Privacy Policy

February 20, 2026

Introduction and Scope

We at Lapis Advisers, LP and our affiliates (individually and collectively as the context requires, “Lapis“), respect your concerns about privacy. This Privacy Notice describes the types of Personal Data (defined below) we collect on our site lapisadvisers.com (the “Site”), how we use Personal Data, and with whom we may share Personal Data. We also describe the measures we take to protect the security of Personal Data and how you can contact us about our privacy practices.

Personal Data” means any information we collect from or through the Site that relates to, describes, identifies or can be used, directly or indirectly, to identify an individual, such as name, address, date of birth, personal identification numbers, sensitive personal information, and economic information.

This Privacy Notice does not apply to nonpublic personal information collected in connection with Lapis’ advisory relationships. Clients and investors receive a separate privacy notice pursuant to Regulation S-P under the Investment Advisers Act of 1940. In the event of any conflict between this Privacy Notice and Lapis’ Regulation S-P privacy notice, the latter shall govern with respect to advisory relationships.

Personal Data We Collect

Personal Data From Our Site

The types of information we collect from visitors to the Site include:

     

      • business and personal contact information (such as name, postal, and e-mail addresses, and telephone numbers);

      • content (and related information) in connection with your electronic communications with us or our service providers (including by e-mail or other forms of electronic communication);

      • other information you provide to us (such as information provided by registering for e-mail alerts, filling in forms, and online registration details).

    If you provide information to us about another person, you should ensure that you provide that person with this Privacy Notice and comply with any legal obligations that may apply to your provision of the information to us.

    Personal Data We Collect Automatically

    When you visit our Site or open our e-mails, we may collect certain information by automated means. [The information we collect in this manner may include your IP address, network location, browser characteristics, device characteristics, operating system, referring URLs, information on actions taken on our Site, and dates and times of website visits. We also may use technology in e-mails we send you to collect certain information, such as whether you opened or clicked on links in our e-mail and what content was interesting to you.]

    Our web servers may log information such as your device type, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone in which your device is located. We also may record information such as the address of the web page that referred you to our Site and the IP address of the device you used to connect to our Site. We may log information about your interaction with the Site, such as which pages you visit. To control which web servers collect information by automated means, we may place tags on our web pages called “web beacons”, which are small files that link web pages to particular web servers and their cookies. We also may send instructions to your device using JavaScript or other computer languages to gather the sorts of information described above and other details about your interactions with the Site.

    We may use third-party web analytics services on our Site, such as those of Google Analytics. These service providers help us analyze how visitors use the Site, including attributing site interactions to known contacts who have subscribed to receiving communications from us. The information processed for this purpose (including your IP address, CRM ID/BX ID and other information collected by automated means) may be disclosed to or collected directly by these service providers. To learn about opting out of Google Analytics, please click here.

    How We Use Personal Data

    We may use, disclose or otherwise handle Personal Data for the following purposes to:

       

        • operate, evaluate, develop, promote, and improve our business (including developing new products and services; enhancing, improving and analyzing our products and services; managing our communications; and performing accounting, auditing and other internal functions);

        • comply with and enforce applicable legal requirements, relevant industry standards and our policies, including our Terms and Conditions; [CONSIDER ADDING HYPERLINK HERE]

        • protect against, identify and prevent fraud, money-laundering, breach of confidence, cyber-attack, theft of proprietary materials, financial or business crimes, and other unlawful activity;

        • in some cases, in order to operate, administer and improve the user’s experience of the Site;

        • respond to your inquiries;

        • verify your information;

        • perform data analyses (including market and consumer research, demographic analyses and anonymization and aggregation of information); and

        • record and monitor details and content of your electronic interactions with us or our service providers, to the extent permitted or required by applicable law;

      We will only process your Personal Data as necessary so that we can pursue the purposes described above.

      When we collect Personal Data from you, unless indicated otherwise, if we ask you for information, we need it for our business or compliance purposes. In limited circumstances, we are required to collect Personal Data to comply with a legal obligation or might ask you to provide information which is purely voluntary; in either case, this will be indicated to you.

      Personal Data We Disclose to Others

      We do not disclose Personal Data except as described in this Privacy Notice.

      We may share your Personal Data with our affiliates and service providers who perform services on our behalf, our financial and transaction counterparties, our professional advisers  (such as accountants, auditors, administrators, and counsel), and your agents and representatives. We do not authorize these persons to use or disclose the information except as necessary for the purposes for which it is provided or to comply with legal requirements.

      We also may disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities, regulators, and other government or quasi-governmental entities, or other authorities based on a lawful disclosure request, or (iii) when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We reserve the right to transfer Personal Data we have about you or otherwise process in the event that we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, spin-off, dissolution or liquidation).

      Service providers are contractually prohibited from retaining, using, or disclosing personal information for any purpose other than performing services on behalf of Lapis or as required by law.

      In addition, we may share anonymous or aggregated information including Personal Data with third parties, such as service providers, in order to facilitate our business operations.

      Data Transfers

      We may transfer the Personal Data we collect about you to recipients in countries other than the country in which the information was originally collected. Where you are based in the UK, the EU, or another country which imposes data transfer restrictions outside of its territory, this includes transfers outside of the UK and the European Economic Area (“EEA“) or that geographical area, including to those countries in which our affiliates, group members, service providers and business partners operate, such as the U.S. Those countries may not have the same data protection laws as the country in which you initially provided the information.

      Where we transfer Personal Data outside of the UK, the EEA, or other territories subject to data transfer restrictions to other members of the Lapis group or our service providers, we will ensure that our arrangements with them are governed by data transfer agreements or safeguards, designed to ensure that your Personal Data is protected as required under applicable data protection law (including, where appropriate, under an agreement on terms approved for this purpose by the European Commission or by obtaining your consent).

      Retention and Deletion of Personal Data

      Lapis may also retain Personal Data where necessary to:

         

          • Comply with legal or regulatory inquiries;

          • Respond to subpoenas, court orders, or lawful governmental requests;

          • Establish, exercise, or defend legal claims; or

          • Preserve information subject to a litigation hold or similar preservation obligation.

        Retention determinations are made based on the nature of the information, the purposes for which it was collected, applicable legal requirements, and Lapis’ internal record retention policies.

        When Personal Data is no longer required for the purposes described above, it will be securely deleted or anonymized in accordance with Lapis’ information security practices.

        Lapis may retain limited contact information for former correspondents or business contacts in order to maintain appropriate records of prior communications and to facilitate future interactions, subject to applicable legal and regulatory requirements.

        Personal Data Security

        Lapis maintains administrative, technical, and physical safeguards reasonably designed to protect Personal Data against unauthorized access, disclosure, alteration, or destruction. Such safeguards include access controls, secure transmission protocols, and vendor oversight procedures appropriate to the nature of the information collected through the Site.

        While Lapis implements measures designed to protect Personal Data, no method of transmission over the internet or electronic storage is completely secure, and Lapis does not guarantee absolute security.

        Lapis maintains procedures designed to identify, assess, contain, and remediate security incidents involving Personal Data.

        In connection with any such incident, Lapis evaluates the nature and scope of the information involved and applicable legal and regulatory obligations.

        In the event of a security incident involving Personal Data, Lapis will provide notice to affected individuals, regulators, or other parties as required by applicable law.

        General Privacy Rights

        Subject to applicable law, individuals may request access to or correction of Personal Data held by Lapis by contacting us using the information provided below. Lapis may take reasonable steps to verify the identity of the individual before responding to such requests.

        In certain circumstances, Lapis may be required or permitted by law to retain information or decline to honor a request.

        International Data Protection

        To the extent that applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) or the UK GDPR, apply to Lapis’ processing of Personal Data, the following provisions shall apply. For purposes of applicable data protection law,

        Lapis Advisers, LP is the data controller with respect to Personal Data collected through the Site.

        Legal Basis for Processing

        Where required by applicable law, Lapis processes Personal Data only where one or more of the following lawful bases applies:

           

            • Processing is necessary for Lapis’ legitimate interests, provided that such interests are not overridden by the rights and freedoms of the individual;

            • Processing is necessary for compliance with a legal obligation to which Lapis is subject;

            • Processing is necessary for the performance of a contract or to take steps at the request of the individual prior to entering into a contract; or

            • Processing is based on the individual’s consent, where consent is required by law.

          Where processing is based on Lapis’ legitimate interests pursuant to Article 6(1)(f) of the GDPR, Lapis has conducted and documented an assessment of its interests and determined that such processing is necessary, proportionate, and does not override the fundamental rights and freedoms of the individual.

          Individual Rights

          Subject to applicable law, individuals located in the EEA or United Kingdom may have the right to:

             

              • Request access to Personal Data held about them;

              • Request correction of inaccurate or incomplete Personal Data;

              • Request deletion of Personal Data in certain circumstances;

              • Request restriction of processing in certain circumstances;

              • Object to processing based on legitimate interests;

              • Request data portability where processing is based on consent or contract;

              • Withdraw consent at any time where processing is based on consent.

            Lapis may require verification of identity before responding to such requests.

            Supervisory Authority

            Individuals located in the EEA or United Kingdom have the right to lodge a complaint with the data protection supervisory authority in their country of residence, place of work, or place of the alleged infringement.

            California Privacy Rights

            If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).

            Categories of personal information we collect and how we use them. We collect and disclose the following categories of personal information for the business purposes described in our main Notice, above: identifiers (such as name, address, email address); commercial information (such as purchase information); financial data; internet or other network or device activity (such as browsing history or Site usage); general geolocation information (e.g., your city and state based on IP address, contact information including your physical address, or precise location, with your consent); and other categories of information, with your consent.

            Categories of parties to which information is disclosed. We disclose the above categories of personal information to our affiliates, subsidiaries, and our service providers.

            California Consumer Privacy Act Rights. The CCPA provides certain rights to California residents in connection with personal information that is collected and sold, as defined under the statute. For instance, if you are a California resident, you may request that we:

               

                • Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.

                • Provide access to and/or a copy of specific pieces of personal information we hold about you.

                • Delete certain personal information we have about you.

              You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. These rights are subject to certain exceptions or qualifications, including Personal Data provided in connection with our financial services that is subject to the Gramm-Leach-Bliley Act.

              If you have questions about Lapis’ practices in connection with the Site, or want to exercise any of these rights, then please contact Lapis at [LAPIS EMAIL CONTACT]. Note that you will be required to verify your identity before we fulfill your request. To do so, we will request certain information that you have provided to us. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.

              California Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.

              Do Not Sell Notice. CCPA sets forth certain obligations for businesses that “sell” personal information. We do not “sell” personal information and have not engaged in such activity in the past twelve months.

              Links to Other Websites

              Our Site may provide links to other websites for your convenience and information. These websites may operate independently from us. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.

              Updates to Our Privacy Notice

              This Privacy Notice may be updated periodically and without prior notice to you to reflect changes in our Personal Data practices. We will post the updated version on the Site and indicate at the top of the Notice when it was most recently updated. Please check for any updates regularly. The Site is not directed to children under the age of 13, and Lapis does not knowingly collect Personal Data from children.

              How to Contact Us

              If you have any questions or comments about this Privacy Notice, or if you would like us to update information we have about you or your preferences, please e-mail us or access our web form at the Contact page.

              You also may write to:

              Lapis Advisers, LP
              Attn: Chief Compliance Officer
              811 East 17th Avenue

              Denver, Colorado 80218
              email: fchavez@lapisadvisers.com

              Please also contact us via any of the above methods if you have a disability and require an alternative format of this Privacy Notice.