Privacy Policy

1. Introduction

This Privacy Policy (the “Policy”) applies to Quinbrook Holdings Limited, Quinbrook Infrastructure Partners (Jersey) Limited, Quinbrook Infrastructure Partners Limited, Quinbrook Infrastructure Partners Pty Ltd, Quinbrook Infrastructure Partners LLC, Quinbrook Capital Partners LLC as well as their related corporations and affiliates (together, “Quinbrook”, “we” or “us”).

We are committed to protecting and respecting your privacy. This Policy explains how we collect, use and process your personal data in compliance with our legal obligations, including, where applicable, the UK GDPR, the Jersey Data Protection Laws, the Australian Privacy Act and the US Gramm-Leach-Bliley Act and accompanying SEC Regulation S-P (all as defined below). For the purposes of the UK GDPR and the Jersey Data Protection Laws, we are controllers of personal data. This Policy applies to the personal data of investors (or their representatives), service providers (or their representatives), website users and all other persons whose personal data we may process. For the purposes of the Australian Privacy Act, “processing” includes collecting, storing, using, transferring and disclosing.

Depending on how you interact with us or where you are located, different laws may be applicable to our processing of your personal data, such as Regulation (EU) 2016/679 General Data Protection Regulation as it forms part of the laws of the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (the “UK GDPR”), the Data Protection (Jersey) Law 2018 the Data Protection Authority (Jersey) Law 2018 (together, the “Jersey Data Protection Laws”), the Privacy Act 1988 (Cth) (“Australian Privacy Act”) and the US Gramm-Leach-Bliley Act and accompanying United States Securities and Exchange Commission (SEC) Regulation S-P (“Regulation S-P”).

 

2. What personal data do we collect?

In the course of our business, we may collect information or a combination of different information, that could identify you or reasonably allow you to be identified (including factual information and opinions about you) (“personal data”). For the purposes of this Policy, personal data includes personal data as defined under the UK GDPR and the Jersey Data Protection Laws and nonpublic personal information as defined in Regulation S-P.

We may collect, use, store and transfer personal information from individuals that are employees, directors, officers or other representatives or agents of market counterparties, professional services and other service providers, trade associations, public bodies and other entities or undertakings.

Such personal data is typically limited in scope and may include the following:

  • in relation to investors: name, postal address, email address, telephone number and other contact information, identity and nationality documentation, occupation and employer details, bank account details, tax identification numbers, social security or other unique identifier numbers, information about marketing and communication preferences, online identifiers (such as internet protocol (IP) addresses), usage data (such as interactions with our website or use of certain online tools), or other similar identifiers;
  • in relation to service providers: limited personal data of the individuals who are employees or other representatives of the service providers, such as names, email address, telephone number and other contact information; and
  • in relation to website users, the categories may include name, email address, username, password, IP addresses.
  • For the exhaustive list of cookies we collect see Section 13 “List of cookies we collect”.

Where it is lawful and practicable, you may choose not to identify yourself or to use a pseudonym when dealing with us. However, in most circumstances we will need to identify you to properly provide you with our services, comply with our legal obligations, or process investments.

 

3. How do we collect personal data?

We may collect personal data through a range of means. These may include (i) direct interactions, where a person provides personal data to us through correspondence or other direct methods of communication, including in the course of account applications, subscription agreements or other related documentation or transactions; (ii) through third-party service providers (for example, recruitment agents, investor’s brokerage or financial advisory firm, or consultants); or (iii) publicly available sources (where we receive personal data through a publicly available source such as a website or publicly-available registry) or sources designed to detect and prevent fraud or other violations of applicable laws and regulations.

 

4. Why do we process and how do we use your personal data?

We will only process personal data in circumstances where we have established a lawful basis to do so if and as required under applicable laws, including the UK GDPR and the Jersey Data Protection Laws.

These circumstances include:

  • where the processing of the relevant data relates to a legitimate interest of Quinbrook. In such circumstances Quinbrook will have established that the processing is necessary for the relevant purpose, and where we are satisfied our interests are not overridden by the interests or fundamental rights or freedoms of the individuals concerned;
  • where we need to perform the contract we are about to enter into or have entered into with you; or
  • in order to comply with a legal obligation to which we are subject.

In accordance with the above, we have determined that, in some cases (as further outlined below), the lawful basis for our processing of personal data are our legitimate interests to undertake activities necessary and ancillary to the carrying on of an investment management business, including where necessary for the purposes of carrying out activities relating to investments in the relevant fund, the administration of the relevant fund, the investment activities of the relevant fund, otherwise in furtherance of any contract entered into with respect to the activities of the relevant fund and entering into contractual arrangements in the context of our investment management business, to exercise and comply with our rights and obligations at law or under regulation where such obligations are not set out under the laws of the United Kingdom (“UK”) or Jersey, to establish, exercise or defend legal claims and in order to protect and enforce our (or another person’s) rights, property, or safety, or to assist others to do the same, and in order to provide information about our services and any investment products we offer. Our legitimate and overriding interests which may necessitate the use of personal data may also include protecting against fraud, including detecting fraud risks and managing risk exposure; verifying your identity and responding to your inquiries, and keeping records of our communications with you; and complying with industry standards and our policies, including administering and improving our website and internal operations such as testing, research, statistical and survey purposes.

In addition, we may also control or process personal data where the individuals have provided their consent.

We may from time to time control or process personal data in respect of the relevant fund’s marketing and advertising the relevant fund and/or other investment vehicles and/or related services. In certain circumstances, we may send communications about our services, events and other marketing communications to you. If you do not wish your personal data to be processed for marketing purposes you may have the right to opt out of such processing, as described further below (Section 9 “Your Rights”). If we use your personal data for direct marketing in Australia, each marketing communication will include a simple means by which you can opt out of receiving further marketing communications. If you request, we will also provide you with information about the source of your personal information for marketing purposes, unless it is impracticable or unreasonable to do so. You may opt out of direct marketing at any time by contacting us at the details below or using the unsubscribe function in our communications.

In addition to the uses described above, in some circumstances, we may use personal data provided to us to establish, exercise or defend legal claims, including responding to a judicial process, law enforcement or governmental agency.

We will only use personal information for the purposes for which it had been collected, unless: (i) we reasonably consider that we need to use it for another reason; (ii) we have obtained consent or you would have reasonably expected that your personal information would be used for such secondary purpose; and (iii) that secondary purpose is compatible with and related to the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so, or if required, obtain your consent..

Should you have concerns regarding our use of your data described above, please contact us. In certain circumstances you may be entitled to object. We have set out further information about your rights in this Policy.

 

5. Who do we share with and disclose to your personal data?

In order to run our business and provide services to you, we may share the categories of personal data identified in Section 2 within the group.

We also reserve the right to share all personal data we collect with certain non-affiliated third parties for the purposes set out above. The relevant non-affiliated third parties with whom such personal data may be shared include entities appointed to provide services to us and our affiliates, or those entities’ group companies (including financial service providers such as banks and auditors, non-financial companies such as administrators, law firms, consultants and placement agents and others, such as regulatory, legal and tax authorities, including governmental organisations, self-regulatory organisations; and third parties in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, dissolution, or liquidation). We may also make disclosures to other nonaffiliated third parties as permitted by law. Further details of the non-affiliated third parties with whom personal data may be shared are available on request, by contacting us at the address set out below. Wherever possible, we will only disclose personal data to a non-affiliated third party in circumstances where that non-affiliated third party has agreed to respect the security and confidentiality of personal data and treat it in accordance with applicable law. We will seek to ensure that non-affiliated third parties to whom any personal data may be disclosed will not use personal data for their own purposes and only process personal data for specified purposes and otherwise in accordance with our instructions and/or with applicable laws, including the UK GDPR, the Jersey Data Protection Laws and Regulation S-P. We treat personal data of former customers the same way we treat personal data of current customers, applying the same disclosure practices.

We may also disclose personal data about you to a non-affiliated third party at your request or direction or with your consent.

 

6. International transfers of personal data

Our activities are such that it may be necessary for personal data to be transferred and/or processed outside the jurisdiction in which we collected the personal data (“Local Jurisdiction”). The countries in which such recipients are likely to be located include UK, Jersey, Australia and United States of America.

In circumstances where we transfer personal data outside the Local Jurisdiction, we will seek to ensure a similar degree of protection is afforded to it by ensuring that personal data is generally transferred only to persons in countries outside the Local Jurisdiction in one of the following circumstances:

  • to persons and undertakings in countries that have been deemed to provide an adequate level of protection for personal data by the relevant regulatory or other governmental body in the Local Jurisdiction;
  • to persons and undertakings to whom the transfer of such personal data is made pursuant to a contract that is compliant with the standard data protection clauses for the transfer of personal data to third countries from time to time approved by the relevant regulatory or other governmental body in the Local Jurisdiction;
  • to persons and undertakings outside of the Local Jurisdiction pursuant to other appropriate safeguards for the transfer of personal data, or otherwise in accordance with applicable laws of the Local Jurisdiction; and
  • only on one of the conditions allowed under the applicable laws of the Local Jurisdiction (including, where applicable, the UK GDPR and the Jersey Data Protection Laws) in the absence of an adequacy decision or appropriate safeguards.

Further information on specific mechanisms utilised by Quinbrook transferring personal data outside the Local Jurisdiction and the countries to which such transfer may be made (which may include, but are not limited to Australia and the United States) may be obtained upon request, by contacting us at the address set out below.

 

7. Security and retention of personal data

We maintain physical, electronic, technical, administrative and procedural safeguarding policies, practices and arrangements to protect the security and confidentiality of your personal data. Access to personal data is restricted on a need-to-know basis and to those employees and representatives who have been advised as to the proper handling of such data. We take reasonable steps and use security measures appropriate to the nature of the information in compliance with applicable laws to protect your personal data against unauthorised access and exfiltration, acquisition, theft, misuse, unauthorised modification, interference, disclosure or anticipated threats or hazards to the security or integrity of your personal data. Given the nature of information security, there is no guarantee that such safeguards will always be successful.

We seek to maintain accurate, up to date data, and correct inaccurate information on a timely basis. Please also see below information about your right to rectification.

We will retain personal data for as long as necessary to fulfil the purposes for which it has been collected. This will include any period of retention required to satisfy any applicable legal, regulatory, taxation, accounting, regulatory or reporting requirements. In addition, some data may be retained with a view to potential litigation or complaints (subject to applicable limitation periods).

In determining the appropriate retention period for any personal data, we will consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of the data, the purpose for which the relevant data is being processed, the extent to which the purposes for which the relevant data is being processed can be achieved by other means and any applicable legal requirements. Without prejudice to the generality of the forgoing, we have determined that we will retain records for at least five years, in accordance with the rules, requirements and guidance of the FCA.

When retention is no longer necessary, we securely dispose of your personal data, in accordance with applicable laws and regulations, and our own policies and procedures.

Details of retention periods applicable to personal data subject to the UK GDPR and the Jersey Data Protection Laws are available upon request, by contacting us at the address set out below. In some circumstances, a person may request that we delete any personal data retained by us. Further, in some circumstances, we may anonymise personal data for research or statistical purposes, in which case such information may be retained and utilised indefinitely without further notice.

 

8. How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our Website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the Website.

 

9. Your rights

Under the UK GDPR, the Jersey Data Protection Laws, the Australian Privacy Act and Regulation S-P, persons whose data is processed or disclosed by Quinbrook will have certain rights. You can exercise these rights by contacting us using the information below. You may be asked to provide some proof of identification so that we can verify that it is you making the request.

Your rights may differ depending on your location, however, some of the main rights include:

  • Access. You have the right to know we collect certain personal data about you and to ask us for copies of your personal data. Please use the contact details provided at the end of this Policy.
  • Rectification. You have the right to request that we correct your personal data you think is inaccurate or incomplete.
  • Objection to processing. You have the right to object to processing in some circumstances, including where we are using your personal data for our legitimate interests and for direct marketing purposes, including by contacting us at the address set out below.
  • Erasure. You have the right to request that we erase the personal data we have collected about you in certain circumstances. The right to erasure is not absolute, and only applies if we no longer need your personal data to carry out the purpose that we collected it for; you have withdrawn your consent to our use of your personal data; you have objected to our use of your personal data and your interests outweigh our interests in using it; you believe we have processed your personal data unlawfully; or we have a legal obligation to erase your data. We will consider any request to erase personal data for any of the above reasons and endeavour to comply with the request to the extent permitted by law, but we may not always be able to comply with your request. If we are unable to comply with your request, we will contact you in writing.
  • Restrict processing. You have the right to ask us to restrict the processing of your personal data in certain circumstances, including if you have concerns regarding the accuracy of your personal data, where you have made an objection to our use of your personal data; or if you believe we processed your personal data unlawfully, but you do not want us to delete it.
  • Data portability. You have the right to receive a copy of the personal data that we collect about you in a way that is accessible and in a machine-readable format where the processing is based on your consent, the performance of a contract with you, or carried out by automated means. You have the right to request that such personal data be transmitted directly from us to another data controller, where technically feasible.
  • Withdrawal of consent. You can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
  • Right of non-discrimination. We will not unlawfully discriminate nor retaliate against you for exercising the rights under this section.
  • Right of appeal. Under the laws of certain jurisdictions, you have the right to appeal our decision not to act on your request to exercise certain of the rights described above. To appeal our decision if you are in an eligible jurisdiction, please email us at: privacy@quinbrook.com with the subject line “Individual Rights Request Appeal”.
  • “Shine the Light” Law Rights. Under the California “Shine the Light” law, California residents may opt out of our sharing their personal data with certain parties for their direct marketing purposes. In order to exercise this right, include the subject line “Shine the Light Opt-Out” in the subject line and your name and in the body of the message as provided in this section 9.

In certain circumstances, Quinbrook may charge reasonable fees if any such request is clearly unfounded, repetitive or excessive, and otherwise in accordance with applicable law.

If you wish to make a complaint regarding our handling of your personal data, you can contact us at the details set out below.

We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint. Our Head of Compliance and Financial Control deals with privacy complaints. We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.

After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.

In certain instances, you may designate an authorized agent to exercise your rights under this section. The agent may submit the requests as in this section. We have verification processes that we will need to follow, and as part of our verification process, we may request that the agent provide proof concerning their status as an authorized agent and that you verify your identity and confirm that you provided the agent permission to submit the request.

You may also make a complaint to the relevant supervisory authority for data protection issues. In the UK this is the Information Commissioner’s Office (“ICO”). Contact details for the ICO may be found at www.ico.org.uk. In Australia this is the Office of the Australian Information Commissioner (OAIC). Details of how to lodge a complaint with the OAIC may be found at www.oaic.gov.au.

If you are in the US, you have the following rights:

Opt-out rights. Quinbrook discloses, and reserves the right to disclose, the personal data identified in Section 2 to the non-affiliated third parties listed in Section 5. You have the right to opt-out of having Quinbrook share your personal data with non-affiliated third parties for purposes that are not otherwise permitted by law; provided, however, that you cannot opt out of our sharing of your information: (i) to effect, administer, or enforce transactions you request or authorize; (ii) with consumer reporting agencies in accordance with the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.); (iii) to comply with legal or regulatory requirements; (iv) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability; or (v) in connection with a sale, merger, transfer, or exchange of all or a portion of our business.

How to opt out. You may exercise your opt-out rights by emailing privacy@quinbrook.com. Your opt-out direction would apply to financial products or services that consumers obtain from Quinbrook.

Joint Relationships. In the instance that you and someone else jointly obtain a financial product or service from us, either of you may exercise the opt-out rights explained above.

 

10. Affiliate Information Sharing and Your Choices (US only)

We may share certain information about you with our affiliates. US federal law gives you the right to stop our sharing of certain types of non-transaction and non-experiential personal data, such as credit scores and credit history, with our affiliates.

How to opt out. You may opt out of our sharing of non-transaction and non-experiential personal data with our affiliates at any time by emailing privacy@quinbrook.com.

 

11. Links to other websites

Our website may contain links to third party websites. Any access to and use of such third party websites is not governed by this Policy, but, instead, is governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third party websites.

 

12. Notice Delivery and Changes to this Policy

If required under applicable law, you will receive this privacy notice when you establish a customer relationship with us, and annually thereafter, in a manner reasonably designed to ensure that you receive it in writing and can retain it for future reference, using one or more of the following methods:

  • By hand delivery at the time you establish a relationship with us.
  • By mail to your last known address.
  • Electronically, if you have consented to receive notices electronically, through:
    • Email sent to the address you have provided, or
    • Posting the notice on our website, accompanied by a requirement that you acknowledge receipt before accessing products or services; or
    • Posting the notice on our website if you have agreed to receive notices at the website.

If required under applicable law you may provide consent to receive notices electronically, by contacting us using the contact information listed in Section 13, below. You may withdraw your consent at any time.

Our policies and procedures with respect to the control or processing of personal data may be amended from time to time. Similarly, the purposes for which we may control or process personal data may change from time to time. If any changes would require a material amendment to the information set out herein, details of such changes will be made available by posting a new version of this Policy on the website. We encourage you to check the website regularly for information about revisions to this Policy. If you object to the change to our Policy, then you must contact us by any of the methods set out below regarding your objection or you must not continue to use our services.

If required under applicable law, you may also receive revised notices from time to time if we intend to disclose a new category of personal data to any non-affiliated party, if we intend to disclose personal data to a new category of non-affiliated third party, or if we intend to disclose personal data about a former customer, who has not have the opportunity to exercise an opt out right, to a non-affiliated third party.

For questions about this notice or your privacy rights, please contact us using the contact information listed in Section 13, below.

 

13. How to contact us

If you wish to request any information or have any questions regarding this Policy or its implementation, you may email us at privacy@quinbrook.com. You may also write to us at:

Quinbrook Infrastructure Partners Limited
3rd Floor, 24 Savile Row, London, W1S 2ES
Attention: Global Head of Compliance

 

14. List of cookies we collect