Last updated February 2025

This Privacy Notice is provided by J.C. Flowers & Co. LLC (“JCF”, “we” or “us”) to inform you about how we process the Personal Data that we collect through the Services, as defined below. This Privacy Notice does not cover or apply to our investors and limited partners. We maintain a separate Investor Privacy Notice that describes how we process the Personal Data of our investors and limited partners.

When we use the term “Services”, we mean to refer collectively to:

• The websites owned and controlled by us that link to this Privacy Notice (“Sites”);
• The provision of investment and related services in the conduct and operation of our business (“Investment Services”); and
• Marketing and business development activities, including events we host, social media properties we operate, and emails that we send (“Marketing Activities”).
• When we use the term “Personal Data”, we mean information that reasonably can be used to identify an individual person or that reasonably relates to an identifiable person (a “Data Subject”).

The Data Subjects we receive Personal Data from in providing the Services are:

• Directors, officers, employees, representatives and other individuals associated with the companies in which JCF has made an investment or is considering making an investment;
• Individual representatives of third party sellers, placement agents, finders, investment bankers, consultants, lawyers, accountants, advisers and other service providers, whether or not engaged by JCF;
• Directors, officers, employees and other representatives of JCF;
• Individuals applying for or inquiring about employment with us; and
• Visitors to our Sites and users of any digital services we provide.

Jcfco.com (the “Site”) is operated from servers in the United States. BY USING THE SITE AND PROVIDING INFORMATION TO US, YOU ACKNOWLEDGE THAT YOU ARE TRANSFERRING PERSONAL DATA TO, AND SUCH PERSONAL DATA MAY BE PROCESSED BY, JCF IN THE UNITED STATES.

Please be aware that the Site may contain links to other websites hosted by third parties. JCF does not control and is not responsible for the content or privacy practices and policies of such third party websites. We encourage you to be aware when you leave the Site and to read the privacy policies of each third-party website, especially if such website collects Personal Data from you.

In connection with the Services, we collect:

• Identification information (including name, ID card and passport numbers, nationality, place and date of birth, gender, picture);
• Contact information (including postal address and e-mail address, phone number);
• Family situation (including marital status, number of children);
• Tax status (including tax ID, tax residence);
• Professional and employment information (including resume details, work history, personnel files, pay and benefits information);
• Financial data (including bank account details, credit card number, money transfers, including communications regarding bank transfers, assets, investment profile, credit history, debts and expenses);
• Service data (including information on requests you make to provide our Services);
• Technical data (including technical information collected when you access our Sites, including your internet protocol (IP) address or domain names of the devices utilized, any login data, browser type and version, uniform resource identifier (URI) address, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Sites);
• Marketing and communications data (including your preferences in receiving marketing from us and our third parties and your communication preferences);
• Other background data (including information on criminal history/unlawful conduct); and
• Health information (including if you attend one of our events, information like dietary restrictions or disabilities or if a business we are considering investing in makes the information available to us).

Where this includes sensitive Personal Data (such as special categories of Personal Data, or Personal Data related to criminal convictions and offences, for the purposes of the GDPR), we would only process such Personal Data where, to the extent required, there is an appropriate legal basis for doing so (such as, as relevant and applicable, such processing is necessary for reasons of substantial public interest).

We collect this Personal Data in various ways, including:

• Directly from the Data Subject (for example, from visitors to our offices, visitors to our Sites, when you apply for a job, send us an email, other written correspondence or complete a form in connection with our Services);
• Indirectly from other sources, including publicly available directories and sources (for example, when we are evaluating an investment opportunity and we receive diligence information from the target that may include personal data, when service providers provide us personal data in connection with their services, or when we undertake certain investment activities during which we may receive personal data from placement agents, finders, investment bankers, consultants, lawyers, accountants, advisers and others, whether or not engaged by JCF); and
• Automatic Collection Tools. Using a third party tool called “Google Analytics”, we automatically collect certain anonymous user data from Data Subjects who visit the Site that may be identifiable through the use of data collection tools (such as “Cookies” or similar technologies) on the Site that record certain usage information, such as the number and frequency of visitors to the Site. This information may include the websites that you access immediately before and after your visit to the Site and which Internet browser you are using and geographical locational information.

Please see our separate Cookie Notice to learn about how we use Cookies on the Site.

We use Personal Data for a variety of business purposes.

When processing Personal Data in connection with our Investment Services, we generally rely on our legitimate business interests. These include:

• making, maintaining, managing and disposing of our investments;
• conducting due diligence and evaluating business opportunities;
• developing new investment opportunities;
• managing, operating, improving and growing our business, administering the Services and managing investor accounts, including through the use of third party service providers;
• complying with legal or regulatory obligations, such as our obligations regarding tax withholdings;
• processing and considering applications for employment, including evaluating and confirming your suitability for a position and accuracy of any information submitted;
• monitoring and auditing compliance with internal policies and procedures, legal obligations and to meet requirements and orders of regulatory, governmental, tax and law enforcement authorities;
• investigating any complaints or pursuing or defending any claims, proceedings or disputes;
• monitoring and improving our relationship with you; and
• conducting risk mitigation activities to maintain and protect the safety and security of our Services, Sites, systems, premises and events, and to prevent and detect security threats, fraud or other criminal or malicious activities.

When processing Personal Data in connection with our Marketing Activities, we also generally rely on our legitimate business interests. These include:

• communicating with Data Subjects and building relationships with Data Subjects;
• conducting direct marketing activities and providing newsletters, updates, invitations and other information that we believe may be of interest to you; and
• administering, improving and customizing our Sites and understanding how our Services are used.

We also may process Personal Data to perform a contract with you or to take steps at your request before entering into a contract, including to: (i) provide you with information regarding JCF Services, (ii) assist you and answer your requests, or (iii) evaluate whether we can offer you JCF Services and under what conditions.

We also may process Personal Data with your consent, but only in those cases where we make it clear to you in advance that we are relying on your consent for the processing.

If you do not provide us with your Personal Data, we may not be able to provide products, services and/or related information to you or maintain a business relationship with you.

We share your Personal Data as necessary in connection with the Services and as follows:

• Service Providers. We may disclose your Personal Data to third-party service providers to provide us with services such as website hosting, professional services, including information technology services and related infrastructure, customer service, e-mail delivery, auditing and other similar services.
• We may disclose Personal Data to our affiliates for the purposes described in this Privacy Notice, including for their marketing purposes, and to be consistent with our goal of providing the superior client service and engagement experience that our clients have come to expect from us around the world.
• To Perform Investment Services. We will also disclose Personal Data to the following categories of third parties: (i) anyone involved in the matter we are working on, including lawyers, barristers, counterparties, experts, mediators, opponents, attorneys and witnesses, (ii) law enforcement, tax and regulatory agencies and bodies, (iii) insurers, and (vi) service providers such as IT and telephone services, catering, document production and postal and delivery services.
• Fulfill Requests. We may disclose Personal Data to third parties in order to perform services you request or functions you initiate, including when you post information and materials publicly on message boards and forums.
• Corporate Transactions or Events. We may disclose your information to a third party in connection with a corporate reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital, including in connection with any bankruptcy or similar proceedings.
• Other Legal Reasons. In addition, we may use or disclose your Personal Data as we deem necessary or appropriate: (1) under applicable law, including laws outside your country of residence; (2) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (3) to comply with subpoenas and other legal processes; (4) to pursue available remedies or limit damages we may sustain; (5) to protect our operations or those of any of our affiliates; (6) to protect the rights, privacy, safety or property of JCF, our affiliates, you and others; and (7) to enforce our terms and conditions.

JCF seeks to maintain physical, electronic, and procedural safeguards in accordance with our information security program in order to protect your personal data from unauthorized access or use. To protect your personal information from unauthorized access and use, we implement security measures that follow industry practices. However, no data transmission or storage system can be guaranteed to be secure at all times and we cannot ensure or warrant the security of any information you transmit to us or others through the Sites. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.

JCF retains personal data pursuant to our records retention program for as long as is necessary for the purposes set out in this Privacy Notice, unless a longer period is required or permitted under applicable law or is needed to resolve disputes or protect our legal rights.

In general, we seek to ensure that we keep your Personal Data accurate and up to date. However, you are responsible for, and we kindly request that you inform us of, any changes to your Personal Data (such as a change in your contact details). To update or edit your Personal Data that we have on file, including your communication preferences, please contact us using the contact details set out under the “Contact and Complaints” heading below or by sending an e-mail to [email protected].

For individuals in the European Economic Area (“EEA”) or United Kingdom (“UK”), please click here for additional detailed disclosures.

JCF takes very seriously any complaints we receive about our use of your Personal Data. Questions, comments, requests or complaints regarding the Site, this Privacy Notice, the user agreement and/or our use of your Personal Data should be addressed to [email protected].

Any Personal Data we receive from you when making a complaint will be treated in accordance with this Privacy Notice and only to process the complaint and check on the level of service we provide. Similarly, where inquiries are submitted to us, we will only use the information supplied to us to deal with the inquiry and any subsequent issues and to check on the level of service we provide.