Corsair Capital LLC

Privacy Statement


This Privacy Statement applies to you to the extent that the EU General Data Protection Regulation (Regulation 2016/679) (the “GDPR”) or the Data Protection Law, 2017 of the Cayman Islands ("DPL") applies to our processing of your personal data (as defined in the GDPR or DPL, as applicable).

If you are a natural person, this Privacy Statement will be relevant to you directly. If you are a corporate investor (including, for these purposes, legal arrangements such as trusts or exempted limited partnerships) that provides us with personal data on individuals connected to you for any reason in relation to your investment with us, this Privacy Statement will be relevant for those individuals and you should transmit this document to such individuals or otherwise advise them of its content.

PLEASE READ THIS PRIVACY STATEMENT CAREFULLY. IT CONTAINS IMPORTANT INFORMATION REGARDING THE USE AND PROCESSING OF YOUR PERSONAL DATA AS WELL AS INFORMATION CONCERNING YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL DATA.

You have provided or can be expected to provide personal data to us as part of your subscription to funds or vehicles managed by affiliates of ours (the “Partnership”).

The Partnership , the General Partner, the Investment Advisor and their affiliates acknowledge that you entrust your personal data with us and we respect your privacy. As used in this Privacy Statement:

“data controller”
means the entity that decides how and why personal data is processed.
“EEA”
means the member states of the European Economic Area.
“personal data”
means information from which it is possible to identify a natural person (an individual), or information from which any individual is identifiable.
“processing”
means anything that is done with personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“processor”
means the person or entity that processes personal data on behalf of a data controller.
“sensitive personal data”
means personal data about an individual’s race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, or any other information that may be deemed to be sensitive under applicable law.
“we”, “us”, “our”
means Corsair Capital LLC and its affiliates and the funds or vehicles they manage.

With respect to your personal data, the Partnership is a data controller.

We will only use personal data provided to us, or which is otherwise obtained by us in connection with an investment in the Partnership, as set out in this Privacy Statement.

How do we Collect Personal Data?


We collect personal data from information that you give to us (e.g., from forms and questionnaires, correspondence or conversations, and transactions with us) as well as from information that we obtain from other sources.

What Personal Data do we Collect?


While the types of personal data we collect will depend on whether you are an institutional investor or an individual investor, our legal obligations and the type of investment services that we provide, personal data collected in relation to an investment in the Partnership can generally be expected to include:

While we do not generally seek to collect or process sensitive personal data, we may do so when:

Why do we Process Personal Data?


We process your personal data if necessary:

Where we engage a third-party processor, the processor will be subject to contractual obligations to: (i) process in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the personal data.

How do we Share Personal Data?


We may share your personal data, as appropriate, with:

Is it Necessary to Provide Personal Data?


Unless otherwise indicated, you should assume that we require the personal data for statutory, contractual requirements, or for our legitimate business interests or those of a third party (except where those interests are overridden by your interests, fundamental rights, or freedoms).

To the extent that you refuse to communicate personal data to us, we may not be able to comply with our legal, regulatory, or compliance obligations or perform our contracts with you. As a result, the refusal to provide certain personal data to us may affect our ability to process your subscription to the Partnership and otherwise to maintain our business relationship with you.

Will Personal Data be Transferred Outside of Europe?


We intend to transfer your personal data outside of the EEA to jurisdictions, including the United States, that do not have similarly strict data protection and privacy laws.

If we transfer personal data outside of the EEA, we will only do so pursuant to a valid transfer mechanism such as:

How Long do you Retain Personal Data?


We will retain your personal data throughout the duration of our business relationship and as long as is necessary to fulfill the purposes described above. The retention period may be extended if we are required to preserve information in connection with litigation, investigations, or proceedings, if a longer retention period is required or permitted by applicable law, or conforms with industry best practice.

What are My Rights With Respect to My Personal Data?


We take reasonable steps designed to ensure that any personal data we maintain is accurate and, where necessary, kept up to date. Subject to applicable law, you may have certain data protection rights with respect to personal data controlled by us, including:

To exercise one or more of the data protection rights set forth above, please contact us as detailed below in “Contact Information and Complaints”.

Can I Withdraw My Consent?


We will not generally rely on your consent to process your personal data. If we do, however, you have the right to withdraw this consent at any time. If you wish to do so, please contact us as detailed in “Contact Information and Complaints” below.

Privacy Shield


Corsair participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss- U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov/list (link is external)

Corsair is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Corsair complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Corsair is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Corsair may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We will investigate and attempt to resolve any complaints or disputes regarding the use of your Personal Data within a reasonable period of time of receiving your complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact the appropriate EU DPA.

Under certain conditions, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. For more information please visit the Privacy Shield website.

Corsair has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.

International data transfers
Corsair transfers EU personal data to the United States. For transfers to the United States, Corsair relies on the EU- US and Swiss-US Privacy Shield Frameworks (see above) or other valid transfer mechanisms.

Contact Information and Complaints


If you would like more information, enquire about your rights, or make a complaint, please contact us at:

Chief Compliance Officer via email at CorsairCompliance@CorsairInvestments.com

Chief Compliance Officer via written correspondence at 717 Fifth Avenue, 24th Floor, New York, NY 10022

You can also obtain further information and/or make a complaint to the body regulating data protection in your country. A list of the EU data protection authorities is available via: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. For the purposes of the DPL, complaints may be made to the Cayman Islands Ombudsman.

Cookies Used on this Website


When you visit our site, we set a cookie to keep a track of your visit. This cookie contains no personal data and is discarded when you close your browser. If you choose to login, this cookie is used to keep you logged in and to record your usage of the site.

When you click the button to accept our privacy policy, we set a second cookie to remember your choice. This cookie contains no personal data and expires after one year or until you remove your consent.

Remove cookies, consent and log out of the system


To remove your consent, click here.

Discuss saved data


To contact us to edit, remove or request the data that we hold about you on file, please email registration@corsaircapitalconferences.com

Updates to this Privacy Statement


This Privacy Statement may be amended or updated from time to time to reflected changes in our practices with respect to the processing of personal data or changes in applicable law.

This Privacy Statement was last updated on January 2020.