Privacy Policy

Effective Date: April 25, 2019

This Privacy Notice is provided by Aquiline Holdings LLC (“Aquiline Holdings”) and its affiliates, including Aquiline Capital Partners LLC (“Aquiline LLC”) and Aquiline Capital Partners Limited (“Aquiline Limited”). Aquiline Holdings, Aquiline LLC, Aquiline Limited and their respective affiliates are referred to in this Privacy Notice as “Aquiline”, “we”, “us” or “our”. This Privacy Notice describes how we collect and process the personal information of individuals who are subject to the protection of the EU General Data Protection Regulation (Regulation 2016/679) (the “GDPR”).

This Privacy Notice is provided for the benefit of natural persons (excluding those working for, or within, our organisation) visiting this website (the “Website”) or making contact with us through this Website. In this Privacy Notice, we refer to visitors to our Website as “you”.

This Privacy Notice describes the information that we collect about you, how we use such information and with whom we share it. This Privacy Notice does not address our privacy practices concerning any personal data we collect in relation to our investors, including through the Investor Portal on this website; we address those practices in separate privacy notices included in the subscription agreement or sent to our investors or potential investors. Our current investor privacy notice is available within the Investor Portal.

Privacy Notice Changes

We may revise or supplement this Privacy Notice from time to time. If we make any substantial changes in the way we use or share your personal information obtained from your use of this Website, such changes will be reflected in this Privacy Notice. We encourage you to refer to this Privacy Notice often, or each time you visit, so that you remain familiar with of our most current privacy policy.

Privacy Terminology

Certain words are given specific meanings under data protection legislation. Organisations located within the European Economic Area (“EEA”) are subject to the GDPR (as defined below). Other countries have implemented laws similar to the GDPR. Different laws may use different or additional legal terms, or define the same terms differently. The terms listed below are intended to have the following meanings in this Privacy Notice:

| | | | ---------- | ---------- | |“data controller”| means Aquiline, or the entity within its group that decides how and why personal data is processed; | |“EU data protection laws| means Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), and any other applicable legal requirement concerning the protection and processing of personal data applicable in the EU;| |“personal data”| means information from which it is possible to identify a natural person (an individual), or information from which any individual is identifiable;| |“processing”| means anything that is done with personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; and| |“processor”| means the person or entity that processes personal data on behalf of a data controller.|

How We Collect and Use Your Personal Data

Aquiline is a data controller in respect of any personal data it receives from you via this Website.

The types of personal data we collect in relation to your visit to this Website will depend on the nature of your relationship with us. We may collect your personal data from:

  1. registration information you proactively provide to us;
  2. information captured via “cookies”;
  3. information provided, e.g., in follow-up telephone conversations, voicemails, through written correspondence, or via e-mail;
  4. information gathered by other automated mechanisms, such as web server logs and JavaScript; and
  5. if you login as an investor to the Investor Portal, login credentials and other information (please see the investor privacy notice available within the Investor Portal).

The personal information that you submit through the Website at your own initiative is used only to service your account and/or to provide you with information on Aquiline products and services, including to send you administrative communications either about your interactions with us or about other information or features available through the Website. We will not sell or rent your personal information to others.

Cookies and Google Analytics

In addition to information you proactively provide to us, we obtain information from cookies. Cookies are small text files that are stored in your computer's memory and hard drive when you visit certain web pages. Cookies are used primarily to customize the Website for return visitors and improve your experience with the Website. You are not required to accept cookies to use the Website, and you can configure your browser to accept all cookies, reject all cookies, notify you when a cookie is set or delete cookies. You are always free to decline cookies if your browser permits, however, if you choose to turn off cookies, you may not have access to features that optimize your browsing of our Website, and some of those features may not function properly.

We also obtain information from other third party web analytics service providers. We use Google Analytics which collects information such as: how often users visit the Website, what pages the user visits, and what other sites they used prior to or after coming to the Website. The information obtained by Google Analytics may itself be processed by Google Analytics (or other web analytic service providers). More information on how Google Analytics uses your data can be found at https://google.com/policies/privacy/partners/. More information about opting out of Google Analytics can be found at https://tools.google.com/dlpage/gaoptout. We use the information we get from Google Analytics only to improve the Website.

This information is maintained in a form that does not explicitly identify you, and we will not use this information to identify individuals, except for site security and law enforcement purposes.

The collection of personal data from which you cannot be readily identified may involve the transmission of information either directly to us or to another party authorized by us to collect information on our behalf. We use such data on an aggregated basis to either help us maintain the Website or to share with third-parties, such as investors, for informational or promotional purposes.

Aquiline does not track visitors to its Website over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (“DNT”) signals.

Why Do We Collect Personal Data?

Our reasons for processing the types of data described above in respect of visitors to our Website will depend on the nature of our relationship with you, but typically include the following:

  • to send updates or to correspond with you;
  • to provide you with information about Aquiline, our products and services;
  • to provide efficient and reliable services;
  • to improve our product offerings and service options:
  • to maintain our relationship with you;
  • to monitor our communications with you;
  • to protect the security of our IT systems;
  • to improve or develop our Website;
  • to comply with our regulatory obligations;
  • to maintain and keep our records up to date;
  • to protect our business against fraud or other crimes.

We will typically only process your personal data to pursue the purposes described above. However, we may have a legitimate business interest in processing your personal data for some other purpose, but even then we would do so only if our legitimate business interests are not overridden by your interests or your fundamental rights and freedoms which require the protection of your personal data.

If you choose to submit information to us, we encourage you to contact us by email or telephone to update your account information whenever such information ceases to be complete or accurate. We will use any additional information you provide to us to update our records. We will delete any information we have if it is out of date.

With Whom Do We Share Your Personal Data?

We may share your personal data with Aquiline’ s subsidiaries or affiliates. We may also share your personal data with our service providers. For example we use service providers to host and/or maintain our Website (internal or external) and employ other persons to perform work on our behalf, such as sending e-mail. These persons may have access to personal data that you submit through the Website, but only for the purpose of performing their duties and in order to provide efficient and reliable services. These persons act on our instructions and are not authorised to disclose personal data, and are not authorised to use or disclose your personal data for other purposes, save to the extent required to comply with their own legal obligations.

As noted above, we may share aggregated data with analytic service providers.

We may also share your personal data if we are required to make such disclosure to the government or private parties in connection with a lawsuit, subpoena, investigation, similar proceedings or regulatory request or examination; to comply with applicable laws or regulations or when we otherwise believe in good faith that such disclosure is necessary or appropriate in connection with any activity that violates the law (including relating to intellectual property, fraud, contracts and privacy) or may expose us to liability, or to protect your safety or security, including the safety and security of property that belongs to you, or protect the safety and security of our websites or databases, or the tangible or intangible property that belongs to us or to third parties.

If Aquiline were to merge with or transfer substantially all of its business, stocks or assets to another entity, Aquiline would also share your personal data with that entity, to the extent lawfully permissible, but even then, only for the purposes set out in this Privacy Notice, including in such case, for its legitimate business interests.

Third Party Websites

Aquiline has established links between this Website and one or more websites operated by third parties. Aquiline has no control over any other such websites, including over their content, operation, privacy and/or security, and disclaims responsibility for any such websites hyperlinked from our website. Your access to and use of such linked websites shall be at your own risk.

Transfers of Personal Data

Aquiline LLC’s principal place of business is in New York City. Our Website is hosted in the United States of America. Aquiline Limited’s principal place of business is in London, England. In some cases, disclosure of personal data to our affiliates and third parties referred to above will involve transferring personal data from the European Economic Area (or the United Kingdom if it ceases to be a member of the European Union) to the United States or another country which may not provide a level of protection to personal data equivalent to that provided in your country.

To provide adequate protection for these transfers, Aquiline has a data transfer agreement in place, which is based on the European Commission approved standard contractual clauses. To obtain a copy of these clauses, please contact us at the address noted below.

How Do We Protect Your Personal Data?

The security of your information is important to us. We employ several different technical, administrative and physical security measures to protect any information you provide through our website from unauthorized access, accidental destruction or loss, and to ensure the ongoing confidentiality, integrity and availability of such data. You should be aware, however, that no data transmission over the Internet can be guaranteed to be secure and there is always the risk that unauthorized persons may access or use your information. We will not be responsible or liable for any damages, losses or causes of action arising out of or in connection with the disclosure of your information. You use our Website and send us such information at your own risk.

How Long Do We Keep Your Personal Data?

Personal data may be kept for as long as it is required for legitimate business purposes, however no longer than necessary with regard to the purpose of that visitor’s relationship with Aquiline.

Rights of Data Subjects

You have certain rights with respect to your personal data. These are:

  • the right to request access to, or copies of, your data and related information including: the purpose for processing such data; the recipients; its transfer to other countries; the period for which it will be stored; and the source;
  • the right to request rectification of any errors in your personal data;
  • the right to request that the processing of your data is restricted;
  • the right to request erasure of your personal data;
  • the right, where we rely on your consent to process data, to withdraw your consent; and
  • the right not to be subject to automated decision-making.

Aquiline does not use automated decision-making with respect to any personal data obtained through its Website. We also note that the right to erasure is not absolute and it may not always be possible to erase personal data on request, for example, if that personal data were required to comply with a legal obligation. If you wish to exercise any of the rights listed above, please contact us at the address noted below.

Complaints

If you have any complaints, questions or comments about this Privacy Notice, or wish to notify us of any errors or changes as to any personal information you provide us through this Website, you can e-mail us at privacymatters@aquiline-llc.com or write to us at Privacy Matters, Aquiline Holdings LLC, 535 Madison Avenue, New York, New York 10022, (212) 624-9500.

If you have a complaint, you may also contact the data protection authority in your country.