Privacy Policy

ARIA GROWTH PARTNERS LP
WEBSITE PRIVACY NOTICE
Last Modified: April 25, 2024

OUR COMMITMENT TO PRIVACY

Your privacy is important to Aria Growth Partners LP and our affiliates (together, “Aria”, “our”, “us”, or “we”). This website privacy notice (this “Website Privacy Notice”) will inform you as to how we look after your personal data, how and why we collect it, tell you about your privacy rights, and how the law protects you. Please read this Website Privacy Notice carefully.

This Website Privacy Notice provides you with important information about the personal data that we collect, and that you directly provide to us, when you interact with us via our websites (including those accessible at www.ariagrowth.com, online portals or data rooms (together, the “Websites”), including via our contact details as set out at our Websites. Note, this Website Privacy Notice does not apply to any processing of personal data by or on behalf of Aria that is covered by a more specific privacy notice.

You do not need to take any action as a result of this Website Privacy Notice, but if you are based in the United Kingdom or the European Union, you should also refer to the section headed “Additional information for visitors in the United Kingdom and the European Union”, for a description of additional information and rights that you may have. If you are a resident of California, you should also refer to the section headed “Notice to California consumers of certain rights under the CCPA”, for a description of additional rights specific to California residents.

THE PERSONAL DATA WE PROCESS AND HOW WE COLLECT IT

We collect personal data about you:

that you specifically provide to us (or third parties acting on our behalf) via any of our Websites;
when you opt to receive communications from Aria; and
that third parties provide to us.

We collect certain types of personal data about you depending on the nature of your interaction with us. Such data may include identity data, contact data, and/or technical data.

We will not collect additional categories of personal data or use the personal data we collected for materially different, unrelated, or incompatible purposes without notice.

We collect your personal data in the following ways, and we only collect the personal data necessary to carry out our business for the purposes set out in the section below headed “Why we use your personal data”:

Information you provide to us

We collect your personal data when you decide to interact with us via our Websites (e.g., via the contact details provided on the Websites) including any personal data that you disclose as part of those communications.

Information provided by third parties or publicly available sources

We may receive personal data about you from third party sources including any third parties whose cookies and similar technology are deployed when you access our Websites and third parties who host or administer our Websites.

WHY WE USE YOUR PERSONAL DATA

To the extent that you provide us with any personal data, or we otherwise collect your personal data (i.e., through or in connection with our Websites) we may use your personal data for the following purposes (which shall be considered “business purposes” for purposes of the CCPA (defined below)):

Purpose	Legal Basis
To conduct business with you or to provide you with the services you have requested	Contractual necessity; and/or our legitimate interest in operating our Websites and business
To support and communicate with you	Our legitimate interest in operating our Websites and business
To keep a record of your relationship with us	Our legitimate interest in operating our Websites and business; and/or legal requirement
To administer, support, develop, and protect our business and our Websites	Our legitimate interest in operating our business
To make suggestions and recommendations to you, or to provide you with updates or other information, about our business and services that may be of interest to you	Our legitimate interest in operating our business
For statistical analysis and market research	Our legitimate interest in operating our business
To comply with applicable laws, rules, and regulations, including our anti-money laundering (AML) and “Know-Your Client” (KYC) obligations and responding to law enforcement requests and as required by applicable law, court order, or governmental regulations	Our legitimate interest in legally operating our business
For any other purpose that has been notified, or has been agreed, in writing	Consent

‍

Note that we may process your personal data on more than one legal basis depending on the specific purpose for which we are using your personal data.

No solely automated decision making, including profiling, is used when processing your personal data.

MARKETING COMMUNICATIONS

We will only send you marketing newsletters, updates, alerts and similar marketing or promotional communications where you have requested information from us relating to our business or services which you might be interested in or where we are otherwise permitted to do so. You may request that we stop sending you marketing communications by emailing Patrick Galvin at pgalvin@ariagrowth.com at any time.

DISCLOSURE AND TRANSFER OF PERSONAL DATA

Unfortunately, the transmission of information and data via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of any information or data transmitted to or through our Websites; any transmission of information or data by you to or through our Websites is at your sole risk.

Your personal data will be disclosured with and processed by our affiliates and certain service providers as necessary to fulfil the purposes set out in this policy. We use a number of service providers that provide a wide range of services including legal and financial professional advisors, IT and data security providers, data hosting providers and website managers and other IT service providers, meetings and conference vendors, auditors, marketing agencies, recruiters and HR firms, and data software providers. We make sure anyone who provides a service to, or for us, enters into an agreement with us and meets our standards for data security.

We reserve the right to disclose your personal data as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator, national security, for the purposes of public importance or any other legal or investigatory process involving us. Should we, or any of our affiliated entities, be the subject of a takeover, divestment or acquisition we may disclose your personal data to the new owner of the relevant business and their advisors.

SECURITY AND RETENTION OF PERSONAL DATA

We are committed to protecting the personal data you entrust to us. We adopt robust and appropriate data security technologies, measures and policies, so the information we have about you is protected to the extent possible from unauthorized access and disclosure, improper use and accidental loss. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know and who need to know that personal data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality and required to keep your personal data secure.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We will keep your personal data only for as long as is reasonably necessary for the purposes set out in this Website Privacy Notice, unless a longer retention period is required by law. We will not keep more personal data than we need for those purposes. For further information about how long we will keep your personal data, please contact Patrick Galvin at pgalvin@ariagrowth.com.

CAPACITY

Our Websites are only intended for individuals who are at least 18 years of age. We do not knowingly encourage or solicit visitors to our Websites who are under the age of 18 or knowingly collect personal data from anyone under the age of 18 without parental consent. If we learn we have collected or received personal data from an individual under the age of 18, we will delete that information.

MISCELLANEOUS

The provisions in our Terms of Use are hereby incorporated by reference.

CONTACT US

If you have any questions or concerns about this Privacy Policy, please contact Patrick Galvin, Chief Compliance Officer of Aria, at pgalvin@ariagrowth.com.

ADDITIONAL INFORMATION FOR VISITORS IN THE UNITED KINGDOM AND THE EUROPEAN UNION

This section applies only if our collection, or your provision, or personal data under this notice is subject to the EU and UK Privacy Laws (as defined below).

For the purposes of applicable EU and UK data protection laws, including the General Data Protection Regulation (EU) 2016/679 (the “EU GDPR”), the UK equivalent of the EU GDPR (the “UK GDPR”) and the Data Protection Act 2018 (collectively, “the EU and UK Privacy Laws”), Aria will be a controller of any personal data collected by us when you interact with us in the ways described above (e.g., when you visit our website, etc.). If you have any questions regarding our use of your personal data, or this Website Privacy Notice, please contact Patrick Galvin at pgalvin@ariagrowth.com.

We rely on various legal bases under the EU and UK Privacy Laws in order to process your personal data (including basic contact and identifying information and IP addresses, and, where appropriate, more sensitive types of personal data such as passport information and financial information, etc.), including for our legitimate interests, contractual necessity and as required by law. We use the personal data we collect to operate our business, conduct business with you and perform essential or legitimate business operations. We do not deliberately collect or solicit any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we deliberately collect or solicit any personal data about criminal convictions and offences.

If we require your personal data due to a legal requirement or obligation or in order to perform a contract with you, we will make you aware of this at the time we collect your personal data, and the possible consequences of you failing to provide this personal data. Failure to provide this information may mean that we cannot conduct business with you. If you refuse to provide other types of personal data, you may not receive an optimised experience visiting our website and/or we may be unable to properly communicate you in response to any enquiry.

Further information about the legal bases under which we process your personal data is included in the section headed “Why we use your personal data”.

TRANSFER OF PERSONAL DATA

To the extent your personal data is transferred to countries outside of the UK or the European Economic Area, such transfers will only be made in accordance with the EU and UK Privacy Laws. For further information about the safeguards used, please contact Patrick Galvin at pgalvin@ariagrowth.com.

YOUR RIGHTS

You have the right to access the personal data we hold about you, and there are a number of ways you can control the way in which and what personal data we store and process about you. To exercise these rights and controls, please contact Patrick Galvin at pgalvin@ariagrowth.com.

Access: You have the right to ask for a copy of the personal data that we hold and process about you free of charge, however we may charge a ‘reasonable fee’, if we think that your request is excessive, to help us cover the costs of locating the information you have requested.
Correction: You have a right to request that we correct your personal data if the information we hold and process about you is inaccurate or it needs to be updated.
Deletion: If you think that we shouldn’t be holding or processing your personal data any more, you may request that we delete it. Please note that this may not always be possible due to legal obligations.
Restrictions on use: You may request that we stop processing your personal data (other than storing it), if: (i) you contest the accuracy of it (until the accuracy is verified); (ii) you believe the processing is against the law; (iii) you believe that we no longer need your personal data for the purposes for which it was collected, but you still need your personal data to establish or defend a legal claim; or (iv) you object to the processing, and we are verifying whether our legitimate grounds to process your personal data, override your own rights.
Object: You have the right to object to processing, including: (i) for direct marketing; (ii) for research or statistical purposes; or (iii) where processing is based on legitimate interests.
Portability: If you wish to transfer the personal data that we hold and process about you on the legal ground of contractual necessity to another organisation (and certain conditions are satisfied), you may ask us to do so, and we will send it directly if we have the technical means.
Withdrawal of consent: If you previously gave us your consent (by a clear affirmative action) to allow us to process your personal data for a particular purpose not specified in this Website Privacy Notice, but you no longer wish to consent to us doing so, you can contact us to let us know that you withdraw that consent.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Should you wish to lodge a complaint with regards to how your personal data is processed by us as described in this Website Privacy Notice under the EU and UK Privacy Laws, in the first instance please contact us directly at Patrick Galvin at pgalvin@ariagrowth.com. Alternatively, and if we are unable to resolve your complaint, you can lodge a complaint with your local supervisory authority which, in the UK, is the Information Commissioner’s Office (please visit: https://ico.org.uk/global/contact-us).

NOTICE TO CALIFORNIA CONSUMERS OF CERTAIN RIGHTS UNDER THE CCPA

This section outlines specific rights granted under the California Consumer Privacy Act, as amended (the “CCPA”) to individual California residents and provides information regarding how such California residents can exercise their rights under the CCPA. This section is only relevant to you if you are a resident of California as determined in accordance with the CCPA. Information required to be disclosed to California residents under the CCPA regarding the collection of their Personal Data that is not set forth in this section is otherwise set forth in this Website Privacy Notice. For the avoidance of doubt, for purposes of this Website Privacy Notice, references to personal data are deemed to include references to “personal information” and “sensitive personal information” as defined under the CCPA. To the extent there is any conflict between the language in this Website Privacy Notice and the privacy rights and requirements under the Gramm-Leach-Bliley Act and/or Regulation S-P (“GLB Rights”), the GLB Rights shall apply.

Categories of Personal Information We Collect: We have collected some or all of the following categories of personal information from individuals through the Websites within the last twelve (12) months:

Category	Examples	Collected
A. Identifiers	Name, contact details and address (including physical address, email address and Internet Protocol address), and other identification (including social security number, passport number and drivers’ license or state identification card number).	YES
B. Additional data subject to Cal. Civ. Code § 1798.80	Telephone number, signature, bank account number, other financial information (including accounts and transactions with other institutions and anti-money laundering information), and verification documentation and information regarding investors’ status under various laws and regulations (including social security number, tax status, income and assets).	YES
C. Protected classification characteristics under California or federal law	Date of birth, citizenship and birthplace.	YES
D. Commercial information	Account data and other information contained in any document provided by investors to authorized service providers (whether directly or indirectly), risk tolerance, transaction history, investment experience and investment activity, information regarding a potential and/or actual investment in the applicable fund(s), including ownership percentage, capital investment, income and losses, source of funds used to make the investment in the applicable fund(s).	YES
E. Biometric information	Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings or keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.	NO
F. Internet or other similar network activity	Use of our website, fund data room and investor reporting portal (e.g., cookies, browsing history and/or search history), as well as information you provide to us when you correspond with us in relation to inquiries	YES
G. Geolocation data	Physical location or movements.	NO
H. Sensory data	Audio, electronic, visual, thermal, olfactory, or similar information.	NO
I. Professional or employment-related information	Current or past job history or performance evaluations.	NO
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	NO
L. Sensitive Personal Information	Social security, driver's license, state identification card, or passport numbers; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; genetic data; the contents of a consumer's mail, email, and text messages unless you are the intended recipient of the communication; biometric information for the purpose of uniquely identifying a consumer; and personal information collected and analyzed concerning a consumer's health, sex life, or sexual orientation.	YES

‍

We retain these categories of personal information only as long as is reasonably necessary for those purposes set forth above in the section of this Website Privacy Notice titled “Why we Use your Personal Data”, except as may be required under applicable law, court order or government regulations.

We do not collect or use sensitive personal information other than:

To perform services, or provide goods, as would reasonably be expected by an average consumer who requests those goods or services;
As reasonably necessary and proportionate to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information;
As reasonably necessary and proportionate to resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for such actions;
As reasonably necessary and proportionate to ensure the physical safety of natural persons;
For short-term, transient use (but not in a manner that discloses such information to another third party or is used to build a profile of you or otherwise alter your experience outside of your current interaction with us); and
To perform services on behalf of your business.

Disclosure of Personal Information. We do not sell or share (as such terms are defined in the CCPA) any of the personal information we collect about you through the Websites with third parties. We have not in the last 12 months, sold or shared any personal data collected about you with third parties. We do not disclose any non-public personal information we collect about you through the Websites to anyone, except as permitted or required by law or regulation and to service providers.

Within the last twelve (12) months, we have disclosed personal information collected from you through the Websites for a business purpose to the categories of third parties indicated in the chart below. We may also disclose your information to other parties as may be required by law or regulation, or in response to regulatory inquiries.

‍

Personal Information Category	Category of Third-Party Recipients
A. Identifiers	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.
B. Additional data subject to Cal. Civ. Code § 1798.80	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.
C. Protected classification characteristics under California or federal law	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.
D. Commercial information	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.
E. Biometric information	N/A
F. Internet or other similar network activity	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.
G. Geolocation data	N/A
H. Sensory data	N/A
I. Professional or employment-related information	N/A
J. Non-public education information	N/A
K. Inferences drawn from other personal information	Administrators, lenders, banks, auditors, law firms, tax compliance firms, governmental agencies or pursuant to legal process, self-regulatory organizations, vendors of IT, software and similar services, consultants and placement agents.

Rights Under the CCPA

Deletion Rights: You have the right to request that we delete any of your personal information that we retain, subject to certain statutory exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing and provide an explanation if we cannot comply with a specific request.
Disclosure and Access Rights: You have the right to request that we disclose to you certain information regarding our collection and use of personal information specific to you over the last twelve (12) months. Such information includes:

the categories of personal information we collected about you;
the categories of sources from which the personal information was collected;
our business or commercial purpose for collecting the personal information;
the categories of third parties with whom we disclosure the personal information;
the specific pieces of personal information we collected about you; and
whether we disclosed your personal information to a third party, and, if so, the categories of personal information that each recipient obtained.

Limitation on Use of Sensitive Personal Information: You have the right to request that we limit our use and disclosure of, and refrain from selling or sharing, your sensitive personal information, subject to certain exceptions, and we will refrain from doing so upon receipt of a valid and verifiable request from you requesting the same.
No Discrimination: We will not discriminate against you for exercising your rights under the CCPA, including by denying service, suggesting that you will receive, or charging, different rates for services or suggesting that you will receive, or providing, a different level or quality of service to you.
How to Exercise Your CCPA Rights: To exercise any of your rights under the CCPA or to access this notice in an alternative format, please submit a request using any of the methods set forth below:

If you would like to contact us by telephone without incurring telephone charges, please submit your request and telephone number by email at the email address below, and we will call you between 9 a.m. and 6 p.m. Eastern Time.

Email us at the following email address: pgalvin@ariagrowth.com.

Within ten (10) business days, we will contact you to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request your investor portal access credentials in order to verify your request. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent's authority to make requests on your behalf, and we may verify such authorized person's identity using the procedures above. If we request you verify your request and we do not receive your response, we will pause processing your request until such verification is received.

NOTIFICATION OF CHANGES

‍We reserve the right to amend this Website Privacy Notice from time to time by updating this Website Privacy Notice. If we decide to change our Website Privacy Notice, we will post those changes so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to collect personal data or use any collected personal data in a manner different from that stated at the time it was collected, we will notify applicable users. We will use information only in accordance with the Website Privacy Notice under which the personal data was collected.