Oak Hill Advisors, L.P. and its Affiliated Entities Privacy Notice
Commitment to Privacy
This Privacy Notice is provided by Oak Hill Advisors, L.P. and its affiliates under its control, the funds we manage and their general partner entities (collectively, the “Firm” or “we”). The Firm is committed to handling “non-public personal information” and “personal data” in accordance with applicable laws, rules and regulations.
Technology has dramatically changed the way information of all kinds is gathered, used and stored, but the importance of preserving the security and confidentiality of information has remained a core value of the Firm. The Firm recognizes and respects the privacy expectations of its website visitors, clients, investors and their affiliated individuals. Confidentiality and protection of non-public personal information and personal data are among its fundamental responsibilities. This Privacy Notice applies to “Relevant Individuals,” defined in this Privacy Notice as anybody acting in one of the following capacities:
- A visitor to the Firm’s website located at oakhilladvisors.com (the “Website”);
- An “Individual Investor,” i.e., a natural person investing with us or otherwise acting as our client in their individual capacity;
- Directors and managers of the funds we manage; and
- Any natural person affiliated with a client, investor or counterparty (such as an employee, director, officer, partner, member, shareholder, beneficial owner, affiliate, agent or representative).
This Privacy Notice is current as of the date hereof, but as circumstances or requirements change, the Firm may need to amend this Privacy Notice. The Firm will notify its then-current clients and investors of any material amendment by posting an updated version on the Website and/or taking other steps.
What We Need You to Do
Please provide this Privacy Notice to any Relevant Individuals whose Personal Information (as defined below) may be provided to the Firm. In addition, to the extent the Firm is provided with sensitive Personal Data (as defined below), we recommend it is encrypted before being sent.
“Personal data” is any information relating to an identified or identifiable natural person (as further defined in the EU or UK General Data Protection Regulation (Regulation (EU) 2016/679) and any relevant transposition of, or successor or replacement to, that regulation and equivalent legislation in the UK (together, the “European Data Protection Legislation”), in the Cayman Islands Data Protection Act and related regulations, and any successor or replacement to such law or regulations (together, the “Cayman Data Protection Legislation”), in the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, and their related regulations (collectively, “CCPA”), the Gramm-Leach-Bliley Act (“GLBA”) and other applicable laws and regulations relating to privacy, data protection, breach notification, or the processing of personal information) (collectively “Applicable Privacy Laws”). For purposes of the Cayman Islands Data Protection Act, the relevant Fund is the data controller, and other jurisdictions may take a similar approach. “Non-public personal information” is any personally identifiable financial information relating to natural persons that is not publicly available. We refer in this Privacy Notice to “non-public personal information” and other “personal data” together as “Personal Information”.
Personal Information Collected
The Firm may collect or otherwise process some or all of the following categories of Personal Information:
- Identifiers, such as full name, residential address, and other contact information, as well as government-issued identification details (e.g., social security number, or details from a driver’s license, state identification card or passport);
- Commercial information, such as:
- information about a Relevant Individual’s interests in funds (such as account balances and percentage interests);
- other information about the Relevant Individual’s investments with us or other dealings with us;
- other financial information (e.g., assets, net worth, income, investments, beneficial interests, investment history, bank account details, utility bills and other personal financial data);
- Professional and employment information, such as education history;
- Internet or other electronic network activity information, including information collected by automated means when an individual visits the Website that may sometimes qualify as Personal Information, such as IP address, details about navigation on the Website, and details about the individual’s browser or device, an a unique identifier or other information that we or our partners may store or read on the visitor’s browser or device with cookie technology (details further below);
- Other Personal Information, such as date of birth and background check information; and
- Inferences we generate based on the data above.
Where the client or investor is an individual, the Firm will usually collect this information directly from the individual. Where the client or investor is a corporate entity, the Firm will usually collect the information from the client or investor or their professional advisors or agents. In some cases, the Firm may receive the information from a third party, such as a background check provider.
Some of the personal information we collect is described in Cal. Civ. Code Section 1798.80.
Uses of Personal Information
The Firm will use Personal Information for some or all of the following purposes:
- on the basis of its legitimate interests in managing its relationship with the client or investor;
- on the basis of its legitimate interests in managing its business operations and information technology resources (for example, managing internal directories and client relationship management systems);
- on the basis of its legitimate interests in protecting the Firm, its employees, clients, investors, trading partners and others;
- to address legal requirements (including laws designed to protect the integrity of the financial sector, which require measures such as anti-money laundering checks and the recording of calls and emails); and
- for Firm-related informational or marketing communications, where appropriate and permitted by applicable law, as part of the Firm’s legitimate business interest.
From time to time, the Firm may also use a Relevant Individual’s Personal Information in other situations, such as with the Relevant Individual’s consent.
The provision of certain Personal Information is necessary when it is needed for the purposes of entering into or servicing a contract or to receive the products or services or information requested, or to comply with applicable laws and regulations. Refusal to provide your information in such circumstances would make it impossible for us to provide the products, services or information requested or to fulfil our contract or other legal obligations. Please contact the Firm with any questions about whether the provision of any particular Personal Information is required in any particular case.
Retention of Personal Information
The Personal Information we collect, including sensitive Personal Information, will be retained for at least as long as necessary to satisfy the purposes for which it was collected and our legal obligations. As described above, these purposes include our business operations and complying with reporting, legal, tax and accounting obligations. In determining how long to retain information, we generally will consider the amount, nature and sensitivity of the information, the purposes for which we process the Personal Information and whether we can achieve those purposes in other ways, the applicable legal requirements, internal recordkeeping practices and/or our legitimate interests.
Because we may collect and use the same category of personal information for different purposes and in different contexts, there is not typically a fixed retention period that always will apply to a particular category of personal information.
Disclosures of Personal Information
For the purposes described in the previous section, where permitted by applicable law, the Firm may share Personal Information in some or all of the following ways:
- with the client or investor;
- within the Firm and with their T. Rowe Price affiliates;
with other entities that assist the Firm in carrying out the activities described above, including professional advisors, technology providers, auditors, administrators, registrars, depositaries and other service providers;
- with regulatory bodies and governmental authorities;
- with other participants in certain transactions with the Firm (for example, to assist a third party in discharging their legal obligations in respect of, for example, anti-money laundering legislation and to honor their legal right to obtain a recording of certain regulated calls or a copy of certain regulated electronic communications between the Firm and that third party);
- with other third parties (such as litigants, or an acquirer or others connected with an acquisition or similar transaction involving the Firm); and
- with agents, delegates, or related, associated or affiliated entities of the foregoing.
From time to time, the Firm may also share a Relevant Individual’s Personal Information in other situations, such as at the Relevant Individual’s request.
Personal Information may be transferred to countries that may not have the same or equivalent data protection laws as those of the Relevant Individual’s home country. For example, the Personal Information may be transferred among the Firm’s offices in the United States, the United Kingdom, Luxembourg, Australia or Hong Kong, as well as to any other countries where the recipients of the transfers described above are located. Where required, the Firm makes such transfers in compliance with the Applicable Privacy Laws, such as through the use of standard contractual clauses published by the European Commission, with modifications relevant for other jurisdictions, such as the United Kingdom.
Security of Personal Information
The Firm takes steps to restrict access to Personal Information, including various physical, electronic, and procedural safeguards. The specific security measures the Firm uses in a particular context depend on that context, but the Firm draws from measures such as access controls, malware defenses, encryption, facility security, and various monitoring strategies. The Firm also maintains incident response procedures.
Rights and Choices
Where the European Data Protection Legislation or the Cayman Data Protection Legislation applies, Relevant Individuals may have the right to:
- In certain cases, object to the Firm’s processing of their Personal Information.
- Request access to their Personal Information (commonly known as a “data subject access request”). This enables the Relevant Individual to receive a copy of the Personal Information the Firm holds about them as well as certain details about its processing to be able to check that the Firm is processing it lawfully.
- Request correction of the Personal Information that the Firm holds about them. This enables Relevant Individuals to have any incomplete or inaccurate information the Firm holds about them corrected.
- Request erasure of their Personal Information. This enables Relevant Individuals to ask the Firm to delete or remove Personal Information if the Firm does not need to continue to process it. Relevant Individuals also have the right to ask the Firm to delete or remove their Personal Information where they have exercised their right to object to processing (see above).
- Request the restriction of processing of their Personal Information. This enables Relevant Individuals to ask the Firm to suspend the processing of their Personal Information, if, for example, the Relevant Individual wants the Firm to establish its accuracy or the reason for processing it.
- Request to receive a copy of their Personal Information in a machine-readable, commonly used and structured format, or to have it transmitted in such format to a third party.
Some of these rights or others may apply under other Applicable Privacy Laws as well. If a Relevant Individual wishes to exercise any of the rights they have, they should contact the Firm using the contact details at the end of this notice, except that eligible Californian Relevant Individuals who wish to exercise the rights described in the “California Privacy Information” section below should contact us as described in that section. The various rights are not absolute and each is subject to certain exceptions, qualifications and conditions. For example, if a Relevant Individual wishes to object to processing, the Firm may need to discuss with the Relevant Individual whether its use of their Personal Information needs to continue for other lawful purposes, such as fulfilment of a legal or contractual requirement.
The Firm will respond to a Relevant Individual’s request within the legally mandated deadline for a response. In some cases, the Firm may not be able to fulfill the request to exercise the right by this date and may need more time. Where the Firm cannot provide a full response to the Relevant Individual for any reason, the Firm will endeavor to let the Relevant Individual know about this in its initial reply to the request.
Where these rights apply, a Relevant Individual will not normally have to pay a fee to access their Personal Information (or to exercise any of the other rights described above). In some cases, the Firm may charge a reasonable fee if the request for access is unfounded or excessive, or if the Relevant Individual requests multiple copies of the information. Alternatively, the Firm may refuse to comply with the request in such circumstances. The Firm may need to request specific information from the Relevant Individual to confirm their identity and ensure their right to access the Personal Information (or to exercise any of their other rights). For example, we may request that you confirm, depending on the sensitivity of the information involved, the nature of our relationship with you, and the type of request you are making, verifying your name, email address, account number, and other information regarding your use of our services.
If Relevant Individuals have any questions, concerns or complaints relating to the Firm’s handling of their Personal Information, they should contact the Firm as described below. Relevant Individuals may also contact the relevant governmental authority (e.g., the UK Information Commissioner’s Office, for UK individuals, or the Luxembourg National Commission for Data Protection for Luxembourg individuals) with a complaint related to the Firm’s handling of their Personal Information. However, the Firm invites Relevant Individuals to allow the Firm to try to resolve the situation directly. Privacy is important to the Firm, and the Firm will do its best to address any concerns.
Notwithstanding anything to the contrary in this Privacy Notice, Relevant individuals will have the rights described above only to the extent that such rights apply to such Relevant Individuals under Applicable Privacy Laws.
California Privacy Information – CCPA
This section provides detailed information applicable only to eligible California residents under the California Consumer Protection Act (“CCPA”). This section does not apply to Individual Investors, as our processing of their Personal Information is exempt from the CCPA, and it also does not cover any other Personal Information for which we are exempt from the CCPA, such as “publicly available information” as defined in the CCPA. Data that is not subject to the CCPA may be handled differently than described here.
During the 12 months leading up to the effective date of this Privacy Notice, we may have collected all of the types of personal information described in the “Personal Information Collection” section of this Privacy Notice, and shared at least some of each category of personal information in some instances with our affiliates, service providers and other entities that assist us with our business. We also made the other disclosures described in this paragraph. We shared government-issued identification details (e.g., social security number, or details from a driver’s license, state identification card or passport), other identifiers (such as full name, residential address and other contact information) and professional and employment information with regulatory bodies and governmental authorities, transaction participants and entities involved in legal matters. We shared other Personal Information (except inferences and internet or electronic network activity), such as date of birth and background check information, with regulatory bodies and governmental authorities, transaction participants and entities involved in legal matters. We made these disclosures of personal information about Californians for the purposes described in the “We disclose personal information to third parties” section above.
During the 12 months leading up to the effective date of this Privacy Notice, we did not “sell” (as that terms was narrowly defined under the CCPA) Personal Information and did not “share” (as defined in the CCPA) any either. We do not “sell” or “share” personal information (as those terms are defined under the CCPA) if we have actual knowledge that the individual is less than 16 years of age. We do not use “sensitive personal information” (as defined under the CPPA) in a manner that requires us to provide individuals with a CCPA right to limit our use of that information.
Subject to some limitations, the CCPA allows you to ask us to:
- provide access to and/or a copy of certain personal information we hold about you;
- correct certain personal information we have about you;
- delete certain personal information we have about you; and
- inform you about the categories of personal information we have collected about you in the preceding 12 months, the categories of sources of such information, the business or commercial purpose for collecting or selling your personal information, the categories of third parties with whom we have disclosed certain personal information, confirmation that we did not “sell” or “share” your Personal Information, and more specific detail about what categories of information were otherwise disclosed to particular categories of third parties.
Contacting the Firm
To exercise any rights under applicable law (including to request further information on the mechanisms the Firm has put in place in relation to Personal Information transfers outside the European Union and/or the UK), to notify the Firm of your preferences, or to provide the Firm with complaints, concerns or questions, please contact the Firm via email@example.com, as well as, if your notice relates to your rights under the European Data Protection Legislation, via GDPR@oakhilladvisors.com.