Last Modified: May 2021
Visitors who are residents of California should refer to our California Electronic Communications Privacy Policy supplement.
Visitors who are residents of the United Kingdom, the European Union or the European Economic Area should refer to our EU Privacy Notice supplement.
1. Introduction
Nexa Equity LLC and its affiliated entities (together, “Nexa” and referred to in this Privacy Policy using the pronouns “we,” “us” and “our”) is committed to respecting your personal privacy and recognizes that you may be concerned about the information you provide to us and how we treat that information.
This Privacy Policy has been established to inform you of our practices for collecting, using, maintaining, protecting, and disclosing information that we obtain from you in connection with your use of this website and its sub-pages (the “Site”), whether through a personal computer, mobile device, or otherwise. By entering the Site or by transmitting any information to the Site you acknowledge and agree to all of the terms and conditions of this Privacy Policy. Please read them carefully. This Privacy Policy is incorporated into, and part of, the Terms and Conditions, which govern your use of the Site in general.
2. What is Personally Identifiable Information?
Personally identifiable information (“PII”) is information about an individual, which may include first and last name, physical street address, email address, telephone number, Social Security number, payment card information, birth date, employment history, veteran status, certain health related data, passport information and photographs, or any other information that permits a specific individual to be contacted physically or online or otherwise personally identified. PII does not include aggregated information that does not allow a person in possession of such information to identify you individually.
3. The Personal Information We Collect and How We Use It
We may collect various types of information from users of this website. For example, knowing how users use our website – tracking their movement through this website – helps us improve website design and usefulness. As a result, Nexa’s server collects general data pertaining to users, including the length of time spent on this website, the pages accessed while visiting the website and Internet Protocol (IP) addresses. Nexa generally does not, however, collect any personally identifiable information such as names, home addresses or e-mail addresses from users of this website, unless a user submits such information to us via our “Contact” page. In addition, when you use the Site a “cookie” may be used, as further described below.
4. Sharing of PII
To the extent that you provide us with any personally identifiable information through or in connection with this website, we may use such information for Nexa’s business purposes, but will not disclose any personally identifiable information about you to anyone, except as permitted or required by law or regulation and to service providers. In providing personally identifiable information to Nexa, you consent to Nexa’s use of such personally identifiable information for the purposes described in this Privacy Policy.
5. Use of Cookies
In common with many websites, we or our service providers may use “cookies” in connection with your access to, and use of, the Site. A “cookie” is a small data file that can be placed on the hard drive of your computer and helps us to enhance your use of the Site. The only cookie we use is stored only in temporary memory of your device and is deleted when you close the web browser used to access the site. You can delete cookies at any time, or you can set your browser to reject or disable cookies. The only cookie we use checks whether your web browser is set to allow or reject cookies and is used to ensure the Site functions correctly and operates efficiently when you use it, and does not otherwise collect PII or track your use of other websites or online activity.
6. Capacity
You represent to Nexa that you have the authority to visit this website according to the Terms and Conditions. The Site is only intended for individuals who are at least 18 years of age. We do not knowingly encourage or solicit visitors to our Site who are under the age of 18 without parental consent. If we learn we have collected or received PII from an individual under the age of 18, we will delete that information.
7. Security
We implement security measures designed to protect any PII submitted by or collected from you from unauthorized access. We further protect your PII from potential security breaches by implementing certain technological security measures in accordance with generally accepted industry practices. However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by breach of such firewalls and secure server software. By using the Site, you acknowledge that you understand and agree to assume these risks.
8. Unsubscribe, Access, Questions and Further Information
You will have an opportunity to unsubscribe from our marketing email communications whenever such email communications are sent.
9. Data Retention
We may retain PII we collect from you and PII you provide to us in connection with our internal record-keeping policies and as reasonably necessary to comply with our legal obligations and regulatory requirements, resolve disputes, prevent fraud or abuse and enforce our Privacy Policy and Terms and Conditions.
Notwithstanding the foregoing, information we collect from you and information you provide to us may be retained for a limited period of time if requested by a governmental authority.
10. Links
The Site may contain links or references to other websites outside of our control. Please be aware that we have no control over these sites and this Privacy Policy does not apply to these sites. We encourage you to read the privacy policies/statements and terms and conditions of linked or referenced sites that you enter.
11. Changes to Our Privacy Policy
We may amend and update this Privacy Policy from time to time. All changes are effective immediately when we post them, and apply to all access to and use of the Site thereafter. The date the Privacy Policy was last revised is identified at the top of the page. Your continued access of the Site following the posting of changes to this Privacy Policy constitutes your acceptance and agreement to the changes. If you object to any of the changes to this Privacy Policy, please cease accessing the Site. Please check this page frequently and review any changes to this Privacy Policy carefully so you are aware of any changes, as they are binding on you.
12. Contact Information
If you have questions or concerns regarding this Privacy Policy, please contact us by emailing us at info@nexaequity.com.
EU PRIVACY NOTICE
Last Modified: May 2021
This EU Privacy Notice (this “EU Privacy Notice”) applies to the extent that EU Data Protection Legislation (as defined below) applies to the processing of personal data by an Authorized Entity (as defined below) or to the extent that a data subject is a resident of the United Kingdom (the “UK”), the European Union (the “EU”) or the European Economic Area (the “EEA”). If this EU Privacy Notice applies, the data subject has certain rights with respect to such personal data, as outlined below.
For this EU Privacy Notice, “EU Data Protection Legislation” means all applicable legislation and regulations relating to the protection of personal data in force from time to time in the EU, the EEA or the UK, including the following: the Data Protection Directive (95/46/EC), the Privacy and Electronic Communications (EC Directive) Regulations 2003, the Data Protection (Processing of Sensitive Personal Data) Order 2000, any other legislation that implements any other current or future legal act of the EU concerning the protection and processing of personal data (including Regulation (EU) 2016/679 (the General Data Protection Regulation) and any national implementing or successor legislation) and any amendment or re-enactment of the foregoing. The terms “data controller,” “data processor,” “data subject,” “personal data” and “processing” in this EU Privacy Notice shall be interpreted in accordance with the applicable EU Data Protection Legislation. Unless the context otherwise requires, as used herein the words “include,” “includes” and “including” shall be deemed to be followed by the phrase “without limitation.” All references to “investor(s)” in this EU Privacy Notice shall be to such actual or potential investor(s) and, as applicable, any of such investor(s)’ partners, officers, directors, employees, shareholders, members, managers, ultimate beneficial owners and affiliates.
Please direct any questions arising out of this EU Privacy Notice to Nexa Equity LLC (the “Management Company” and, collectively with its affiliated investment advisory entities, “Nexa”) by emailing us at info@nexaequity.com.
Categories of Personal Data Collected and Lawful Bases for Processing
In connection with offering, forming and operating private investment funds for investors, the applicable private fund, the general partner, the Management Company, their respective affiliates and, in each case, their respective administrators, legal and other advisors and agents (the “Authorized Entities”) collect, record, store, adapt and otherwise process and use personal data, either relating to investors or to any other data subjects, including from the following sources:
(1) information received in telephone conversations, in voicemails, through written correspondence, via e-mail or on subscription agreements, investor questionnaires, applications or other forms (including, without limitation, any anti-money laundering, identification and verification documentation);
(2) information about transactions with any Authorized Entity or others;
(3) information captured on any Authorized Entity’s website, including registration information and any information captured via “cookies”; and
(4) information from publicly available sources, including from:
(a) publicly available and accessible directories and sources;
(b) bankruptcy registers;
(c) tax authorities, including those that are based outside the UK and the EEA if you are subject to tax in another jurisdiction;
(d) governmental and competent regulatory authorities to whom any Authorized Entity has regulatory obligations;
(e) credit agencies; and
(f) fraud prevention and detection agencies and organizations.
Any Authorized Entity may process the following categories of personal data:
(1) names, dates of birth and birthplace;
(2) contact details and professional addresses (including physical address, email address and telephone number);
(3) account data and other information contained in any document provided by investors or potential investors to the Authorized Entities (whether directly or indirectly);
(4) risk tolerance, transaction history, investment experience and investment activity;
(5) information regarding an investor’s or potential investor’s status under various laws and regulations, including their social security number, tax status, income and assets;
(6) accounts and transactions with other institutions;
(7) information regarding an investor’s or potential investor’s interest in the applicable fund(s), including ownership percentage, capital investment, income and losses;
(8) information regarding an investor’s or potential investor’s citizenship and location of residence;
(9) source of funds used to make the investment in the applicable fund(s); and
(10) anti-money laundering, identification (including passport and drivers’ license) and verification documentation.
Any Authorized Entity may, in certain circumstances, combine personal data it receives from an investor with other information that it collects from or about such investor. This will include information collected in an online or offline context. In addition, personal data of investors could be processed and controlled irrespective of whether such investor is admitted to a fund.
One or more of the Authorized Entities are “data controllers” of personal data collected in connection with the applicable fund(s). In simple terms, this means such Authorized Entities: (a) “control” the personal data that they or other Authorized Entities collect from investors or other sources; and (b) make certain decisions on how to use and protect such personal data.
There is a need to process personal data for the purposes set out in this EU Privacy Notice as a matter of contractual necessity under or in connection with the applicable agreement of limited partnership or other governing agreement (the “Partnership Agreement”) and associated documentation for the fund(s) in which the data subject has or may invest, and in the legitimate interests of the Authorized Entities (or those of a third party) to operate their respective businesses. From time to time, an Authorized Entity may need to process the personal data on other legal bases, including: with consent; to comply with a legal obligation; if it is necessary to protect the vital interests of an investor or other data subjects; or if it is necessary for a task carried out in the public interest.
A failure to provide the personal data requested to fulfill the purposes described in this EU Privacy Notice may result in the applicable Authorized Entities being unable to provide the services as contemplated by the Partnership Agreement and/or an investor’s subscription agreement (the “Subscription Agreement”).
Purpose of Processing
The applicable Authorized Entities process the personal data for the following purposes (and in respect of paragraphs (3), (4) and (6), in the legitimate interests of the Authorized Entities):
(1) The performance of obligations under the Fund Agreement and/or the Subscription Agreement (and all applicable anti-money laundering, KYC and other related laws and regulations) in assessing suitability of potential investors in the applicable fund.
(2) The administrative processes (and related communication) carried out between the Authorized Entities in preparing for the admission of investors to the applicable fund.
(3) Ongoing communication with investors or potential investors, their representatives, advisors and agents, (including the negotiation, preparation and signature of documentation) during the process of admitting investors to the applicable fund.
(4) The ongoing administrative, accounting, reporting and other processes and communication required to operate the business of the applicable fund in accordance with the Fund Agreement and other applicable documentation between the parties.
(5) Any legal or regulatory requirement.
(6) Keeping investors informed about the business of the general partner of the applicable fund and its affiliates generally, including offering opportunities to make investments other than to the applicable fund.
(7) Any other purpose that has been notified, or has been agreed, in writing.
The Authorized Entities monitor communications where the law requires them to do so. The Authorized Entities also monitor communications, where required to do so, to comply with regulatory rules and practices and, where not prohibited to do so, to protect their respective businesses and the security of their respective systems.
Sharing and Transfers of Personal Data
In addition to disclosing personal data amongst themselves, any Authorized Entity may disclose personal data, where not prohibited by EU Data Protection Legislation, to other service providers, employees, agents, contractors, consultants, professional advisors, lenders, data processors and persons employed and/or retained by them in order to fulfill the purposes described in this EU Privacy Notice. In addition, any Authorized Entity may share personal data with regulatory bodies having competent jurisdiction over them, as well as with tax authorities, auditors and tax advisors (where necessary or advisable to comply with law).
Any Authorized Entity may transfer personal data to a Non-Equivalent Country (as defined below), in order to fulfill the purposes described in this EU Privacy Notice and in accordance with applicable law, including where such transfer is a matter of contractual necessity to enter into, perform and administer the Subscription Agreement and Partnership Agreement, and to implement requested pre-contractual measures. For information on the safeguards applied to such transfers, please contact Nexa. For the purposes of this EU Privacy Notice, “Non-Equivalent Country” shall mean a country or territory other than (a) a member state of the EEA; or (b) a country or territory which has at the relevant time been decided by the European Commission in accordance with EU Data Protection Legislation to ensure an adequate level of protection for personal data.
Retention and Security of Personal Data
Nexa and its affiliates consider the protection of personal data to be a sound business practice, and to that end, employ appropriate technical and organizational measures, including robust physical, electronic and procedural safeguards to protect personal data in their possession or under their control.
Personal data may be kept for as long as it is required or advisable for legitimate business purposes, to perform contractual obligations or, where longer, as long as is required to comply with applicable legal or regulatory obligations. Personal data will be retained throughout the life cycle of any investment in a fund managed by Nexa. However, some personal data will be retained after a data subject ceases to be an investor in such fund.
Data Subject Rights
It is acknowledged that, subject to applicable EU Data Protection Legislation, the data subjects to which personal data relates have the following rights under EU Data Protection Legislation: to obtain information about, or (where applicable) withdraw any consent given in relation to, the processing of their personal data; to access and receive a copy of their personal data; to request rectification of their personal data; to request erasure of their personal data; to exercise their right to data portability; and to exercise their right not to be subject to automated decision-making. Please note that the right to erasure is not absolute, and it may not always be possible to erase personal data on request, including where the personal data must be retained to comply with a legal obligation. In addition, erasure of the personal data requested to fulfill the purposes described in this EU Privacy Notice may result in the inability to provide the services as contemplated by the Partnership Agreement and/or the Subscription Agreement.
In case a data subject to whom personal data relates disagrees with the way in which his or her personal data is being processed in relation to the Partnership Agreement and/or the Subscription Agreement, the data subject has the right to object to this processing of personal data and request restriction of the processing. The data subject may also lodge a complaint with the competent data protection supervisory authority in the relevant jurisdiction.
A data subject may raise any request relating to the processing of his or her personal data with Nexa at the contact information provided above.
CALIFORNIA ELECTRONIC COMMUNICATIONS PRIVACY POLICY
Last Modified: May 2021
This California Electronic Communications Privacy Policy supplements the Privacy Policy with respect to specific rights granted under the California Consumer Privacy Act of 2018 (as amended, the “CCPA”) to natural person California residents and provides information regarding how such California residents can exercise their rights under the CCPA. This supplement is only relevant to you if you are a resident of California as determined in accordance with the CCPA. Information required to be disclosed to California residents under the CCPA regarding the collection of their personal information that is not set forth in this CCPA supplement is otherwise set forth in the Privacy Policy. To the extent there is any conflict with the privacy requirements under the Gramm-Leach-Bliley Act and/or Regulation S-P (“GLB Rights”), GLB Rights shall apply.
What does this Electronic Communications Privacy Policy apply to?
This Electronic Communications Privacy Policy applies solely to your interactions with us through our Website (as defined below). If you provide personal information to us through another means (e.g., as an employee or seeking employment, as a client, or as an investor) you will receive a separate privacy notice and that notice will govern that personal information.
What information do we collect about you?
We collect limited types of personal information through our website and investor reporting portals, as well as through other electronic communications (e.g., emails or social media messaging), as applicable (collectively, the “Website”). The types of personal information we collect about you depends on the nature of your interaction with us. The categories of personal information we have collected from individuals on this Website over the last twelve (12) months include the following:
- Identifiers, such as name, contact details and address (including physical address, email address and Internet Protocol address);
- Other customer records, such as telephone number and personal information provided in connection with obtaining account access;
- Commercial information, such as account data;
- Professional or employment-related information;
- Education information;
- Internet or other electronic network activity information, such as information regarding your use of our Website (e.g., cookies, browsing history and/or search history), as well as information you provide to us when you correspond with us in relation to inquiries.
We do not knowingly collect or solicit personal information from anyone under the age of 18.
How do we obtain your personal information?
In connection with forming and operating our Website, we collect and maintain your nonpublic personal information from the following sources:
- Information from your communications with us in connection with this Website, including any update notices provided by you.
- Information captured on our Website, including registration information, information provided through online forms and any information captured via cookies.
We may combine personal information that you provide to us with information that we collect from or about you from publicly available sources. This will include information collected in an online or offline context.
How do we use your personal information?
We will use your personal information for one or more of the following business purposes:
- To perform services for you.
- To improve our Website and the products and services that we offer and notify you about changes to our products and services.
- To communicate with you, including responding to requests for information submitted by you through our Website.
- To keep a record of your relationship with us.
For ongoing operations, administrative, accounting, reporting, account maintenance and other processes. - To audit and verify the quality and effectiveness of our services and compliance.
- To detect security incidents and to protect against malicious, deceptive, fraudulent, or illegal activity.
- To generally comply with U.S., state, local and non-U.S. laws, rules and regulations.
Additionally, we may use your personal information to keep you informed of our products and services, if you have provided your consent to us doing so or where we have an existing relationship with you and we wish to contact you about products and services similar to those which we provide you, in which you may be interested. You may opt-in to certain kinds of marketing, or all forms of marketing at any time, by contacting us and you may unsubscribe to receiving emails by clicking on the “opt-out” or “unsubscribe” link provided in all our marketing emails
Who do we share your personal information with?
We do not sell any of the personal information we collect about you to third parties.
We do not disclose any nonpublic personal information about you to anyone, except as permitted or required by law or regulation and to affiliates and service providers, including but not limited to administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. We may also disclose your information to other parties as may be required by law or regulation, or in response to regulatory inquiries.
Within the last twelve (12) months, we have shared each of the categories of personal information collected in connection with this website with affiliates and service providers as set forth above in
“What information do we collect about you?”
We may also share your personal information with applicable third parties in the event of a reorganization, merger, sale, acquisition, assignment, bankruptcy proceeding, or other disposition of all or a portion of our business, assets or shares.
How do we keep your personal information secure?
We consider the protection of sensitive information to be a sound business practice, and to that end we employ appropriate organizational, physical, technical and procedural safeguards, which seek to protect your personal information in our possession or under our control to the extent possible from unauthorized access and improper use.
Your rights under the CCPA
Deletion Rights: You have the right to request that we delete any of your personal information that we retain, subject to certain statutory exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing if we cannot comply with a specific request and provide an explanation of the reasons.
Disclosure and Access Rights: You have the right to request that we disclose to you certain information regarding our collection and use of personal information specific to you over the last twelve (12) months. Such information includes:
- the categories of personal information we collected about you;
- the categories of sources from which the personal information is collected;
- our business or commercial purpose for collecting such personal information;
- the categories of third parties with whom we share the personal information;
- the specific pieces of personal information we have collected about you; and
- whether we disclosed your personal information to a third party, and, if yes, the categories of personal information that each recipient obtained.
No Discrimination: We will not discriminate against you for exercising your rights under the CCPA, including by denying service, suggesting that you will receive, or charging, different rates for services or suggesting that you will receive, or providing, a different level or quality of service to you.
How to Exercise Your Rights: To exercise any of your rights under the CCPA, or to access this notice in an alternative format, please submit a request on your behalf using any of the methods set forth in the Contact us section below.
Contact us
For any requests relating to the exercise of your rights under the CCPA, or questions regarding our processing of your personal information, please submit or have your authorized representative submit a request using any of the methods set forth below.
To contact us by telephone without incurring telephone charges, please submit your request and telephone number by email at the following address: info@nexaequity.com, and we will call you between 9 a.m. and 6 p.m. Pacific Time.
Submit a request online using the online contact form at: https://www.nexaequity.com
We will contact you to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request further information or your investor portal access credentials, if applicable, in order to verify your request. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent’s authority to make requests on your behalf, and we may verify such authorized person’s identity using the procedures above.
Our goal is to respond to any verifiable consumer request within forty-five (45) days of our receipt of such request, but in certain cases, additional time might be required. Please contact us with any questions about this California Electronic Communications Privacy Policy.