1. INTRODUCTION

Welcome to the privacy notice of Kerogen Capital (Asia) Limited and Kerogen Capital (UK) Limited (collectively, “Kerogen” / “we” / “us” / “our”). Kerogen is an independent private equity fund manager specialising in the international energy sector with a focus on partnering with technically talented and entrepreneurial companies. We have offices in Hong Kong and the United Kingdom and engage in investment activities around the world.

We take your privacy seriously and we are committed to protecting personal data that we receive from you. This privacy notice explains Kerogen’s policies and practices regarding its processing of your personal data, and explains some of your data privacy rights under applicable data privacy laws, including the General Data Protection Regulation.

We review our privacy practices on an ongoing basis, and as such we may change this privacy notice from time to time. If such change includes any significant, material changes, we will provide clear notice of the update on the homepage of our website. Please check this notice frequently to ensure that you are familiar with its current content.

If you are an EU national and reside in the EU, or are non-EU national residing in the EU, the data controller (as defined under EU data protection law) will be the relevant Kerogen entity that you engage with.

Contacting us

If you would like additional information on anything in or related to this privacy notice, or you would like to exercise any rights that you may have in relation to your personal data, please contact us at

Kerogen Capital (Asia) Limited
4802, 48F Cheung Kong Center
2 Queen’s Road
Central, Hong Kong, SAR
Telephone: +852-2127-3000

Kerogen Capital (UK) Limited
6th Floor, 50 Pall Mall
St James’s, London
SW1Y 5JH
United Kingdom
Telephone: +44-20-7024-7150
Email: info@kerogencap.com

2. WHAT PERSONAL DATA MAY WE PROCESS?

The types of personal data relating to you that we may “process” (such as collect, use and
store) depends on your interaction with us. The key types of personal data that we may process
are set out below.

Personal data that you give us

ActivityTypes of personal data that we may processOur legal bases for processing
Your general use
of our website
  • Name

  • Email address

  • Company

  • Any other personal data that you provide to us through our website, such as your home and business addresses, phone numbers, description of yourself, your position, your company, and your needs or comments

Legitimate interests:

  • Getting to know you as a potential
    investor, portfolio company,
    employee, consultant, or business
    partner

  • Maintaining and managing our
    website

  • Responding to your
    communication(s) with us

Your communications with us as a potential or
current investor,
portfolio company, service provider, or
business partner
  • Name, title, gender

  • Contact details (personal or
    business email address, telephone
    numbers, address)

  • Company

  • Position

  • Information relating to any matter
    that you want to discuss with us that
    relates to you as an individual
  • Information from identification documents

  • Financial information, such as bank account details, if applicable

  • Any other personal data that you may disclose to us during your relationship with us, such as in calls or email correspondence

Legitimate interests:

  • Engaging with you as a potential or
    current investor, portfolio company or
    service provider

  • Growing our business

  • Maintaining and managing our
    website

  • Responding to your
    communication(s) with us


Contract

  • Fulfilling our obligations under any
    contract or engagement with you

  • Legal obligation
    Complying with legal and regulatory
    obligations (such as anti-money
    laundering checks and other
    disclosures to regulators)
Your application for a job, internship,
consulting position, or other role at Kerogen
  • Name, title, gender, date of birth

  • Results of background checks,
    including references, qualifications,
    and to the extent permitted by law,
    criminal background checks

  • Passport, work permit, visa, or other
    immigration documentation

  • Contact details (personal, business
    or educational institution email address, telephone numbers,
    address)

  • Resumé, including relevant skills
    and experience

  • Your professional interests and
    motivations

  • Language capabilities

  • Special requirements (such as, or relating to, a disability / health issue)

  • Any other personal data that you may provide to us through the
    application process, such as views and preferences that you disclose to us in interviews

Legitimate interests:

  • Getting to know employees or
    potential employees / interns /
    consultants

  • Fulfilling our staffing requirements

  • Ensuring potential recruits of any
    kind are appropriately qualified for
    positions with us Consent

  • On the basis of the consent that you
    have provided to us to process your
    personal data in the context of your application, which would include in relation to our conducting criminal
    background and other checks
    Legal obligation

  • We have a legal obligation to verify
    your right to work lawfully in the relevant country applicable to your application

  • Complying with legal and regulatory obligations (such as anti-money laundering checks and other
    disclosures to regulators)



PLEASE NOTE:
If you are applying to work at Kerogen,
whether as a partner, employee, intern,
consultant, or in any other capacity, please also refer to our separate “Personnel Privacy Notice.” A copy of this will be made available to you in connection with the application process. Please request/review this notice before submitting any personal data to us.

3. CHILDREN’S INFORMATION AND SENSITIVE INFORMATION

Children’s Information

We do not knowingly collect personal information from children under the age of 13. If we are made aware that we have collected personal information from a child under the age of 13, we will delete it as soon as practicable.

Sensitive Information

Unless we specifically request or invite it, we ask that you not send or disclose to us any sensitive personal information (e.g., National Insurance or Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual).

4. HOW DO WE PROCESS YOUR PERSONAL DATA?

We may process your personal data in the following ways (depending upon your interaction with
us):

  • collecting your personal data that you input on our website, or provide to us in
    conversations, emails, or meetings with us;
  • recording your personal data, such as through electronic or handwritten notes that we make;
  • organizing and storing your personal data on our servers, in our document
    management system, in our employee’s email inbox folders, or in hard copy files;
  • using your personal data to communicate with you and perform analytics that are necessary or useful in connection with your relationship with us as a current or prospective portfolio company, investor, service provider or partner; and
  • disclosing your personal data to third parties, where necessary, appropriate and/or as required by law (see section 6 providing more information on this below).

We may process your personal data for the following purposes:

  • to further our engagement with you as a current or prospective portfolio company, investor, employee, consultant or partner;
  • to respond to your questions, comments, complaints, or requests;
  • to follow up with you on a job application;
  • to create and deliver personalized communications that are relevant to your
    preferences; and
  • to further our business purposes, such as to perform due diligence, data analysis, audits, fraud monitoring, and prevention; enhance, improve, or modify our website or services; identify trends; and operate and expand our investment and business activities.

5. HOW WILL WE PROTECT YOUR PERSONAL DATA?

We have implemented security policies and other technical and organisational measures to protect the personal data that we collect, consistent with applicable privacy and security laws. These security measures are designed to prevent unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss of your personal data.

We update and test our personal data privacy and security measures on an ongoing basis. We also provide guidance to our employees on privacy laws and how to comply with them, and have disciplinary procedures in place that may be imposed on employees if they do not comply with our standards. We use technical and organisational measures to limit access to your personal data to only employees who need to know your personal data to fulfil the purposes of processing that personal data (as described in this privacy notice) have access to it.

We also require that any third parties that process your personal data on our behalf take appropriate security measures to protect your personal data.
We have put in place procedures to deal with any suspected security breach that involves your personal data and will notify you and the applicable regulator of a suspected breach where legally required to do so.

6. WITH WHOM MAY WE SHARE YOUR PERSONAL DATA?

We take your privacy seriously and will not share your personal data with others, except in the following circumstances:

Service providers: we may disclose your personal data to third-party service providers to provide us with services such as website hosting and professional services, including information technology services, payroll services, accounting and auditing services, consultancy services, regulatory services, and legal services.

Our affiliates: we may disclose your personal data to our affiliates in order to provide you with tailored services and communications, or in accordance with our business administrative practices.

Corporate transactions or events: we may disclose your personal data to a third party in connection with a corporate reorganisation, merger, joint venture, sale, transfer, or other disposition of all or any portion of our investments, business or equity. We will use reasonable efforts to ensure that any successor entity treat your personal information in accordance with this notice after the transaction is completed. However, we encourage you to review the privacy notice again after any such transaction is completed because
we cannot guarantee that these new parties will have the same privacy policies after the transaction is completed.

Legal reasons: we may use or disclose your personal data as appropriate under
applicable laws; to respond to requests from public, governmental; and regulatory
authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; to protect the operations of our group entities; and to protect the rights, safety, or property of our employees, you, or others.

International transfers of personal data
Some of our group entities and service providers are located outside of the EU. Accordingly, if you are in the EU, please note that we will transfer your personal data to such countries in accordance with EU data protection law requirements. When we transfer EU personal data to Kerogen’s office in Hong Kong, we do subject to the safeguards provided in the EU Standard Contractual Clauses. If you wish to obtain a copy of the relevant international transfer documentation, you may do so by contacting us using the contact details in Section 1 above.

Such transfers may also be necessary in order to perform a contract with you/fulfil your request and/or through obtaining your affirmative consent.

7. WHAT RIGHTS DO YOU HAVE WITH RESPECT TO YOUR PERSONAL DATA?

You have the following rights with respect to the personal data you provide to us, to the extent permitted by applicable data protection laws:

  • Withdrawal of Consent: You have the right to withdraw any consent that you have provided to us to process your personal data.
  • Access: You have the right to access your personal data.
  • Rectification: You have the right to rectify inaccurate personal data.
  • Erasure: You have the right to have your personal data erased if it is no longer
    necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it or you consider that it has been unlawfully processed.
  • Restriction: You have the right to have the processing of your personal data
    restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it.
  • Data Portability: You have the right to have certain personal data you provide to us transferred to another company in a machine-readable format.

In order to exercise any of these rights, or for more information, please use the contact details specified in Section 1 above. Please note that these rights are subject to certain preconditions and qualifications under applicable law.

8. FOR HOW LONG DO WE RETAIN YOUR PERSONAL DATA?

We retain your personal data only for as long as is necessary for our relationship with you, in accordance with our retention policies, and in accordance with applicable laws. To determine the appropriate retention periods for personal data, we consider the amount, nature and sensitivity of the personal data, legal requirements, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data and whether we can achieve those purposes through other means. In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use the information without further notice to you.

9. LINKS TO THIRD-PARTY SITES

Our website may include links to other sites operated by third parties. We are not responsible for information on these sites, nor for services or products offered by them. Use of such sites, including transmitting your personal data to them, is at your own risk. You should check the privacy policies (and other applicable terms and conditions) of these third-party sites.

10. FILING A COMPLAINT WITH AN EU REGULATOR

If you are in the EU, you may lodge a complaint with a supervisory authority that has authority in your country or region. Please click here for contact information for such authorities.

* * * * * * *

Policy last updated: June 2018