Client Privacy Notice

Last Revision Date – March 2018

Introduction
This notice (the “Notice”) is provided by each of the entities listed in the Appendix (together “Pantheon”, “us” or “we”). This Notice is addressed to any natural person who is any of the following: a client of Pantheon Group1 or an investor in any fund managed or advised by Pantheon Group (a “Pantheon Fund”), or a member, partner, shareholder, beneficial owner, officer, director, employee or other representative of any client of Pantheon Group or of any investor in any Pantheon Fund, including any prospective client or investor (“you”) whose personal information Pantheon collects and controls in the conduct of its business.

This Notice gives information regarding your personal information (defined as “personal data” under the Privacy Laws (defined below)) and describes the basis on which we process your personal information, for what purposes, your privacy rights under applicable privacy laws including, where applicable, under General Data Protection Regulation (“GDPR“) and other UK and European data privacy laws and applicable US privacy laws (the “Privacy Laws”) and how we protect your personal information. Maintaining your privacy is important to us and we hold ourselves to the highest standards in its safekeeping and use. We have developed policies designed to protect the confidentiality, while allowing the needs of investors and clients to be served.

The information we collect
In the conduct of our business, we may obtain personal information about you in connection with any person’s existing or proposed appointment or engagement of Pantheon or existing or proposed investment in a Pantheon Fund (any such person being a “Pantheon Client”), including without limitation your name, date of birth address and other contact details, social security number, tax or other identification number, identity documents and information about your income, assets and other financial information. This information may come from sources such as application, subscription or other forms or material completed or supplied by actual or prospective Pantheon Clients, other written, electronic or verbal correspondence which relate to transactions by or on behalf of a Pantheon Client as well as financial information relating to any such person’s investment in a Pantheon Fund or any portfolio investments, such as capital account balance, contributions, income allocations and distributions. We may also collect personal information provided by you in calls which are recorded by us, as required by applicable laws. We may also collect special categories of personal data (as defined in the GDPR and including health, disability and religious or ethnicity information) where provided by you, with your consent, such as disability information or religious data for purposes required by you such as scheduling of meetings or access to Pantheon or Pantheon Group premises.

How we use information that we collect
We collect your personal information to fulfil our contractual obligations, our statutory obligations and/or the legitimate interests of Pantheon and for other purposes for which Pantheon has a lawful basis under the Privacy Laws, including: (i) for compliance with legal and regulatory requirements such as regulations aimed at prevention of money laundering or terrorist financing or “Know your Customer” requirements, as well as to verify the status and / or eligibility of Pantheon Clients for funds or services offered by Pantheon and for compliance with tax reporting requirements; (ii) for purposes of reporting to, or communicating with, Pantheon Clients concerning their investment in Pantheon Funds or appointment or engagement of Pantheon consistent with our obligations to such Pantheon Clients; (iii) in connection with our investment activities, including investment due diligence or investment monitoring activities or in response to “Know your Customer” requirements of counter-parties; (iv) in connection with litigation, investigations, regulatory or governmental enquiries or for other legal or regulatory purposes involving Pantheon, Pantheon Funds or Pantheon Clients; and (v) for other legitimate business interests. If you have provided special categories of personal data to us to enable us to respond to certain requests by you such as access requests or scheduling of meetings or similar requirements, we do so with your consent.

In addition, we may, and only with your consent, process your personal information in order to communicate with you for marketing purposes. In this event, we may provide additional information that we believe may be of interest, including about funds or services, news updates, research or market commentary, conferences, or events offered by or in conjunction with Pantheon. You have the right to unsubscribe when you have provided your consent to receive these communications by emailing infosec@pantheon.com or by following the instructions in any such communication, e.g. by clicking on the link to unsubscribe.

The Disclosure of your Information
Within the Group. We may share your personal information with Pantheon Group entities including with Pantheon Funds for any of the purposes set forth above. Our group entities, in turn, are not permitted to share your information with other non-affiliates entities, except as described herein or otherwise permitted by the Privacy Laws or other applicable laws. The transfer of personal data from the UK and European Economic Area (“EEA”) to the Pantheon entities outside the UK and EEA is governed by data transfer agreements which are in the form of the standard contractual clauses approved by the European Commission (http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32004D0915) (http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087).

Outside the Group. We may share your personal information with non-affiliated third parties for any of the purposes set forth above. By way of example, we share your personal information with:

  • Service providers (e.g., attorneys, auditors, accountants, tax advisers, administrators, custodians, depositaries, distribution managers and brokerage firms, event organizers or other agent, adviser or service provider of any Pantheon Fund or Pantheon Client). As is common in the industry, non-affiliated third party companies may from time to time be used to provide certain services, such as administration services, tax compliance services, reporting, account statements and other information, organizing events, conducting research on client satisfaction and gathering shareholder proxies. These companies may have access to your personal information but are permitted to use the information solely to provide the specific service or as otherwise permitted by law.
  • Other counter-parties, including any portfolio fund, any vendor, any lender or any of their respective managers, general partners or investment advisers or administrators, or any of their respective agents or representatives or any affiliate of any of the foregoing. For example, we may share personal information with a prospective portfolio fund of any Pantheon Fund or Pantheon Client in order to respond to the anti-money laundering enquiries of such portfolio fund.

Where your personal information is processed by third parties outside the UK and EEA, we will ensure appropriate safeguards are in place to adequately protect it, as required by applicable law, including the execution of standard contractual clauses (referred to above) if the recipients are not located in a country with adequate data protection laws (as determined by the European Commission) or certified under the EU-US Privacy Shield framework.

Security
We take seriously the obligation to safeguard your non-public personal information. We maintain physical, electronic, and procedural safeguards to protect against unauthorized access to your information. Details of our IT security measures are set out in our Information Security Policy. We endeavor to restrict access to non-public personal information about you to those members, officers, employees and other workers of Pantheon and service providers who need access to that information. All of our employees and service providers are required to maintain the confidentiality of all nonpublic personal information.

Changes to this Notice
We may change this Notice from time to time. The latest version will be posted on our website.

Updating your details
If any of the information that you have provided to us changes, for example if you change your email address, please let us know by sending an email to infosec@pantheon.com.

Your rights
You have certain rights relating to the personal information we hold in accordance with and subject to the Privacy Laws to: (i) check whether we hold personal information about you and to access such data (in accordance with our policy); (ii) request the correction of personal information about you that is inaccurate; (iii) have a copy of the personal information we hold about you provided to you or another controller where technically feasible; (iv) request the erasure of your personal information; and (v) request the restriction of processing concerning you. To do so, please send your request to infosec@pantheon.com. You are required to ensure the personal information we hold about you is up-to-date and accurate and you must notify us of any changes to the personal data you provided to us in, for example in information supplied in relation to an investment in the applicable Pantheon Fund. If you provided consent for us to use your personal information, including for marketing purposes, you have the right to withdraw consent and we will process this withdrawal promptly.

Data Retention
We retain your personal information for a period of at least five years from the date on which the relevant business relationship, for which purpose such personal data was provided, has ended (or if later the date on which the last transaction was completed or the last entry to the record was made). Thereafter, Pantheon will delete (or otherwise erase, de-identify or pseudonymise or equivalent) any such personal data except as required or permitted by applicable law or regulation.

What if I have a question?
Please email infosec@pantheon.com if you have any questions about our privacy notice. You may also make a complaint, in accordance with applicable Privacy Laws to a supervisory authority. Our UK supervisory authority which is the Information Commissioner’s Office.

1Pantheon Group means Pantheon Ventures Inc., Pantheon Holdings Limited and their respective subsidiaries and subsidiary undertakings, including Pantheon Ventures (US) LP, Pantheon Ventures (UK) LLP and Pantheon Ventures (HK) LLP.