Login
HomeOverviewAboutFounders
Climate
Portfolio ManagementOverview
ReinsuranceOverview
Lloyd’s SyndicateOverview
ContactOffice LocationsCareers
DisclaimerTerms of UsePrivacy PolicyCookie StatementModern Slavery ActCustomer Complaints

Disclaimer

Privacy Policy

In accordance with applicable regulations and privacy rules, the Funds (as defined below) and Nephila Capital Ltd. (the “Adviser” and together with the Funds “Nephila”, “we”, “us” or “our”) have adopted policies and procedures relating to the collection, use and protection of nonpublic personal information (the “Policy) of the Adviser's clients and investors, and the Funds’ investors (each referred to as a "customer").

We consider customer privacy to be fundamental to our relationship with our customers. In the course of operating and acting as Adviser to the private investment fund in which you have invested or acting as Adviser over your individual account, we collect personal information about you (“personal information”). We collect this information to know who you are and to meet our obligations under the laws and regulations that govern us.

Throughout Nephila’s history, we have been and remain committed to maintaining the privacy of our customers' personal information. It is our policy to protect the confidentiality, security, and integrity of our current and former customers’ personal information entrusted to us. This Policy describes the standards we follow for handling your personal information, with the dual goals of meeting your financial needs while respecting your privacy.

Information We Collect

We collect personal information about you from three sources:

  1. Information on subscription agreements or other forms. This category may include your name, address, tax identification number, age, marital status, number of dependents, assets, debts, income, employment history, beneficiary information and personal bank account information;
  2. Information from your transactions with us, such as your investment history and your account balance; and
  3. Information obtained from others, such as our affiliates and consumer credit reporting agencies.

Information We Disclose

We will not disclose any personal information about you except to our affiliates such as our affiliated pooled investment vehicles, investment sub-advisers and general partners, and to nonaffiliated third parties (e.g. our accountants, attorneys, administrators, auditors, etc.) for our everyday business purposes. These everyday business purposes can include, but are not limited to 1) our administrators for the servicing and processing of transactions and customer accounts, 2) attorneys, auditors, or accountants in order to provide ongoing advice, 3) government agencies to respond to a court order, subpoena, regulatory authority, or judicial process, 4) an unaffiliated third party to protect against fraud or unauthorized transactions, or 5) upon customer request. Please see your investment funds Confidential Memorandum for specific service provider names related to your investment.

We may also disclose your personal information to our affiliates for marketing purposes and offer our products and services to you. We however do not sell or rent our customers personal information, nor do we provide personal information to nonaffiliated third parties for marketing purposes.

How We Protect Your Information

To protect your personal information from unauthorized access and use, Nephila has articulated the following policies:

  1. Business Continuity and Disaster Recovery Plans
  2. Information Security Framework
  3. Acceptable Use Policy
  4. Data Privacy Policy
  5. Data Governance Policy
  6. Identity and Access Management Policy
  7. Vendor and Third-Party Controls Policy
  8. Personally Identifiable Information Policy and Guidelines
  9. Whistleblower Policy

Taken together, the “information security policies” or “ISP” ensure security and confidentiality of customer records, protect against anticipated threats or hazards to the security or integrity of customer records, and protect against unauthorized access to or use of customer records. Further, in the event of a security incident, the ISPs allow us to quickly access the nature and scope of the incident and identify customer information systems and types of information that was accessed. While all of the ISPs play a critical role in Nephila’s information security strategy, 1) the Business Continuity Plan specifically provides a documented process for acknowledging, assessing, containing, and controlling an incident and prevents further incidents; and 2) the Vendor and Third-Party Controls Policy specifically establishes written policies and procedures designed to require oversight, monitoring, and due diligence of service providers.

Based on all of the ISPs, Nephila has adopted and enforces the following practices (not an all-encompassing list) to safeguard your information:

  1. Formation of an emergency operations team and business continuity management team whose roles and responsibilities prior to, during, and after an event are clearly articulated. Members of these committees include the Chief Legal Officer, Chief Compliance Officer, Chief Operating Officer, Head of Talent and HR, and Chief Technology Officer.
  2. Copies of the ISPs require review and certification by all employees at minimum on an annual basis. Clearly defined escalations, and ability for all employees to confidently report illegal or unethical staff or third-party conduct.
  3. Minimum annual training on information security (keeping data safe), quarterly testing for phishing/latest trends, and ad hoc guidance and support as may be needed.
  4. Inventory of all systems and service providers holding personal information and periodic audits on these third-party providers.
  5. Devices connected to the office network run anti-virus software in continuous protection mode.
  6. Access to personal information is restricted to employees who need access to perform their jobs.
  7. All personal information is maintained on password protected drives and sites, including passwords for access to network applications containing personal information.
  8. Personal information is prohibited on personal computers and removable media.
  9. Individual passwords, site access, personal network drives, and building access are deleted and removed for all former employees.
  10. Nephila employees are restricted from sending unencrypted emails containing personal information.
  11. Nephila maintains patch and release levels for operating systems.
  12. Nephila prohibits and removes any and all confidential information from common spaces.
  13. All printed information is stored in a locked and restricted file and destroyed by a secure disposal service when no longer needed.

Former Customers

We treat information concerning our former customers the same way we treat information about our current customers.

Keeping You Informed

For information regarding the Adviser’s Privacy Policy, please contact Investor Relations, at (615) 823-8505 or investor.relations@nephilacapital.com.

GDPR and PIPA Information

For the purpose of this Policy statement, GDPR shall be read as to refer to both EU and UK GDPR.

Please note that for our European Union (“EU”) / United Kingdom (“UK”) and Bermuda resident individual investors, it is necessary that your personal data be transferred to service providers in the United States and Bermuda so that we may perform the agreed upon services for you. The General Data Protection Regulation (“GDPR”) and Personal Information Privacy Act (“PIPA”) requires us to disclose to you that no adequacy decision has been rendered by the European Commission, Bermuda, or FCA as to the protection of your personal data when transferring it to the United States or Bermuda. However, we do take the security of your personal data/information seriously. Any party that receives this information pursuant to the foregoing will be authorized to use it only for the services required and as allowed by applicable law or regulation and will not be permitted to share or use this information for any other purpose. To protect this information, we permit access only by authorized employees who need access to that information in order to perform their jobs. To protect your personal information from unauthorized access and use, we use security measures that comply with applicable laws. These measures include computer safeguards and secured files and buildings. You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please contact Investor Relations, at (615) 823-8505 or investor.relations@nephilacapital.com. We shall retain your personal data for as long as you are an investor, or as long as you express an interest in the Funds, and thereafter only as long as necessary to comply with applicable laws that require us to retain your personal data, such as data retention rules. GDPR and PIPA provides EU/UK/Bermuda resident investors with additional rights such as: (1) the right to receive from us your personal data that you have provided to us in a structured, commonly used and machine-readable format (right of portability), as well as the right to have us transmit your personal data that you have provided us to others, upon your request, in such a format; (2) the right to rectify any of your personal data that is inaccurate or incomplete; (3) the right to lodge a complaint of an alleged infringement of GDPR/PIPA with a supervisory authority in a member state of your habitual residence or place of work; (4) the right to the erasure of your personal data under certain conditions, such as when your personal data is no longer necessary for us to perform the services for you, your consent has been withdrawn or when your personal data is no longer legally required to be retained by us; and (5) the right to restrict the processing or object to the processing of your personal data by us, such as if you don’t want us to market our products and services to you. We may disclose your personal data to our affiliates, such as Nephila Advisors LLC and to third parties such as a Fund administrator. You may opt-out/object to our marketing to you by contacting Investor Relations, at (615) 823-8505 or investor.relations@nephilacapital.com. Please note that we have designated Nephila Advisors (UK) Limited at 53 New Broad Street, London EC2 1JJ, United Kingdom as our designated representative in accordance with the GDPR

Annual Review

This policy has been reviewed and approved by the CCO and the Board of Directors. This Policy is effective as of February 2022 and is reviewed on an annual basis.