Data Policy

Last updated: 1 January 2026

1. Introduction

Kennis Wiser Capital Ltd (“Kennis Capital”) is committed to maintaining the highest standards of data governance across all of its operations. This Data Policy sets out the principles and procedures by which we classify, handle, store, and share data in connection with our fund management activities and corporate operations. This policy applies to all employees, contractors, and third-party service providers with access to Kennis Capital data.

2. Data Classification

All data held by Kennis Capital is classified into one of four tiers based on sensitivity and regulatory requirements:

• Tier 1 — Public: Information that has been approved for public disclosure, including published fund performance summaries, press releases, and publicly available corporate information.
• Tier 2 — Internal: Information intended for internal use within Kennis Capital and its affiliates, including internal reports, operational procedures, and non-sensitive business correspondence.
• Tier 3 — Confidential: Sensitive information that, if disclosed without authorisation, could cause material harm to Kennis Capital or its investors, including fund financial models, investor identity data, portfolio valuations, and commercial terms.
• Tier 4 — Restricted: Highly sensitive information subject to the strictest access controls, including encryption keys, authentication credentials, anti-money laundering investigation files, and regulatory examination materials.

3. Data Handling Procedures

Data handling procedures are determined by the classification tier assigned to the data:

• All electronic data classified as Tier 3 or Tier 4 must be encrypted at rest and in transit using industry-standard encryption protocols.
• Access to Tier 3 and Tier 4 data is granted on a strict need-to-know basis and requires multi-factor authentication.
• Tier 2 data must be stored within approved systems and shall not be transmitted to external parties without appropriate authorisation.
• All data access is logged and subject to periodic audit review.

4. Third-Party Data Sharing

Kennis Capital may share data with third parties in the following circumstances:

• With fund administrators, auditors, legal advisors, and other professional service providers engaged by Kennis Capital, subject to appropriate confidentiality agreements and data processing agreements.
• With regulatory authorities, including the Jersey Financial Services Commission and, where applicable, the UK Financial Conduct Authority, as required by law.
• With technology service providers who process data on our behalf, subject to contractual safeguards that ensure compliance with this Data Policy and applicable data protection legislation.

5. Cross-Border Data Transfers

Where data is transferred outside of Jersey, the United Kingdom, or the European Economic Area, Kennis Capital ensures that adequate safeguards are in place. This includes the use of standard contractual clauses, adequacy decisions, and binding corporate rules, as applicable. All cross-border transfers are documented and subject to periodic review to ensure continued compliance with the Data Protection (Jersey) Law 2018 and the UK GDPR.

6. Data Retention and Disposal

Data is retained in accordance with our retention schedule, which is aligned with regulatory requirements applicable to Jersey-based fund managers. When data reaches the end of its retention period, it is securely disposed of using methods appropriate to its classification tier, including secure deletion of electronic records and confidential destruction of physical records.

7. Contact

For questions regarding this Data Policy, please contact our Data Protection Officer at dpo@kenniscapital.com.