AQUIVEST GLOBAL HOLDINGS

Privacy Policy

How we collect, use, and protect information on aquivestglobal.com and in our business operations.

Effective date    April 24, 2026

Last updated    April 24, 2026

Jurisdiction    United States, European Union, United Kingdom, and other countries where we operate

 

1. Introduction

Aquivest Global Holdings ("Aquivest", "we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit aquivestglobal.com and any related subdomains (collectively, the "Website"), when you correspond with us by email or phone, when you engage with us as a prospective or existing investor, partner, vendor, or counterparty, and when you otherwise interact with Aquivest.

Aquivest is headquartered at 2100 Ross Avenue, Suite 2400, Dallas, Texas 75201, United States, with additional offices across North America, Europe, and Asia-Pacific. This Policy applies to personal information processed by Aquivest acting as a data controller. Where we process personal information on behalf of a portfolio company, fund vehicle, or third party, that entity's privacy notice governs.

2. Scope and Definitions

This Policy covers all personal information processed by Aquivest in connection with the Website and our commercial activities. For purposes of this Policy:

■  Personal information: any information relating to an identified or identifiable natural person, equivalent to the meaning of "personal data" under the EU General Data Protection Regulation ("GDPR") and "personal information" under the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA").

■  Sensitive personal information: personal information that reveals racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data, sex life or orientation, precise geolocation, Social Security or passport number, financial account credentials, or any category treated as sensitive or special under applicable law.

■  Processing: any operation performed on personal information, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, transmission, erasure, or destruction.

■  Data subject: the natural person to whom personal information relates. For U.S. state-law purposes, equivalent to "consumer" under CCPA/CPRA, "resident" under the Texas Data Privacy and Security Act, and similar terms under Virginia, Colorado, Connecticut, Utah, and other state privacy statutes.

3. Categories of Personal Information We Collect

Depending on your relationship with Aquivest, we may collect the following categories of personal information:

3.1 Information you provide directly

■  Identifiers: name, title, employer, business address, email, phone number, and similar contact details.

■  Professional and investor qualification information: investor accreditation status, jurisdiction of residence, employer and role, regulated license or registration status, source of funds declarations, and similar information collected during investor onboarding and ongoing diligence.

■  Financial information (investors and counterparties only): bank account and wire-instruction details, tax identification numbers, subscription amounts, capital contribution history, distribution history, and similar financial records required to administer the investor relationship.

■  Identity verification information: government-issued identification documents, dates of birth, nationality, and related data collected to satisfy anti-money laundering, know-your-customer, sanctions, and beneficial-ownership obligations.

■  Correspondence: content of emails, letters, meeting notes, chat or voicemail transcripts, and any other communications you choose to send us.

3.2 Information collected automatically

■  Device and technical data: IP address, browser type and version, device type, operating system, referring URL, pages viewed, time stamps, session identifiers, and other standard server-log data.

■  Cookies and similar technologies: first-party and approved third-party cookies, web beacons, and pixel tags used to operate the Website, remember preferences, measure usage, and secure the Website. See Section 10 (Cookies and Similar Technologies) for details.

■  Usage data: aggregated and pseudonymous data about how visitors navigate the Website, which pages and documents are downloaded, and which features are used.

3.3 Information from third parties

■  Public and commercial sources: professional directories, regulatory filings, public registries, sanctions and politically exposed person lists, and reputable commercial data providers used to verify identity, confirm accreditation, and conduct diligence.

■  Service providers and partners: information from banks, fund administrators, transfer agents, placement agents, law firms, auditors, tax advisors, and other service providers engaged by Aquivest or the investor.

■  Referrals: information shared by a mutual contact when introducing you to Aquivest.

We do not knowingly collect personal information from children under 16 years of age. The Website is directed at sophisticated institutional and accredited investors and is not intended for children.

4. Purposes and Legal Bases for Processing

We process personal information only for the specific, legitimate purposes set out below. For each purpose, the applicable GDPR legal basis is identified. Under U.S. law, the same purpose framework applies, with consumer rights governed by the relevant state statute.

■  Operating the Website and our business: to host, secure, and administer the Website, respond to inquiries, manage business relationships, and provide investor communications. GDPR legal basis: legitimate interests (GDPR Article 6(1)(f)) and, where applicable, performance of a contract (Article 6(1)(b)).

■  Investor onboarding, administration, and reporting: to evaluate prospective investors, confirm accreditation, conduct know-your-customer, anti-money-laundering, and sanctions screening, execute subscription documents, process capital calls and distributions, and deliver required investor reporting. GDPR legal basis: performance of a contract (Article 6(1)(b)) and legal obligation (Article 6(1)(c)).

■  Compliance with legal and regulatory obligations: to satisfy obligations under U.S. federal and state securities, tax, and financial services laws, EU and UK regulations, and other applicable laws, including obligations owed to regulators, auditors, and tax authorities. GDPR legal basis: legal obligation (Article 6(1)(c)) and, where sensitive data is involved, substantial public interest (Article 9(2)(g)).

■  Risk management, security, and fraud prevention: to detect and prevent fraud, unauthorized access, cyberattacks, and other security incidents, and to monitor the safety and integrity of Aquivest systems and data. GDPR legal basis: legitimate interests (Article 6(1)(f)).

■  Marketing and relationship communications: to share thought leadership, event invitations, investor updates, and similar content. GDPR legal basis: legitimate interests (Article 6(1)(f)) or, where required, consent (Article 6(1)(a)). You may opt out at any time.

■  Analytics and Website improvement: to understand how visitors use the Website and to improve content, navigation, and performance. GDPR legal basis: legitimate interests (Article 6(1)(f)) or, where required, consent (Article 6(1)(a)).

■  Establishing, exercising, or defending legal claims: including in litigation, arbitration, regulatory proceedings, and internal investigations. GDPR legal basis: legitimate interests (Article 6(1)(f)) and legal claims (Article 9(2)(f)).

5. How We Share Personal Information

We do not sell personal information in exchange for monetary consideration. In the twelve months preceding the effective date of this Policy, Aquivest has not sold or shared personal information for cross-context behavioral advertising as those terms are defined by the CCPA and CPRA. We disclose personal information only in the following circumstances:

■  Affiliates and portfolio companies: with other entities in the Aquivest group and with portfolio companies where necessary to administer the investment, subject to confidentiality obligations.

■  Service providers and processors: with fund administrators, transfer agents, banks, auditors, tax advisors, law firms, placement agents, IT and cloud hosting providers, security vendors, and similar service providers acting on our documented instructions under a written data-processing agreement.

■  Regulators and authorities: with regulators, courts, law enforcement, tax authorities, and other competent public authorities where required by law, legal process, or regulatory request.

■  Professional advisors: with our legal, accounting, tax, and compliance advisors on a confidential basis.

■  Corporate transactions: in connection with a merger, acquisition, financing, reorganization, insolvency, or sale of assets, subject to customary confidentiality protections.

■  With your direction or consent: where you instruct us to share information with a third party, or otherwise consent to disclosure.

6. International Data Transfers

Aquivest operates across multiple jurisdictions, including the United States, European Union, United Kingdom, and Asia-Pacific. Personal information may be transferred to, stored in, or processed in countries other than the country in which it was collected. When we transfer personal information from the European Economic Area, United Kingdom, or Switzerland to a country that has not received an adequacy decision from the European Commission or relevant authority, we implement one or more of the following safeguards:

■  European Commission Standard Contractual Clauses (June 2021 version) with the module appropriate to the transfer.

■  UK International Data Transfer Agreement or UK Addendum to the EU SCCs for transfers originating in the United Kingdom.

■  A transfer impact assessment documenting the applicable safeguards, including any supplementary technical, contractual, or organizational measures.

■  Derogations under GDPR Article 49 in the limited circumstances permitted, such as explicit consent or performance of a contract requested by the data subject.

Upon request, we will provide information about the safeguards in place for a specific transfer. Contact privacy@aquivestglobal.com.

7. Retention

We retain personal information only for as long as necessary for the purposes described in this Policy or as required by applicable law. Retention periods are determined by reference to the following factors: the nature and sensitivity of the information, the purposes for which it is processed, applicable legal, regulatory, tax, and audit retention requirements, the existence of any legal hold or pending claim, and whether the purposes of processing can reasonably be achieved by other means.

As a general matter, investor records (subscription documents, KYC/AML files, distribution records, tax documentation) are retained for the life of the investment plus a minimum of seven years, or longer where required by law. Website and marketing records are retained for up to two years from the last interaction unless a longer period is justified by a specific purpose.

8. Information Security

Aquivest implements technical and organizational measures designed to protect personal information against unauthorized access, loss, alteration, disclosure, and destruction. Measures include role-based access controls, encryption of personal information in transit using TLS 1.2 or higher, encryption of personal information at rest where supported, secure authentication, network segmentation, logging and monitoring, employee training, vendor due-diligence, and a documented incident-response plan. We review and update our security program regularly. No system is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any account credentials.

9. Your Privacy Rights

9.1 Rights applicable under GDPR and UK GDPR

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights, subject to the conditions and exceptions set out in applicable law:

■  Right of access to the personal information we hold about you.

■  Right to rectification of inaccurate or incomplete personal information.

■  Right to erasure in certain circumstances.

■  Right to restrict processing in certain circumstances.

■  Right to data portability in certain circumstances.

■  Right to object to processing based on legitimate interests or direct marketing.

■  Right to withdraw consent where processing is based on consent, without affecting the lawfulness of processing before the withdrawal.

■  Right to lodge a complaint with a supervisory authority, including the Irish Data Protection Commission, the UK Information Commissioner's Office, or the authority of your country of residence.

9.2 Rights applicable under U.S. state privacy laws

If you are a resident of California, Texas, Virginia, Colorado, Connecticut, Utah, or another U.S. state with a comprehensive consumer privacy law, you have the following rights, subject to the conditions and exceptions set out in applicable law:

■  Right to know and right to access the categories and specific pieces of personal information we collect, use, disclose, and, where applicable, share.

■  Right to delete personal information, subject to statutory exceptions.

■  Right to correct inaccurate personal information.

■  Right to opt out of sale or sharing of personal information (we do not sell or share for cross-context behavioral advertising as defined by CCPA/CPRA).

■  Right to limit use and disclosure of sensitive personal information (CPRA).

■  Right to non-discrimination for exercising any of these rights.

■  Right to appeal a denial of a rights request (Virginia, Colorado, Connecticut, Texas).

9.3 How to exercise your rights

To exercise any of the rights described above, contact us at privacy@aquivestglobal.com or by the other means set out in Section 14 (Contact). We will acknowledge your request and respond within the timeframe required by applicable law, which is generally thirty days under GDPR and UK GDPR (extendable by a further sixty days where warranted) and forty-five days under CCPA/CPRA (extendable by a further forty-five days where warranted). We may need to verify your identity before acting on a request. You may use an authorized agent to submit a request on your behalf where permitted by applicable law.

10. Cookies and Similar Technologies

The Website uses first-party and approved third-party cookies and similar technologies. The categories of cookies we use are:

■  Strictly necessary: required to operate the Website and deliver services you request, such as session management and security. These cannot be disabled through our consent manager.

■  Performance and analytics: help us understand how visitors use the Website, in aggregate and pseudonymous form, so we can improve content and performance.

■  Preferences: remember choices you make to personalize the Website experience.

Where required by law, we request your consent through a cookie consent manager before setting non-essential cookies. You can withdraw consent at any time using the cookie preferences link in the footer of the Website. You can also disable cookies through your browser settings, though this may affect Website functionality. We honor Global Privacy Control signals where required by applicable U.S. state law.

11. Third-Party Links and Services

The Website may contain links to third-party sites, including LinkedIn, news outlets, and portfolio company websites. This Policy does not apply to those sites. We are not responsible for the content or privacy practices of third-party sites or services, and we encourage you to review the privacy notices of any site you visit.

12. Changes to this Policy

We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or business. When we do, we will revise the "Last updated" date at the top of this Policy and, where the changes are material, provide additional notice such as a banner on the Website or direct notice where we have an active relationship. We encourage you to review this Policy periodically.

13. Jurisdiction-Specific Disclosures

13.1 California (CCPA / CPRA)

In the twelve months preceding the effective date of this Policy, Aquivest has collected the categories of personal information described in Section 3 for the business and commercial purposes described in Section 4, and has disclosed those categories to the recipients described in Section 5. We have not sold or shared personal information for cross-context behavioral advertising as those terms are defined by CCPA/CPRA. We do not use or disclose sensitive personal information for purposes other than those permitted under CPRA Section 7027(m) without offering the right to limit.

California residents may designate an authorized agent to submit a request on their behalf, accompanied by a valid power of attorney or other written authorization and identity verification.

13.2 European Union and United Kingdom

For individuals in the European Economic Area, United Kingdom, and Switzerland, Aquivest Global Holdings acts as the data controller unless otherwise specified. We have appointed a Data Protection Officer who can be contacted at dpo@aquivestglobal.com. Our lead supervisory authority for EU matters is the authority of our main EU establishment at the time of the relevant processing. For UK matters, the relevant authority is the UK Information Commissioner's Office (ico.org.uk).

13.3 Other jurisdictions

Residents of other jurisdictions, including Brazil (LGPD), Canada (PIPEDA), Singapore (PDPA), and South Africa (POPIA), have additional rights under applicable local law. Contact privacy@aquivestglobal.com to exercise any such right.

14. Contact

For questions about this Policy or to exercise a privacy right, contact us using the information below:

■  Privacy inquiries: privacy@aquivestglobal.com

■  Data Protection Officer: dpo@aquivestglobal.com

■  Legal and regulatory: legal@aquivestglobal.com

■  Mailing address: Aquivest Global Holdings, Attention: Office of the General Counsel, 1910 Pacific Ave, Suite 2000, Dallas, Texas 75201, United States.

■  Investor relations: Aquivest Global Holdings, Investor Relations, 200 Park Avenue, 30th Floor, New York, New York 10166, United States.

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.