These regulations for protected Personal Data have been prepared for the purpose of explaining the details and as guidelines for the accurate, suitable, and safe collection, compilation, storage, use, and disclosure of Personal Data in order to protect the rights of Personal Data owners such as customers, service users, employees or stakeholders who provide Personal Data to the Company either directly or through the Company's information technology system and for practice in compliance with the tenets set forth in the Personal Data Protection Act (2012) (PDPA).

Company, “we”, “us” or “our” means 9 Basil Limited Partnership, 9 Basil Pte. Ltd., 9 Basil Fund 2 LP, and 9 Basil Fund 2 Pte. Ltd. (the 9 Basil Funds), each of the direct or indirect subsidiaries of 9 Basil Funds (the "9 Basil Group") and 9 Basil Group managed products. 9 Basil Funds, 9 Basil Group functions, and the entity you contract with are the controllers of your Personal Data.

Personal Data means information about a person that can be used to either directly or indirectly identify said person. An officially Authorized Person is a person whom the highest-ranking executives have assigned to oversee, take responsibility for, and perform work. Cookies mean tiny components of data stored in the equipment of customers or service users or stakeholders enabling the website to store as memory in accessing the website or methods for each use of the website.
References to "you" or "your" refer to individuals whose Personal Data is processed by the Company, including individual investors and client employees, officers or agents (together "Representatives") with direct or indirect relationships (such as those who invest through an intermediary); and beneficial owners of an organization or entity in connection with:

• the provision of services to potential and actual clients;
• transactions to which we are party (including those which we effect on behalf of clients); or
• services provided to us by a third-party vendor.

The Company respects and gives importance to Personal Data rights and Personal Data protection. In addition, the Company is well aware that you need security and safety when using services. Personal Data received by the Company and/or the Company's group, such as names, age, addresses, telephone numbers, identification numbers, and financial information, etc., which can identify the data owner and are complete, accurate, up-to-date and quality Personal Data will be used only in line with the Company's operating objectives. The Company enacts strict security measures and prevents Personal Data from being used without permission from data owners. The Company will report breaches of Personal Data to data owners immediately when violations occur.

The Company collects Personal Data from various channels. Personal Data collected by the Company might include the following types (the PI listed for each category are non-exhaustive examples):

1. Data Provided Directly by Customers, Service Users or Stakeholders
   • Contact data
     Personal address, telephone number, email address.
   • Financial data
     Account number, client reference number, account statements, and investment history.
   • Marketing, Behavioral, and Communications data
     Marketing and communication preferences; information about your use of our websites, our portals and platforms as explained in our Cookie Notice.
   • Professional Information data
     Position/job title, business address, business telephone number, business email address.
   • Profile data
     Username and password for our online services that you have access to, investments made by you, services requested, marketing communications responded to survey responses.
   • Services data
     Payment details to and from you, details of services you have provided to us, or we have provided to you.
   • Technical data
     Your use of and interaction with our online services, your IP address browser type and version, browser plug in types and versions operating system.
   • Sensitive Personal Information
     In limited circumstances we may collect information about criminal convictions and offences, when legally required; dietary requirements, if we are arranging catering; disability, to make reasonable accommodations for you in our buildings; political affiliations, for us to determine whether you are a politically exposed person.
2. Data Used by Customers, Service Users or Stakeholders
   • Technical data
     Your use of and interaction with our online services, such as IP numbers, dates and times of use, equipment code, equipment type, mobile phone network data, connection data, geographic positioning data, browser type, website entry-exit logging data, referring website data, website history data, login logs and transaction logs.
   • Electronic Monitoring data
     To the extent permitted by law, we may record and monitor your electronic communications with us.
   • Audio recording data
     To the extent permitted by law, we may record and monitor your audio recording data when communications are made to the Company or logs of contact details.
   • We may collect data created by analysis and collection of statistics on the use of services or systems, such as customer behavior, website entry statistics, website access time, searched data, use of website functions, and data collected by the Company through cookies

The Company stores the aforementioned Personal Data for objectives in the Company's legal operations and to enhance the Company's operations. The Company stores only necessary Personal Data for operations such as the following:

• For reports/activities involving the Company's business activities.
• For delivering the services you have requested, including liaising with third parties and providing access to our technology solutions services.
• For the benefit of studies, research, and statistics.
• For entering into a relationship at your request, including performing anti-money laundering, anti-terrorism, sanction screening, fraud, and other due diligence checks.
• For managing payments, fees, and charges and to collect and recover money owed to the Company.
• For managing our relationship with you, which will include notifying you about changes to our terms of business or this privacy notice.
• For interacting with governmental or regulatory bodies or other competent national authorities.
• For managing and protecting our business, including improving data security, troubleshooting data and systems, system maintenance and testing, data hosting, managing our offices and other facilities.
• For development of services, marketing, advertisement, sending newsletters on products and promotions related to the Company's products and services.
• For detecting or preventing fraud and/or other criminal activity and to protect our employees and assets.
• For marketing communications and service updates (including by paper and electronic channels), to better understand how our websites and platforms are used and to improve user experience.
• For improvement, development, and enhancement of the Company's operations.
• For accepting complaints, recommendations, criticisms or for expressing opinions.
• For contacting data owners via any channels to make inquiries, notifications, examinations, and confirm data related to data owners or survey opinions as necessary.
• For checking data in compliance with the law and associated criteria and rules currently enforced and future revisions or additions.

To facilitate the Company's business operations or perform the Company's duties to customers, the Company may disclose Personal Data to service providers who are third parties, representatives, subsidiaries, or associated persons located domestically or abroad for any objective of Personal Data storage, utilization, disclosure, and processing. Furthermore, the Company may disclose Personal Data to government officials or agencies to comply with laws, rules, guidelines, regulations, or management systems enforced on the Company. The Company will require third-party agencies to maintain the secrecy and safety of Personal Data, and the Company forbids the use of the aforementioned Personal Data for any objectives other than those specified by the Company. The following examples are examples of third parties to whom the Company may disclose personal data:

• Other members of the 9 Basil Group;
• Professional advisors, third parties, agents, or independent contractors that provide services to any member of the 9 Basil Group (such as IT systems providers, data import service providers, platform providers, financial advisors, brokers, consultants (including lawyers and accountants);
• Goods and services providers (such as providers of marketing services where we are permitted to disclose your personal information to them), intermediaries, brokers, management service providers, and operation service providers involved in the Company's business such as telecommunications, information technology, logistics, product transformation, assembly, installation, publication, postal services or marketing services and sales promotion activities and other individuals and entities that partner with us;
• competent authorities (including any national and/or international regulatory or enforcement body, agency, court, or other form of tribunal or tax authority) or their agents where the Company is required or allowed to do so under applicable law or regulation;
• a potential buyer, transferee, merger partner, or seller and their advisers in connection with an actual or potential transfer or merger of part or all of the Company's business or assets, or any associated rights or interests, or to acquire a business or enter into a merger with it;
• credit reference agencies or other organizations that help us conduct anti-money laundering and anti-terrorist financing checks, detect fraud and other potential criminal activity
• any person to whom disclosure is allowed or required by local or foreign law, regulation, or any other applicable instrument; and
• third parties with whom the Company engages in business have the right to use Personal Data for only operations specified in contracts made with the Company. Part of the specifications in contracts made by the Company with third parties require the aforementioned persons to comply with any laws and policies specified by the Company, and these persons must use appropriate measures to ensure that your Personal Data will be protected and safe.

• the purpose is within the scope of the purposes for which the individual concerned had originally been informed (e.g., if it would fall within the Company's servicing of the existing business relationship with the individual); and
• whether consent can be deemed to have been given by the individual in respect of use or disclosure for that purpose.

In certain circumstances, you may have the following rights in relation to the processing of your Personal Data:

• To know, access, Object, Correct, restrict, delete, revise or ask to check Personal Data.
• To not accept any marketing communication data from the Company.
• To ask the Company to send or transfer Personal Data to other Personal Data controllers when able to do so automatically. You may notify the Company of objectives and identification in writing. When the Company accepts the aforementioned request, the Company will notify the existence or details of data-to-data owners within an appropriate time.