XEOS ENERGY PARTNERS

PRIVACY NOTICE

Information Collection, Use, Disclosure, Retention, and Rights

 

Last Updated: April 23, 2026. Effective Date: April 23, 2026.

 

THIS PRIVACY NOTICE SHOULD BE READ IN CONJUNCTION WITH, AND IS INCORPORATED BY REFERENCE INTO, THE LEGAL NOTICE GOVERNING YOUR USE OF THIS WEBSITE. BY ACCESSING OR USING THE SITE, OR BY OTHERWISE PROVIDING PERSONAL INFORMATION TO XEOS, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THE PRACTICES DESCRIBED HEREIN.

 

1. INTRODUCTION AND SCOPE

 

XEOS Energy Partners, together with its affiliates, subsidiaries, parallel vehicles, managed accounts, general partners, investment managers, and related entities (collectively, "XEOS," the "Firm," "we," "us," or "our"), is committed to protecting the privacy, confidentiality, and security of the personal information that we collect, receive, and process in connection with the operation of our business, the management of our investment vehicles, and the maintenance of this website (the "Site").

This Privacy Notice (this "Notice") describes the categories of personal information we collect, the sources from which we obtain it, the purposes and legal bases for which we process it, the parties to whom we may disclose it, the periods for which we retain it, and the rights that individuals may exercise with respect to such information. It applies to personal information collected through the Site, through your interactions with the Firm's personnel, through investor relations communications, through our participation in capital-raising and transactional processes, and through any other channel through which we may engage with you (collectively, the "Services").

This Notice does not apply to information collected by any third party that we do not own or control, or by any person that we do not employ or manage, including any third-party website that may be linked to or from the Site.

 

2. DATA CONTROLLER AND CONTACT INFORMATION

 

For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679) (the "EU GDPR"), the United Kingdom Data Protection Act 2018 and the retained UK version of the GDPR (the "UK GDPR"), the Cayman Islands Data Protection Act (the "Cayman DPA"), and other comparable data protection laws, XEOS Energy Partners acts as the controller of personal information processed in connection with the Services, except where expressly stated otherwise or where we act as a processor on behalf of a third-party controller (such as a placement agent, administrator, or co-investor).

 

XEOS Energy Partners

Attention: Office of the General Counsel / Data Privacy Officer

1910 Pacific Avenue, Dallas, Texas, United States

privacy@xeospartners.com

 

3. CATEGORIES OF PERSONAL INFORMATION WE COLLECT

 

The categories of personal information that we collect and process vary depending on the nature of your interaction with the Firm. We generally do not seek to collect "special categories" of personal data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data, or data concerning an individual's sex life or sexual orientation), except to the extent necessary to comply with applicable law, respond to a governmental or regulatory request, or defend against legal claims. Subject to the foregoing, the categories of personal information that we typically process include the following:

  • Identification and contact data. name, honorific, date of birth, nationality, residential and business addresses, telephone numbers, electronic-mail addresses, and signature.
  • Professional and employment data. employer, job title, professional biography, directorships, industry affiliations, and professional networking profiles.
  • Investor and financial data. net-worth indicia, source of funds and source of wealth, bank account and wire-transfer details, tax identification numbers, investment preferences, and subscription and redemption history.
  • Regulatory, KYC and anti-money-laundering data. government-issued identification, passport details, proof of address, sanctions, politically-exposed-persons and adverse-media screening results, and beneficial-ownership information.
  • Marketing and preference data. event registrations, communication preferences, survey responses, and feedback.
  • Technical and usage data. Internet Protocol address, device and browser type, operating system, referral Uniform Resource Locator, pages visited, session duration, and cookie and similar identifiers.
  • Correspondence data. electronic-mail messages, letters, telephone call records (where permitted and disclosed), meeting notes, and related communications.

4. SOURCES OF PERSONAL INFORMATION

 

We collect personal information from the following categories of sources:

(a)  Directly from you, when you complete forms, submit subscription or onboarding documentation, correspond with us, attend our events, or otherwise interact with the Firm.

(b)  From your authorized representatives, including legal counsel, accountants, investment advisers, placement agents, custodians, and family-office personnel acting on your behalf.

(c)  From our service providers and professional advisors, including fund administrators, transfer agents, auditors, compliance consultants, and KYC/AML screening vendors.

(d)  From publicly available sources, such as corporate registries, regulatory filings, sanctions and watchlists, court records, news and media reports, and professional networking platforms.

(e)  Automatically, through cookies, pixels, server logs, and similar technologies when you visit the Site, as further described in Section 10 below.

 

5. PURPOSES OF PROCESSING AND LEGAL BASES

 

We process personal information for the purposes described below. Where the EU GDPR, the UK GDPR, or a comparable law applies, we rely upon the legal bases identified for each such purpose. Where we rely upon the legitimate interests of XEOS or of a third party, we have conducted a balancing assessment and are satisfied that such interests are not overridden by the interests, fundamental rights, or freedoms of the data subject.

5.1 Investor Onboarding and Regulatory Screening

We process personal information in order to assess prospective investors and to conduct "know-your-customer," anti-money-laundering, counter-terrorist-financing, sanctions, and politically-exposed-persons screening. Such processing is undertaken on the legal bases of compliance with a legal obligation to which we are subject and our legitimate interests in ensuring the integrity of our investor base and the proper management of our vehicles.

5.2 Fund Administration and Investor Relations

We process personal information in order to onboard investors, to administer capital commitments, calls, and distributions, to carry out related fund-accounting and transfer-agency activities, and to manage ongoing investor relations, including the handling of enquiries and the preparation and delivery of investor reports and capital-account statements. Such processing is undertaken on the legal bases of the performance of a contract to which the data subject is party (or the taking of steps at the request of the data subject prior to entering into a contract) and our legitimate interests in the efficient administration of our vehicles.

5.3 Investment Origination, Execution and Portfolio Management

We process personal information in order to evaluate, negotiate, execute, and manage investments, co-investments, divestments, and related transactions. Such processing is undertaken on the legal bases of our legitimate interests in pursuing the Firm's investment mandate and, where applicable, the performance of a contract.

5.4 Tax and Regulatory Reporting

We process personal information in order to comply with tax reporting and withholding obligations to which we or our vehicles are subject, including those arising under the U.S. Foreign Account Tax Compliance Act ("FATCA"), the Organisation for Economic Co-operation and Development's Common Reporting Standard ("CRS"), and equivalent regimes in other jurisdictions. Such processing is undertaken on the legal basis of compliance with a legal obligation.

5.5 Regulatory Enquiries and Legal Proceedings

We process personal information in order to respond to regulatory, governmental, judicial, or law-enforcement requests, subpoenas, and examinations, and to establish, exercise, or defend legal claims. Such processing is undertaken on the legal bases of compliance with a legal obligation, our legitimate interests, and the pursuit or defense of legal claims.

5.6 Fraud Prevention and Information Security

We process personal information in order to detect, prevent, and investigate fraud, security incidents, and other unlawful activity, and to operate, secure, monitor, and improve the Site and our information-technology systems. Such processing is undertaken on the legal bases of our legitimate interests in protecting the Firm, its investors, and its systems and, where applicable, compliance with a legal obligation.

5.7 Marketing and Communications

We process personal information in order to deliver marketing materials, thought-leadership content, event invitations, and other communications regarding the Firm to persons whom we reasonably believe to be professional or institutional audiences. Such processing is undertaken on the legal bases of your consent, where consent is required by applicable law, and otherwise our legitimate interests in promoting the Firm and maintaining commercial relationships.

5.8 Compliance with and Enforcement of this Notice

We process personal information in order to enforce this Notice and our Legal Notice, to protect our rights, property, and personnel, and to establish, exercise, or defend legal claims. Such processing is undertaken on the legal bases of our legitimate interests and the pursuit or defense of legal claims.

Where we process personal information on the basis of your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.

 

6. DISCLOSURE OF PERSONAL INFORMATION

 

We do not sell personal information, and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (collectively, the "CCPA/CPRA"). We may, however, disclose personal information to the following categories of recipients, in each case subject to appropriate confidentiality and data-protection obligations:

  • Affiliates and group entities, for internal administrative, investor-relations, and risk-management purposes.
  • Portfolio companies, co-investors, and counterparties, to the limited extent necessary to evaluate, execute, or manage a contemplated or consummated transaction.
  • Fund administrators, transfer agents, custodians, depositaries, prime brokers, and banking partners.
  • Professional advisors, including legal counsel, tax advisors, auditors, and compliance consultants.
  • Information-technology, cybersecurity, data-hosting, and communications service providers.
  • KYC, AML, sanctions screening, background investigation, and due-diligence vendors.
  • Regulators, governmental authorities, self-regulatory organizations, courts, and law-enforcement agencies, where required or permitted by applicable law.
  • Prospective or actual acquirers of all or substantially all of our business or assets, and their respective advisors, in connection with a merger, acquisition, restructuring, financing, or similar transaction.

7. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

 

XEOS operates on a cross-border basis and maintains fund structures domiciled in the United States, the Cayman Islands, and other jurisdictions. Personal information may accordingly be transferred to, stored in, or accessed from jurisdictions outside of your country of residence, including jurisdictions whose data protection laws may be deemed, by your home jurisdiction, to provide a lower level of protection.

Where we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to a jurisdiction that has not received an adequacy decision from the relevant authority, we implement appropriate safeguards in accordance with applicable law, which may include (i) the European Commission's Standard Contractual Clauses (and, for transfers from the United Kingdom, the UK International Data Transfer Addendum or the UK International Data Transfer Agreement), (ii) binding corporate rules, or (iii) another lawful transfer mechanism, together with supplementary organizational, technical, and contractual measures where appropriate. A copy of the relevant safeguard may be obtained upon request to the contact set forth in Section 2 above.

 

8. DATA RETENTION

 

We retain personal information for as long as is reasonably necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements applicable to the Firm. In determining the appropriate retention period, we consider the nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the information, whether we can achieve those purposes through alternative means, and the applicable legal, regulatory, and contractual requirements.

In general, information collected in the course of investor onboarding, fund administration, and associated transactions is retained for the life of the applicable investment relationship and for a period thereafter corresponding to the longest applicable statute of limitations and/or regulatory record-retention requirement, which is typically no fewer than five to seven years following the termination of the relationship. Information collected via the Site for analytics and administrative purposes is generally retained for a shorter period, consistent with the cookie-lifetime disclosures made at the time of collection.

 

9. INFORMATION SECURITY

 

XEOS maintains a written information-security program designed to protect personal information against unauthorized access, acquisition, use, modification, disclosure, loss, or destruction. Such measures include, as appropriate, network segmentation and firewalling, encryption of data in transit and at rest, role-based access controls, multi-factor authentication, vendor risk management, secure software-development practices, periodic penetration testing and vulnerability assessments, business-continuity and disaster-recovery planning, and formal incident-response procedures.

Notwithstanding the foregoing, no method of electronic transmission or storage is completely secure, and XEOS cannot guarantee the absolute security of personal information. In the event of a personal-data breach required to be notified under applicable law, XEOS will provide such notification to affected individuals and competent supervisory authorities within the timeframes and in the manner prescribed by law.

 

10. COOKIES AND SIMILAR TECHNOLOGIES

 

The Site makes use of cookies and comparable tracking technologies, which are small data files stored on your device that enable the Site to function, remember your preferences, and collect information about your interactions. Cookies used on the Site fall into the following categories:

  • Strictly necessary cookies. which are required for the operation of the Site, including session management, security, and load balancing, and which cannot be disabled without impairing the functionality of the Site.
  • Performance and analytics cookies. which collect aggregated, de-identified information about Site usage, such as pages visited, time on page, and navigation paths, in order to enable the Firm to assess and improve the user experience.
  • Functional cookies. which remember user preferences and selections, such as language and region, in order to personalize the user experience.
  • Targeting and advertising cookies. which are not used. The Site does not serve third-party behavioral or targeted advertising.

You may control cookies through your browser settings and, where applicable, through the cookie-consent interface presented upon your first visit to the Site. Please note that blocking or deleting certain cookies may impair the functionality of the Site. The Site does not currently respond to "Do Not Track" browser signals.

 

11. YOUR RIGHTS REGARDING PERSONAL INFORMATION

 

Subject to applicable law and to the specific legal basis on which we rely, you may have the rights described below in respect of the personal information that we process about you. These rights are not absolute and may be subject to exceptions, conditions, and limitations under the applicable legal regime.

11.1 Rights under the EU GDPR and UK GDPR

(a)  Right of access to, and to receive a copy of, your personal information.

(b)  Right to rectification of inaccurate or incomplete personal information.

(c)  Right to erasure ("right to be forgotten") in specified circumstances.

(d)  Right to restriction of processing in specified circumstances.

(e)  Right to data portability in respect of information you provided to us, where processing is carried out by automated means and is based on consent or contract.

(f)  Right to object to processing based on our legitimate interests, and to object at any time to processing for direct marketing purposes.

(g)  Right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects concerning you. XEOS does not engage in such automated decision-making in the ordinary course.

(h)  Right to withdraw consent at any time, where processing is based on consent.

(i)  Right to lodge a complaint with a competent supervisory authority, including, in the United Kingdom, the Information Commissioner's Office, and, in the European Union, the data-protection authority of the Member State of your habitual residence, place of work, or place of alleged infringement.

11.2 Rights under the CCPA/CPRA (California Residents)

(a)  Right to know the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for which it was collected, and the categories of third parties to whom it was disclosed.

(b)  Right to delete personal information we have collected from you, subject to statutory exceptions.

(c)  Right to correct inaccurate personal information.

(d)  Right to limit the use and disclosure of sensitive personal information.

(e)  Right to opt out of the sale or sharing of personal information. As noted above, XEOS does not sell or share personal information as those terms are defined under the CCPA/CPRA.

(f)  Right to non-discrimination for the exercise of your privacy rights.

California residents may designate an authorized agent to exercise these rights on their behalf by providing written authorization and, where required, verifiable proof of identity. We will respond to verifiable consumer requests within the timeframes prescribed by the CCPA/CPRA.

11.3 Rights under the Cayman DPA and Other Regimes

Individuals whose personal information is processed in connection with Cayman-domiciled vehicles may also have rights under the Cayman DPA, including rights of access, rectification, erasure, objection, and complaint to the Cayman Islands Ombudsman. Comparable rights may be available under other applicable data protection laws. Requests will be assessed on a case-by-case basis in accordance with the applicable legal regime.

11.4 How to Exercise Your Rights

To exercise any of the rights described in this Section 11, please submit a written request to the Office of the General Counsel / Data Privacy Officer at the contact set forth in Section 2 above. To protect your personal information and the integrity of our records, we may be required to verify your identity before processing your request, and may request additional information reasonably necessary to confirm that the request is made by, or on behalf of, the individual whose personal information is the subject of the request. We will respond to verifiable requests within the timeframes prescribed by applicable law.

 

12. CHILDREN'S PRIVACY

 

The Site and the Services are directed to, and intended for use by, sophisticated professional and institutional audiences. XEOS does not knowingly solicit or collect personal information from any individual under the age of sixteen (16). If we become aware that we have inadvertently collected personal information from a child under the age of sixteen (16) without verifiable parental consent, we will take commercially reasonable steps to delete such information from our records.

 

13. THIRD-PARTY WEBSITES AND SERVICES

 

The Site may contain hyperlinks to websites, platforms, and resources operated by third parties. XEOS has not reviewed and does not control the privacy practices of such third parties and accepts no responsibility for their collection, use, or disclosure of personal information. We encourage you to review the privacy notices of any third-party website or service before providing personal information to it.

 

14. CHANGES TO THIS NOTICE

 

XEOS reserves the right, at its sole discretion, to amend, supplement, or otherwise modify this Notice from time to time in order to reflect changes in our practices, in applicable law, or in the features of the Site. When we do so, we will revise the "Last Updated" date at the top of this Notice and, where the changes are material, we will provide additional notice (such as by a prominent notice on the Site or by direct communication to affected individuals). Your continued access to or use of the Site following the posting of any revised Notice constitutes your acknowledgment and acceptance of the revised Notice.

 

15. GOVERNING LAW AND DISPUTE RESOLUTION

 

This Notice and any dispute, claim, or controversy arising out of or relating to this Notice or the processing activities described herein shall be governed by, and construed in accordance with, the laws of the State of Delaware, without regard to its conflict-of-laws principles, except to the extent that the mandatory application of another jurisdiction's data-protection law cannot be excluded. Nothing in this Notice shall limit or exclude any mandatory right of recourse that you may have under the data protection laws of your place of habitual residence.

 

16. CONTACT US

Questions, comments, and requests regarding this Notice or our privacy practices should be addressed to:

XEOS Energy Partners

Attention: Office of the General Counsel / Data Privacy Officer

1910 Pacific Avenue

Dallas, Texas, United States

privacy@xeospartners.com

 

 

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.