Data Privacy Notice

Shikhara Investment Management
Shikhara Capital (Hong Kong) Private Limited

September 2025

Contents

 

Data protection privacy notice

This notice reflects the EU GDPR, UK GDPR, the Data Protection Act 2018 (DPA 2018), Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), updates from the Data (Use and Access) Act 2025 (DUAA), Hong Kong Personal Data (Privacy) Ordinance (HKPDPO) and US SEC Regulation S-P.

We are committed to protecting your personal information and ensuring we respect your privacy. This Privacy Notice explains how we will look after and use any personal information that we collect about you.

What is personal information?

Personal information means any information about you from which you can be identified. Examples of personal information include your name, home address, national insurance number, date of birth, telephone number and e-mail address but it also includes other pieces of information which can be used to identify you, either directly or indirectly, such as a cookie.

Who we are

Shikhara Investment Management and Shikhara Capital (Hong Kong) Private Limited (collectively “Shikhara”) is the Controller of the personal information you provide to us. If you have any questions about this Privacy Notice or the information we hold about you please contact us using the details set out below:

Full name of legal entity: Shikhara Investment Management LP

Postal address: 45 Rockefeller Plaza, Suite 2168, New York, NY 10111, USA

Full name of legal entity: Shikhara Capital (Hong Kong) Private Limited

Postal address: Unit 1101, 11/F, Five Pacific Place 28 Hennessy Rd, Wanchai,
Hong Kong

Email address: investorrelations@shikhara.com

For Personal Data Issue in HK:
You have the right to make a complaint at any time to the Office of the Privacy Commissioner for Personal Data (“the Commissioner”), the dedicated data privacy regulator in Hong Kong. We would however appreciate the chance to deal with your concerns before you approach the Commissioner, so please contact us in the first instance.

For Personal Data Issue in the UK:
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would however appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

For Personal Data Issue in EU:
You have the right to make a complaint at any time to the relevant regulatory bodies designated in the involved member State. We would however appreciate the chance to deal with your concerns before you approach the relevant regulatory body, so please contact us in the first instance.

For Personal Data Issue in the US:
You have the right to make a complaint at any time to the Federal Trade Commission (“the FTC”), the privacy and data regulator. We would however appreciate the chance to deal with your concerns before you approach the relevant regulatory body, so please contact us in the first instance.

What types of information do we use?

We collect information in the course of providing our financial services to you. The information which we collect, use, store and transfer about you are:

  • Employment details (job title, company name, address etc.);
  • Information on trading or other financial activity;
  • Instructions or requests (for example if you ask for investment advice or to carry out a trade);
  • Financial information (financial position and history);
  • Documentary data (things can include passport or drivers licence or other forms of identification);
  • Social and or demographic (profession, work, goals, nationality, income or family situation); and
  • Historical information i.e. previous names and addresses.

During the conduct of our business activities, we might collect certain special categories of personal data.

Consequences of not providing some types of information

Where we need to collect your personal information by law, or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to provide the goods or services you asked for: in this case, we may have to cancel the product or services but we will tell you if this is the case.

How do we collect information about you?

Where we use cookies or similar technologies, we will seek consent where required; certain low‑risk, first‑party analytics cookies may not require consent. See our Cookie Notice for details.

Typically we will collect information from you when you contact us directly or provide information in order for us to provide our products and services. We collect information from and about you in the following ways primarily through direct interactions when you give us your personal information by filling in forms, during correspondence or other interactions with us.

How we will use your personal information

In limited circumstances set out in UK law, we may rely on “Recognised Legitimate Interests” for specified public‑interest purposes (for instance: preventing crime or responding to emergencies). This does not remove our use of the general legitimate interests basis where appropriate.

In limited circumstances set out in the GDPR, we may rely on recognized lawful basis for specified public‑interest purposes (for instance: preventing crime or responding to emergencies). This does not remove our use of the general legitimate interests basis where appropriate.

We only obtain, use and keep personal information where we need it for a specific purpose. We set out in the table below the ways in which we plan to use your personal information. We are only able to use your personal information if we have a proper legal reason or basis for doing so. This is called a legal basis and the regulations require that we have a legal basis so that your privacy is protected. Most commonly we will use your information in the following ways:

We have a contract with you. For example, as a client of ours.

  • We have a legal obligation. We need to use your personal information to comply with laws that assist in the prevention of financial crime and to comply with regulatory obligations. For example, this might include confirming your identity and source of wealth, as well as ensuring we provide you with necessary information so you understand the risk of the financial services we can provide.
  • We, or a third party, have a legitimate interest in processing the information and your interests and fundamental right do not override those interests. For example, processing your information to source deals.

We set out in the table below all the ways we plan to use your personal information and the legal bases we rely on to do so. We also explain what our legitimate interests are where appropriate:

 

Purpose Lawful basis for processing including our legitimate interests
We process the personal data of our investors (or their employees and senior management) and the employees and managers of our clients in order to facilitate financial services. (If you have a contract with us) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
We process the personal data of our investors (or their employees and senior management) and the employees and managers of our clients in order to facilitate financial services. (If you do not have a contract with us) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
We process the personal data of our service providers (or their employees and senior management) in order to give effect to our contracts with them, and monitor their work as per the terms of our contracts with them. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
We process the personal data of a wide variety of business contacts for the purposes of conducting key parts of corporate finance business. Generally, we will store this data, and may use it to communicate with the data subjects at appropriate points in time. Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
We process personal data of all parties (or their employees and senior management) with whom we have a business relationship in order to comply with our KYC and customer due diligence obligations. Processing is necessary for compliance with a legal obligation to which the controller is subject.

 

Examples that Shikhara, the funds and their service providers may use your Personal Data for:

  1. to facilitate the opening of your account, the management and administration of your holdings and/or your holdings in a Fund and any related account on an on-going basis;
  2. to carry out anti-money laundering checks and related actions;
  3. to carry out fitness and probity / due diligence checks and related actions;
  4. to report tax-related information to tax authorities in order to comply with a legal or regulatory obligation;
  5. to monitor and record calls and electronic communications for (a) processing and verification of instructions, (b) investigation and fraud prevention purposes, (c) for crime detection, prevention, investigation and prosecution, (d) to enforce or defend the rights or obligations of Shikhara, the Funds and their affiliates’, directly or through third parties to whom they delegate such responsibilities or rights in order to comply with any applicable legal obligation, (e) for quality, business analysis, training and related purposes (f) to pursue our legitimate interests in relation to such matters or (g) for reasons of substantial public interest;
  6. to update and maintain records and fee calculations;
  7. to enhance or personalize your online experience;
  8. fulfil your requests, including sending you white papers, newsletters and other supplements;
  9. for governance and management reporting purposes.

We will only use your personal information for the reason for which we collected it. We will only use it for another reason if we believe that new reason is compatible with the original purpose. If we do need to use your personal information for a non-related purpose we will tell you about it and explain the legal basis which allows us to do so.

Who we share your information with

We may need to provide information to third parties for a variety of reasons, for example, we may need to provide information to assist in the detection or prevention of crime or for the purpose of safeguarding national security. Please refer to the table in the section ‘How we will use your personal information’ which explains how we use your data. The third parties we share your information with are as follows:

  • Our affiliates for various purposes, as permitted by law, including in order for its affiliates to provide services;
  • Service providers such as compliance consultants, lawyers, accountants and fund administrators;
  • Government agencies, exchanges, or other self-regulatory organisations and law enforcement authorities as required or permitted by law, rule, regulation or legal process, including, without limitation, for governmental reporting or to enforce any rights Shikhara may have against you as necessary;
  • A successor entity in the event of a merger, acquisition or similar transaction.

Sending your information outside of the United Kingdom

We may transfer personal information outside the UK. When we do so, we ensure a lawful transfer mechanism applies, such as:

  • Transfers to countries covered by a UK adequacy regulation (including the EU/EEA while UK adequacy remains in place).
  • The UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, plus any required transfer risk assessment.
  • Transfers to US organisations certified under the Data Privacy Framework (DPF) UK Extension (the UK‑US Data Bridge), after verifying certification status.
  • You can obtain further information on the specific mechanism used by contacting us.

Where we transfer EU personal information outside the EU. We will also ensure a lawful transfer mechanism applies, such as:

  • Transfers to countries covered by an EU adequacy regulation (including the UK).
  • The EU’s Standard Contractual Clauses (SCC), plus any required transfer risk assessment.
  • Transfers to US organisations certified under the EU-US Data Privacy Framework (DPF), after verifying certification status.

You can obtain further information on the specific mechanism used by contacting us.

Storing your information

As a financial services provider we will typically have a contract with you and will need to keep your personal information (updated to ensure accuracy) to fulfil our contract. We also need to comply with the HK PDPO, EU GPDR, the UK GDPR and the Investment Advisers Act of 1940, which require us to keep certain records – which will include certain personal information – for several years.

Our policy is to keep records for up to 5 years after you are no longer a client. We will ensure all records are safely destroyed if we no longer need to retain them. We review our retention periods for personal information on a regular basis. We will tell you if we change the retention period.

The period for which we will retain personal information will vary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation. When we decide how long we will retain your personal information, we will take into account the amount, nature, sensitivity of your information and how we want to use it as well as the potential risk of harm being caused from unauthorised use or disclosure. We review our retention periods for personal information on a regular basis and will ensure all records are safely destroyed if we no longer need to retain them or you have contacted us to request so.

Your rights

If we reasonably need you to clarify your request or confirm your identity, we may pause the statutory time limits (“stop the clock”) until we receive the information needed.

You are provided with a number of different rights under the data protection laws in relation to your personal information. These allow you:

  • To access your information;
  • To request we correct your information;
  • To request that we erase your information;
  • To object to the processing of your information;
  • To request a restriction in the processing of your information;
  • To request a transfer of your information;
  • To complain to the Information Commissioner’s Office; and
  • To withdraw your consent.

If you wish to exercise any of these rights, please contact complianceteam@shikhara.com. Please note that you will not have to pay a fee to access your personal information or to exercise any of the other rights. We may, however, charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or we may refuse to deal with your request. We may also need to seek further information from you to confirm your identity before we release any personal information. This does not affect your right to make a complaint.

Security

We do not carry out solely automated decision‑making that produces legal or similarly significant effects on individuals.]

We have put in place appropriate security measures to protect your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have a procedure to deal with any suspected personal data breach and will notify you, and other regulators, where we are legally required to do so.

This website is published exclusively for the purpose of providing general information about the management services carried out by Shikhara Investment Management LP, Shikhara Capital (Hong Kong) Private Limited and its affiliates (collectively “Shikhara Investment Management” or “Shikhara”). The information presented on the website is not, and may not be relied on in any manner as legal, tax, investment, accounting, or other advice or as an offer to sell or a solicitation of an offer to buy an interest in any investment product or any other entity sponsored or managed by Shikhara Investment Management. This website doesn’t constitute and should not be considered as any form of financial opinion or recommendation.

Shikhara Investment Management LP is currently an Exempt Reporting Adviser that is exempt from registration as an investment adviser with the U.S. Securities and Exchange Commission and Shikhara Capital (Hong Kong) Private Limited has been approved by the Hong Kong Securities and Futures Commission. This website does not constitute an offer to sell or the solicitation of an offer to buy in any state of the United States or other U.S. or non-U.S. jurisdiction to any person to whom it is unlawful to make such offer or solicitation in such state or jurisdiction.

Investment involves risk. Past performance is not indicative of future performance. It cannot be guaranteed that the performance of the investment product will generate a return and there may be circumstances where no return is generated. Investors could lose all or a substantial portion of any investment made. Before making any investment decision, investors should read the Prospectus for details and the risk factors. Investors should ensure they fully understand the risks associated with the investment product and should also consider their own investment objective and risk tolerance level. Investors are advised to seek independent professional advice before making any investment.

Shikhara’s investment products are suitable only for sophisticated investors and require the financial ability and willingness to accept the high risks and lack of liquidity inherent in Shikhara’s investment products. Prospective investors must be prepared to bear such risks for an indefinite period of time. No assurance can be given that the investment objectives of any given investment product will be achieved or that investors will receive a return of their investment.

Certain of the information contained in this website are statements of future expectations and other forward-looking statements. Views, opinions, and estimates may change without notice and are based on a number of assumptions which may or may not eventuate or prove to be accurate. Actual results, performance, or events may differ materially from those in such statements.

Certain information contained in this website is compiled from third-party sources. Whereas Shikhara Investment Management has, to the best of its endeavor, ensured that such information is accurate, complete, and up-to-date, and has taken care in accurately reproducing the information, Shikhara Investment Management takes no responsibility for the accidental publication of incorrect information, nor for investment decisions taken based on this website. Neither Shikhara Investment Management nor any of its affiliates makes any representation or warranty, express or implied, as to the accuracy or completeness of the information contained herein, and nothing contained herein should be relied upon as a promise or representation as to past or future performance of any investment product or any other entity.

The contents of this website are prepared and maintained by Shikhara Investment Management and has not been reviewed by the Securities and Exchange Commission of the United States or the Securities and Futures Commission of Hong Kong.

The Shikhara logo and name are trademarks of Shikhara Investment Management LP, registered in Hong Kong, the People’s Republic of China (PRC), Australia, the United Kingdom, the European Union, and the United States.