Privacy Policy

Paxor NSO

Effective Date: January 1, 2025

1. Introduction and Scope

Welcome to Paxor NSO ("Paxor NSO," "we," "us," or "our"). This Privacy Policy describes how we collect, use, store, and protect personal information through our website at paxor-nso.com (the "Website") and in connection with our investment management activities as a SEBI-registered Foreign Institutional Investor specializing in growth-stage investments.

This Privacy Policy applies to:

• Visitors to our Website
• Current and prospective investors (Limited Partners)
• Portfolio companies and their representatives
• Service providers and business partners
• Job applicants and employees
• Event participants and other stakeholders

Important Note: This Privacy Policy does not apply to information collected from our investors in connection with specific fund investments, which is governed by separate fund documentation and regulatory requirements. However, general operational and communication data may be subject to this policy.

By using our Website or engaging with our services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

Investor and Business Contact Information:

• Full name, title, and professional designation
• Company name and business address
• Email address and telephone numbers
• Investment preferences and objectives
• Financial and accreditation information
• Investment history and experience

Portfolio Company Information:

• Management team details and contact information
• Business and financial data
• Operational metrics and performance information
• Strategic and confidential business information

Website and Communication Data:

• Newsletter subscriptions and communication preferences
• Event registration information
• Feedback, inquiries, and survey responses
• User-generated content and submissions

Employment and Professional Information:

• Resume and career history
• Professional references and recommendations
• Educational background and certifications
• Skills, experience, and expertise areas

2.2 Information Collected Automatically

When you visit our Website or interact with our digital communications, we automatically collect:

Technical Information:

• IP address and approximate geographic location
• Browser type, version, and settings
• Operating system and device information
• Referring and exit pages and URLs
• Pages viewed and time spent on our Website
• Click-through rates and user interaction patterns

Cookies and Tracking Technologies:

• Session and persistent cookies
• Web beacons and tracking pixels
• Analytics and performance tracking data
• Preference and customization settings

2.3 Information from Third Parties

We may collect information about you from third-party sources, including:

• Publicly available databases and business directories
• Professional networks and industry publications
• Co-investors and business partners
• Service providers and due diligence partners
• Regulatory filings and compliance databases

3. How We Use Your Information

3.1 Investment and Business Operations

We use your information for:

• Due Diligence and Investment Analysis: Evaluating investment opportunities and portfolio performance
• Investor Relations: Communicating with current and prospective investors about fund performance, opportunities, and regulatory requirements
• Portfolio Management: Managing relationships with portfolio companies and monitoring investments
• Regulatory Compliance: Meeting SEBI requirements and other applicable securities regulations
• Risk Management: Assessing and managing investment, operational, and compliance risks

3.2 Website and Communication Services

We use your information to:

• Operate and improve our Website functionality
• Provide requested information and respond to inquiries
• Send newsletters, market updates, and investment insights
• Organize and manage events, conferences, and meetings
• Customize your experience and content preferences

3.3 Internal Operations and Analytics

We use your information for:

• Internal research and analytics
• Business development and partnership opportunities
• Recruitment and human resources activities
• Legal and compliance requirements
• Audit and financial reporting purposes

3.4 Security and Legal Compliance

We process your information to:

• Protect against fraud, unauthorized access, and security threats
• Comply with legal obligations and regulatory requirements
• Enforce our terms of service and other agreements
• Respond to legal requests and court orders

4. Legal Basis for Processing (International Users)

For users subject to GDPR or similar privacy laws, we process your personal information based on:

• Contractual Necessity: To fulfill our obligations under investment agreements, service contracts, or Website terms
• Legitimate Interests: For business operations, investment activities, compliance, and security purposes
• Legal Compliance: To meet regulatory requirements under SEBI regulations and other applicable laws
• Consent: Where explicitly provided for marketing communications or optional services

5. Information Sharing and Disclosure

5.1 Within Paxor NSO

We may share information internally among our investment team, operations staff, and leadership for business operations, compliance, and decision-making purposes.

5.2 Service Providers and Business Partners

We share information with trusted third parties who provide services on our behalf, including:

• Fund Administration: Administrators, auditors, and custodians
• Legal and Compliance: Law firms, compliance consultants, and regulatory advisors
• Technology Providers: Website hosting, data analytics, and cybersecurity services
• Due Diligence Partners: Research firms, background check providers, and industry experts

5.3 Co-Investors and Syndicate Partners

In connection with co-investment opportunities, we may share relevant information with:

• Co-investment partners and syndicate members
• Other institutional investors participating in funding rounds
• Investment advisors and consultants

5.4 Portfolio Companies

We may share aggregated, anonymized information with portfolio companies for:

• Benchmarking and performance analysis
• Strategic planning and business development
• Industry insights and market research

5.5 Regulatory and Legal Requirements

We may disclose information when required by:

• SEBI regulations and reporting requirements
• Court orders, subpoenas, or legal process
• Regulatory investigations or examinations
• Law enforcement requests
• Protection of our rights, property, or safety

5.6 Business Transactions

In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the business transaction, subject to appropriate confidentiality protections.

6. International Data Transfers

As a global investment firm, we may transfer your personal information to countries outside India, including:

• Portfolio companies and co-investors in various jurisdictions
• Service providers located internationally
• Regulatory authorities in relevant markets

We ensure appropriate safeguards for international transfers through:

• Standard contractual clauses and data transfer agreements
• Adequacy decisions recognized by applicable authorities
• Binding corporate rules and certification schemes
• Explicit consent where required by law

7. Data Security

7.1 Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards:

• Encryption of sensitive data in transit and at rest
• Multi-factor authentication and access controls
• Regular security assessments and penetration testing
• Secure data centers and cloud infrastructure

Organizational Safeguards:

• Data access policies and employee training
• Confidentiality agreements and background checks
• Incident response and business continuity plans
• Regular security audits and compliance reviews

7.2 Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• Assess the scope and impact of the incident
• Contain the breach and implement remedial measures
• Notify affected individuals and relevant authorities as required by law
• Provide guidance on protective measures you can take

8. Data Retention

8.1 Retention Periods

We retain personal information for different periods based on:

• Investment Records: As required by SEBI regulations and fund documentation (typically 5-10 years after fund closure)
• Website Data: For the duration of our relationship plus applicable limitation periods
• Marketing Information: Until you withdraw consent or we determine it's no longer necessary
• Legal and Compliance Records: As required by applicable laws and regulations

8.2 Secure Disposal

When we no longer need your personal information, we securely delete or anonymize it using industry-standard methods to prevent unauthorized access or recovery.

9. Your Privacy Rights

9.1 General Rights

Depending on your location and applicable laws, you may have the right to:

• Access: Request information about how we use your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information in certain circumstances
• Restriction: Limit how we process your information
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests or for marketing purposes

9.2 Marketing Communications

You can:

• Unsubscribe from marketing emails using the link in each message
• Update your communication preferences through our Website
• Contact us directly to modify your subscription settings

9.3 Exercising Your Rights

To exercise your privacy rights:

1. Submit a request to compliance@paxor-nso.com
2. Provide sufficient information to verify your identity
3. Specify the nature of your request and relevant details
4. We will respond within the timeframe required by applicable law

Note: Some rights may be limited by legal or regulatory requirements, particularly regarding investment records subject to SEBI regulations.

10. Cookies and Tracking Technologies

10.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for Website functionality and security
• Functional Cookies: Enable enhanced features and remember your preferences
• Analytics Cookies: Help us understand Website usage and improve performance
• Marketing Cookies: Support targeted content and measure campaign effectiveness

10.2 Managing Cookies

You can control cookies through:

• Browser settings and preferences
• Our cookie consent management tool
• Third-party opt-out mechanisms (e.g., Google Analytics Opt-out)

Note: Disabling certain cookies may limit Website functionality and your user experience.

11. Third-Party Websites and Services

Our Website may contain links to third-party websites, social media platforms, and services. This Privacy Policy does not apply to such third-party sites, and we encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

13. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. We will:

• Post the updated policy on our Website with a new effective date
• Notify you of material changes through email or Website notice
• Obtain consent where required by applicable law

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

14. Regional-Specific Provisions

14.1 India

As a SEBI-registered entity, we comply with:

• Securities and Exchange Board of India regulations
• Information Technology Act and related privacy rules
• Foreign Exchange Management Act (FEMA) requirements

14.2 European Economic Area (EEA) and United Kingdom

For individuals in the EEA or UK, we serve as the data controller and comply with GDPR requirements. You have additional rights under GDPR, including the right to lodge a complaint with supervisory authorities.

14.3 United States

For California residents, we comply with the California Consumer Privacy Act (CCPA). We do not "sell" personal information as defined by CCPA and have not engaged in such activity in the past 12 months.

15. Contact Information

15.1 Privacy Inquiries

For questions about this Privacy Policy or our data practices:

Email: compliance@paxor-nso.com
Subject Line: Privacy Policy Inquiry

15.2 Data Protection Requests

To exercise your privacy rights or report concerns:

Email: compliance@paxor-nso.com
Subject Line: Data Protection Request

15.3 General Contact

Paxor NSO
Website: paxor-nso.com
Email: compliance@paxor-nso.com

16. Definitions

Personal Information/Data: Any information that can identify an individual person, either directly or in combination with other information.

Processing: Any operation performed on personal data, including collection, storage, use, disclosure, and deletion.

SEBI: Securities and Exchange Board of India, the regulatory authority for securities markets in India.

GDPR: General Data Protection Regulation, the European Union's comprehensive privacy law.

Portfolio Companies: Companies in which Paxor NSO has made investments.

Last Updated: January 1, 2025
Version: 1.0

This Privacy Policy has been prepared to comply with applicable privacy laws and SEBI regulations. For specific legal advice regarding compliance requirements, please consult with qualified legal counsel.