Financial companies choose how they share your personal information. Federal law gives our clients the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

OUR COMMITMENT TO YOUR PRIVACY: We are sensitive to the privacy concerns of our individual limited partners. We have a policy of protecting the confidentiality and security of information we collect about you. We are providing you this notice to help you better understand why and how we collect certain personal information, the care with which we treat that information, and how we use that information.

SOURCES OF NON-PUBLIC INFORMATION: In connection with forming and operating our private investment funds for our limited partners, we collect and maintain non-public personal information. For example, when you give us your contact information, enter into an investment advisory contract with us, buy securities (i.e., interests in a fund) from us, tell us where to send money, or make a wire transfer. The following sources are other specific examples of how we collect information:
• Information we receive from you in conversations over the telephone, in voicemails, through written correspondence, via e-mail, or on subscription agreements, investor questionnaires, applications or other forms;
• Information about your transactions with us or others; and
• Information captured on our website.
• We also may collect your personal information from other sources, such as our affiliates** or other non-affiliated companies.

PERSONAL INFORMATION WE COLLECT: We collect personal information about you in connection with providing advisory services to you. This information includes your social security number and may include other information such as your:
• Assets;
• Investment experience;
• Transaction history;
• Income; and
• Wire transfer instructions.

HOW WE USE THIS INFORMATION. All financial companies need to share customers’ personal information to run their everyday business and we use the personal information we collect from you for our everyday business purposes. These purposes may include for example:
• To provide advisory services to you.
• To open an account for you.
• To process a transaction for your account.
• To market products and services to you.
• To respond to court orders and legal investigations.

DISCLOSURE OF INFORMATION: We do not disclose any non-public personal information about you to anyone, except as permitted by law or regulation and to service providers. We may provide your personal information to our affiliates and to firms that assist us in servicing your account and have a need for such information, such as a broker or fund administrator. We may also disclose such information to service providers and financial institutions with whom we have joint marketing arrangements (i.e., a formal agreement between nonaffiliated financial companies that together market financial products or services to you, such as placement agents). We require third-party service providers and financial institutions with which we have joint marketing arrangements to protect the confidentiality of your information and to use the information only for the purposes for which we disclose the information to them. These sharing practices are consistent with Federal privacy and related laws, and in general, you may not limit our use of your personal information for these purposes under such laws. We note that the Federal privacy laws only give you the right to limit the certain types of information sharing that we do not engage in (e.g., sharing with our affiliates certain information relating to your transaction history or creditworthiness for their use in marketing to you, or sharing any personal information with nonaffiliates for them to market to you).

FORMER LIMITED PARTNERS: We maintain non-public personal information of our former limited partners and apply the same policies that apply to current limited partners.

INFORMATION SECURITY: We consider the protection of sensitive information to be a sound business practice, and to that end we employ physical, electronic and procedural safeguards to protect your non-public personal information in our possession or under our control.

FURTHER INFORMATION: We reserve the right to change our privacy policies and this Privacy Notice at any time. The examples contained within this notice are illustrations only and are not intended to be exclusive. This notice is intended to comply with the privacy provisions of applicable U.S. federal law. You may have additional rights under other foreign or domestic laws that may apply to you.

WHO IS PROVIDING THIS PRIVACY NOTICE. This Privacy Notice relates to the following entities:
• Prysm Capital, L.P. and its related persons
• All entities and accounts managed by the above entities

WHOM TO CONTACT WITH QUESTIONS. If you have any questions about this Privacy Notice, contact IR@prysmcapital.com.

EU PRIVACY NOTICE
This EU Privacy Notice applies to the extent that EU Data Protection Legislation (as defined below) applies to the processing of personal data by an Authorized Entity (as defined below) or to the extent that a data subject is a resident of the United Kingdom (the “UK”), the European Union (“EU”) or the European Economic Area (“EEA”). If this EU Privacy Notice applies, the data subject has certain rights with respect to such personal data, as outlined below.

For purpose of this EU Privacy Notice, “EU Data Protection Legislation” means all applicable legislation and regulations relating to the protection of personal data in force from time to time in the EU, the EEA, or the UK, including and without limitation: Regulation (EU) 2016/679 (the “General Data Protection Regulation”), the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive)

Regulations 2003, or any other legislation which implements any other current or future legal act of the EU or the UK concerning the protection and processing of personal data (including any national implementing or successor legislation), and including any amendment or re-enactment of the foregoing. The terms “data controller”, “data processor”, “data subject”, “personal data” and “processing” in this EU Privacy Notice shall be interpreted in accordance with the applicable EU Data Protection Legislation.

Please contact us at IR@prysmcapital.com with any queries arising out of this EU Privacy Notice.

CATEGORIES OF PERSONAL DATA COLLECTED AND LAWFUL BASES FOR PROCESSING
In connection with offering, forming and/or operating the Partnership (as defined in the Subscription Agreement) (the “Transaction”), the General Partner (as defined in the Subscription Agreement), its affiliates and, in each case, their administrators, legal and other advisors and agents (the “Authorized Entities”) collect, record, store, adapt, and otherwise process and use personal data either relating to: a) existing or potential investors that are considering whether to invest in the Partnership; or b) potential finance providers that are considering whether to provide debt finance for the acquisition and/or to lead a lending syndicate to provide debt finance for the investment in the Partnership, or to their respective partners, officers, directors, employees, shareholders, ultimate beneficial owners or affiliates or to any other data subjects from the following sources (and all references to “existing investor(s)” or “potential investor(s)” in this EU Privacy Notice shall be to such existing investor(s) or potential investor(s), respectively, and, as applicable, any of these other persons as relate to such existing investor(s) or potential investor(s), respectively):
• information received in telephone conversations, in voicemails, through written correspondence, via e-mail, or on subscription agreements, investor questionnaires, applications or other forms (including, without limitation, any anti-money laundering, “know-your-client” identification, and verification documentation);
• information about transactions with any Authorized Entity or others;
• information captured on any Authorized Entity’s website, including registration information and any information captured via “cookies”; and
• information from available public sources, including from:
• publicly available and accessible directories and sources;
• bankruptcy registers;
• tax authorities, including those that are based outside the UK and the EEA if an existing or potential investor is subject to tax in another jurisdiction;
• governmental and competent regulatory authorities to whom any Authorized Entity has regulatory obligations;
• credit agencies; and
• fraud prevention and detection agencies and organizations.

Any Authorized Entity may process the following categories of personal data:
• names, dates of birth and birth place;
• contact details and professional addresses (including physical address, email address and telephone number);
• account data and other information contained in any document provided by existing or potential investors to the Authorized Entities (whether directly or indirectly);
• risk tolerance, transaction history, investment experience and investment activity;
• information regarding an existing or potential investor’s status under various laws and regulations, including their social security number, tax status, income and assets;
• accounts and transactions with other institutions;
• information regarding an existing or potential investor’s interest in the Partnership, including ownership percentage, capital investment, income and losses;
• information regarding an existing or potential investor’s citizenship and location of residence;
• source of funds used to make the investment in the Partnership; and
• anti-money laundering, identification (including passport and drivers’ license), and verification documentation.

Any Authorized Entity may, in certain circumstances, combine personal data it receives from an existing or potential investor with information that it collects from, or about such existing or potential investor, as applicable. This will include information collected in an online or offline context.

One or more of the Authorized Entities are “data controllers” of personal data collected in connection with the Partnership. In simple terms, this means such Authorized Entities: (i) “control” the personal data that they or other Authorized Entities collect from existing investors, potential investors or other sources; and (ii) make certain decisions on how to use and protect such personal data.

There is a need to process personal data for the purposes set out in this EU Privacy Notice as a matter of contractual necessity under or in connection with the Transaction and the Partnership Agreement (as defined in the Subscription Agreement) and associated fund documentation, and in the legitimate interests of the Authorized Entities (or those of a third party) to operate their respective businesses. From time to time, an Authorized Entity may need to process the personal data on other legal bases, including: with consent; to comply with a legal obligation; if it is necessary to protect the vital interests of an existing investor, a potential investor or other data subjects; or if it is necessary for a task carried out in the public interest.

A failure to provide the personal data requested to fulfil the purposes described in this EU Privacy Notice may result in the applicable Authorized Entities being unable to provide the services in connection with the Transaction, the Partnership Agreement and/or the Subscription Agreement.

PURPOSE OF PROCESSING
The applicable Authorized Entities process the personal data for the following purposes (and in respect of paragraphs (c), (d), (e), (g) and (h) below, in the legitimate interests of the Authorized Entities):
• the performance of its contractual and legal obligations under the Partnership Agreement and/or the Subscription Agreement (and all applicable anti-money laundering, “know-your client” and other related laws and regulations), including in assessing suitability of potential investors in the Partnership;
• the administrative processes (and related communication) carried out between the Authorized Entities in preparing for the admission of investors to the Partnership;
• ongoing communication with existing and potential investors and their respective representatives, advisors and agents, (including the negotiation, preparation and signature of documentation), including during the process of admitting potential investors to the Partnership;
• the ongoing administrative, accounting, reporting and other processes and communication required to operate the business of the Partnership in accordance with the Partnership Agreement and other applicable documentation between the parties;
• to facilitate the execution, continuation or termination of the contractual relationship between you and the Partner and/or the Partnership (as applicable);
• to facilitate the transfer of funds, and administering and facilitating any other transaction, between you and the Partnership;
• to enable any actual or proposed assignee or transferee, participant or sub-participant of the Partnership’s or the Partnership’s rights or obligations to evaluate proposed transactions;
• to facilitate business asset transactions involving the Partnership’s partnership or Partnership related vehicles;
• any legal or regulatory requirement;
• keeping existing and potential investors informed about the Partnership, the General Partner and their affiliates generally, including offering opportunities to make investments other than to the Partnership; and
• any other purpose that has been notified, or has been agreed, in writing.

The Authorized Entities monitor communications where the law requires them to do so. The Authorized Entities also monitor communications, where required to do so, to comply with regulatory rules and practices and, where permitted to do so, to protect their respective businesses and the security of their respective systems.

SHARING AND TRANSFERS OF PERSONAL DATA
In addition to disclosing personal data amongst themselves, any Authorized Entity may disclose personal data, where permitted by EU Data Protection Legislation, to other service providers, prospective or current investors or participants in the Partnership, employees, agents, contractors, consultants, professional advisers, lenders, data processors and persons employed and/or retained by them in order to fulfil the purposes described in this EU Privacy Notice. In addition, any Authorized Entity may share personal data with regulatory bodies having competent jurisdiction over them, as well as with the tax authorities, auditors and tax advisers (where necessary or required by law).

Any Authorized Entity may transfer personal data to a Non-Equivalent Country (as defined below), in order to fulfil the purposes described in this EU Privacy Notice and in accordance with applicable law, including where such transfer is a matter of contractual necessity to enter into, perform and administer the Transaction, the Subscription Agreement and the Partnership Agreement, and to implement requested precontractual measures. For information on the safeguards applied to such transfers, please contact the General Partner. For the purposes of this EU Privacy Notice, “Non-Equivalent Country” shall mean a country or territory other than (i) a member state of the EEA; or (ii) a country or territory which has at the relevant time been decided by the European Commission in accordance with EU Data Protection Legislation to ensure an adequate level of protection for personal data.

RETENTION AND SECURITY OF PERSONAL DATA
The General Partner and its affiliates consider the protection of personal data to be a sound business practice, and to that end, employ appropriate technical and organizational measures, including robust physical, electronic and procedural safeguards to protect personal data in their possession or under their control.

Personal data may be kept for as long as it is required for legitimate business purposes, to perform contractual obligations, or where longer, such longer period as is required by applicable legal or regulatory obligations. Personal data will be retained throughout the life cycle of any investment in the Partnership. However, some personal data will be retained after a data subject ceases to be an investor in the Partnership.

DATA SUBJECT RIGHTS
It is acknowledged that, subject to applicable EU Data Protection Legislation, the data subjects to which personal data relates, have certain rights under EU Data Protection Legislation: to obtain information about, or (where applicable) withdraw any consent given in relation to, the processing of their personal data; to access and receive a copy of their personal data; to request rectification of their personal data; to request erasure of their personal data; to exercise their right to data portability; and the right not to be subject to automated decision-making. Please note that the right to erasure is not absolute and it may not always be possible to erase personal data on request, including where the personal data must be retained to comply with a legal obligation. In addition, erasure of the personal data requested to fulfil the purposes described in this EU Privacy Notice, may result in the inability to provide the services required pursuant to the Transaction, the Subscription Agreement and the Partnership Agreement.

In case the data subject to whom personal data relate disagrees with the way in which their personal data is being processed in relation to the Transaction, the Subscription Agreement and the Partnership Agreement, the data subject has the right to object to this processing of personal data and request restriction of the processing. The data subject may also lodge a complaint with the competent data protection supervisory authority in the relevant jurisdiction.

The data subject may raise any request relating to the processing of his or her personal data with us at IR@prysmcapital.com.

PRIVACY NOTICE SUPPLEMENT FOR CALIFORNIA RESIDENTS
This notice supplements the Privacy Notice set forth above with respect to specific rights granted under the California Consumer Privacy Act of 2018 (the “CCPA”) to natural person California residents and provides information regarding how such California residents can exercise their rights under the CCPA. This supplement is only relevant to you if you are a resident of California as determined in accordance with the CCPA. Information required to be disclosed to California residents under the CCPA regarding the collection of their personal information that is not set forth in this CCPA supplement is otherwise set forth above in the Privacy Notice.

Categories of Personal Information We Collect: We have collected some or all of the following categories of personal information from individuals within the last twelve (12) months:
• name, date of birth and birth place;
• contact details and professional address (including physical address, email address and telephone number);
• account data and other information contained in any document provided by investors to authorized service providers (whether directly or indirectly);
• information regarding your use of our website, fund data room and investor reporting portal (e.g., cookies, browsing history and/or search history);
• risk tolerance, transaction history, investment experience and investment activity;
• information regarding investors’ status under various laws and regulations, including social security number, tax status, income and assets;
• accounts and transactions with other institutions;
• information regarding a potential and/or actual investment in the applicable fund(s), including ownership percentage, capital investment, income and losses;
• information regarding citizenship and location of residence;
• source of funds used to make the investment in the applicable fund(s); and
• anti-money laundering, identification (including passport and drivers’ license) and verification documentation.

We share the above categories of personal information with third-party service providers and we collect personal information from sources such as:
• Information we receive from you in conversations over the telephone, in voicemails, through written correspondence, via e-mail or in subscription agreements, investor questionnaires, applications or other forms (including, without limitation, any anti-money laundering, identification, and verification documentation);
• Information about your transactions with us or others; and
• Information captured on our website, fund data room and/or investor reporting portal (as applicable), including registration information, information provided through online forms and any information captured via “cookies.”

Purposes for Collecting Personal Information: We may collect or share the personal information we collect about you for one or more of the following business or commercial purposes:
• performing services to you, including but not limited to:
• the administrative processes (and related communication) in preparing for the admission of investors to the fund(s);
• ongoing communication with potential investors, their representatives, advisors and agents (including the negotiation, preparation and signature of documentation) during the process of admitting potential investors to the fund;
• the performance of obligations under the governing documents of the funds (and all applicable anti-money laundering, KYC and other related laws and regulations) in assessing suitability of potential investors in the applicable fund;
• ongoing operations, administrative, accounting, reporting, account maintenance and other processes and communication required to operate the business of the funds in accordance with its governing documents and other documentation between the parties, including customer service, processing or fulfilling transactions, verifying personal information, processing contributions and distributions and financing; and
• keeping investors informed about the business of the general partner or managing member of the applicable fund and its affiliates generally, including offering opportunities to make investments other than to the applicable fund and related advertising;
• auditing and verifications related to investor interactions, including but not limited to, verifying the quality and effectiveness of services and compliance;
• detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and
• complying with U.S., state, local and non-U.S. laws, rules and regulations.

We do not sell any of the personal information we collect about you to third parties.

Deletion Rights: You have the right to request that we delete any of your personal information that we retain, subject to certain statutory exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations.

Disclosure and Access Rights: You have the right to request that we disclose to you certain information regarding our collection, use, disclosure and sale of personal information specific to you over the last twelve (12) months. Such information includes:
• the categories of personal information we collected about you;
• the categories of sources from which the personal information is collected;
• our business or commercial purpose for collecting such personal information;
• categories of third parties with whom we share the personal information;
• the specific pieces of personal information we have collected about you; and
• whether we disclosed your personal information to a third party, and if so, the categories of personal information that each recipient obtained.

No Discrimination: We will not discriminate against you for exercising your rights under the CCPA, including by denying service, suggesting that you will receive, or charging, different rates for services or suggesting that you will receive, or providing, a different level or quality of service to you.

How to Exercise Your Rights: To exercise any of your rights under the CCPA, or to access this notice in an alternative format, please submit a request using any of the methods set forth below.
• If you would like to contact us by telephone without incurring telephone charges, please submit your request and telephone number either (1) through the following online form https://www.prysmcapital.com/contact/ or (2) by email at the address below, and we will call you between 9 a.m. and 6 p.m. Pacific Time.
• Email us at the following email address: IR@prysmcapital.com We will contact you within 10 days to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request your investor portal access credentials in order to verify your request. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent’s authority to make requests on your behalf, and we may verify such authorized person’s identity using the procedures above.
• Our goal is to respond to any verifiable consumer request within forty-five (45) days of our receipt of such request. We will inform you in writing if we cannot meet that timeline. Please contact Prysm IR at the email address above with any questions about this Privacy Notice.

*This Privacy Notice is intended only for individuals and certain entities that are essentially “alter egos” of individuals (e.g., revocable grantor trusts, IRAs or certain estate planning vehicles).
** Our affiliates are companies related to us by common ownership or control and can include both financial and nonfinancial companies. Non-affiliates are companies not related to us by common ownership or control and can include both financial and nonfinancial companies.

Please click here for Prysm Capital’s Form ADV.