to lodge a complaint at the ICO (https://ico.org.uk/) or by the link https://ico.org.uk/make-a-complaint/. And in Norway, you have the right to lodge a complaint at Datatilsynet (“NDPA”) (https://www.datatilsynet.no) or by the link https://www.datatilsynet.no/om-datatilsynet/kontakt-oss/hvordan-kan-jeg-klage-til-datatilsynet/.