Antares Website Privacy Notice

Last updated: July 31, 2024

1. INTRODUCTION AND SCOPE, CONTROLLER AND CONTACT DETAILS

This Website Privacy Notice (“Privacy Notice“) applies to the website https://www.antares.com operated by Antares Capital LP, 320 South Canal Street, Chicago, IL 60606, USA (“Antares“, “we“, “our“, or “us“) as controller (collectively, the “Site“).

2. PERSONAL DATA WE COLLECT

The personal data we collect and otherwise process falls into two categories: personal data you voluntarily provide us when you visit and use the Site (2.1), and (2.2) personal data we process so that you can access and use the Site.

2.1 Personal Data You Provide Voluntarily

We may collect the following categories of personal data about you:

• User details when subscribing to our newsletter (email address, company name and title).
• User details in connection with request to receive investment policy and/or report (email address, company).
• User details in connection with contact form (name, email address, company, telephone number (voluntary), message).

2.2 Personal Data Collected Automatically

The following personal data are automatically collected when you visit and interact with our Site:

• your browser name;
• the pages you visit on the Site;
• the IP (internet protocol) address for your computer;
• date and time of access request;
• time zone difference to Greenwich Mean Time (GMT);
• access status/HTTP status code;
• the data volume transferred;
• websites from which the system used by you comes to our Site; and
• the type of device you are using (device manufacturer and model) and other technical information about your means of connection to the Site, such as the operating system (name and version), relevant plug-ins, the internet service providers utilized, language, internet browser type and version, Media Access Control (MAC) address, and screen resolution.

3. PROCESSING PURPOSES, LEGAL BASIS, AND (CATEGORIES OF) RECIPIENTS

3.1 Processing based on consent (Art. 6 (1) a) GDPR)

We process your personal data based on your consent to

• provide you with our email newsletter.

3.2 Processing to comply with legal obligations (Art. 6 (1) c) GDPR) to which we are subject

We process your personal data to comply with legal obligations to which we are subject, i.e., to

• maintain information security;
• participate in investigations and proceedings (including judicial proceedings) conducted by courts, law enforcement agencies, government agencies or public authorities, intergovernmental or supranational bodies, in particular, for the purpose of detecting, investigating, and prosecuting illegal acts;
• to comply with legal retention obligations (see 5. “Personal Data Retention” below).

3.3 Processing for the purposes of legitimate interests (Art. 6 (1) f) GDPR)

We process personal data to the extent necessary for the purposes of the legitimate interests pursued by us or by a third party (Art. 6 (1) f) GDPR), including for the following purposes:

• to communicate with you when you make a request via our contact form;
• to prevent, detect, investigate, mitigate, and remediate security threats/breaches, fraud or other prohibited, unlawful, criminal, or malicious activities, including the assessment of corresponding risks (including through the use of captchas);
• participation in proceedings (including judicial proceedings) conducted by courts, law enforcement agencies, government agencies or public authorities, intergovernmental or supranational bodies, in particular for the purpose of detecting, investigating, and prosecuting illegal acts, unless there is a statutory obligation.

4. RECIPIENTS OF PERSONAL DATA

We may transfer your personal data for the respective purposes to the following categories of recipients:

4.2 Controllers

• Private third parties – affiliated or unaffiliated private bodies other than us, including external advisors (e.g., lawyers).
• Governmental/public authorities, courts, and similar third parties that are public bodies as required or permitted by applicable law.

4.3 Processors

• Certain third parties, whether affiliated or unaffiliated, may receive your personal data to process such personal data on behalf of us under appropriate instructions as necessary for the respective processing purposes, including IT and other administrative services (e.g., hosting and/or maintenance of IT systems) and marketing service providers to send you our newsletter.
• We currently use the following processors:
  • Microsoft Azure (United States)
  • Langham Hall (United Kingdom)
  • Antares international affiliates, including Antares Capital London Limited or Antares Capital LP (Unites States, United Kingdom)

5. STORAGE DURATION AND DELETION

We process personal data as long as is required for the respective purpose. Something else applies if we need to meet legal/official obligations (e.g., statutory retention obligations), or contractual obligations. In Germany, retention obligations may arise, in particular, under the German Commercial Code (Handelsgesetzbuch, “HGB“) or the German Fiscal Code (Abgabenordnung, “AO“), and may generally be 6 to 10 years (e.g., for contracts and business letters). When we no longer need personal data to comply with contractual or legal obligations, it is deleted from our systems or anonymized. You may be entitled to request further information regarding retention periods, which you can do by contacting us.

6. CROSS-BORDER DATA TRANSFERS

Some of the recipients of the personal data will be located or may have relevant operations outside of your country and the EU/EEA, such as in the USA or Canada, where the data protection laws may provide a different level of protection compared to the laws in the EU/EEA and for which an adequacy decision by the European Commission may not exist. The countries which provide an adequate level of data protection from an EU data protection law perspective include Andorra, Argentina, Canada (commercial organizations), Faeroe Islands, Guernsey, the State of Israel, Isle of Man, Japan, Jersey, New Zealand, the Republic of Korea, Switzerland, the Eastern Republic of Uruguay, the United Kingdom and the USA (companies self-certified under EU-US Data Privacy Framework). Regarding transfers of personal data to such recipients outside of the EU/EEA we provide appropriate safeguards, in particular, by way of entering into data transfer agreements adopted by the European Commission (e.g., Standard Contractual Clauses (2021/914/EU)) with the recipients or taking other measures to provide appropriate safeguards, where this is required under applicable law. We will provide you with a copy of the respective measure we have taken upon request.

7. YOUR RIGHTS AS DATA SUBJECT

Under applicable data protection law, you have the right, in addition to the right to withdraw consents at any time (the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal) to make a complaint to a data protection authority. In addition, you may be entitled to the following rights (though these rights may be restricted by national law). To exercise these rights, please contact us using the contact details provided under 1 above.

7.1 Right of access

You may have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, to request access to the personal data. The right of access includes, among other things, the purposes of the processing, the categories of the personal data to be processed, and the recipients or categories of recipient to whom the personal data will be disclosed. However, this right is not unrestricted as the rights of other persons may limit your right of access.

In certain circumstances you have the right to receive a copy of the personal data processed by us. For further copies you request, we charge a reasonable fee, where relevant calculated on the basis of administrative costs.

7.2 Right to rectification:

If the personal data we collect or otherwise process about you is inaccurate or incomplete, you may ask for rectification or completion, including through the provision of a supplementary statement.

7.3 Right to erasure (right to be forgotten):

Subject to certain preconditions, you may ask us to erase your personal data and we may be obliged to erase your personal data.

7.4 Right to restrict processing:

Subject to certain preconditions, you may ask us to restrict the processing of your personal data, e.g., if you object to us processing it. In that case, the data concerned will be marked and only processed by us for certain purposes.

7.5 Right to data portability:

Subject to certain preconditions, you may ask to receive personal data concerning you have provided to us, in a structured, commonly used and machine-readable format.