Ironwood Capital Management
General Partner, Investment Manager or Investment Adviser to:
Ironwood Partners L.P.
Ironwood International Ltd.
Ironwood Institutional Ltd.
Ironwood Non-Dollar Fund SPC
Ironwood Institutional Multi-Strategy Fund LLC
Ironwood Multi-Strategy Fund LLC
(the “Advisory Clients”)
This notice (this “Privacy Notice”) informs you of the privacy policies of Ironwood Capital Management (“Ironwood”) and each Advisory Client.
Ironwood collects a variety of nonpublic personal information to facilitate its services, including name, address, social security number, tax identification number, net worth, total assets, income and other financial information necessary to determine required accreditation standards. Unless authorized by the specific client or former client, or as permitted by law, Ironwood will not disclose nonpublic personal information about its clients or former clients to third parties other than affiliates and/or other third party firms that assist Ironwood in providing advisory services and/or effecting client transactions (such as brokers, fund administrators and compliance/operational support service providers), for fraud detection and prevention purposes, or for communicating with you about our products and services. Instances in which Ironwood may, as authorized and as disclosed in this Privacy Notice, share its clients’ information with non-affiliated third parties include:
1. disclosure to companies that provide necessary services such as brokers, accountants, banks, attorneys or administrators.
2. disclosure to government agencies, courts, parties to lawsuits, or regulators in response to subpoenas. In such cases, we share only the information that we are required or authorized to share.
1. access to Ironwood’s locked office requires a security pass (which is generally only provided to Ironwood’s employees);
2. access to clients’ nonpublic personal information is restricted to an identified group of employees and service providers;
3. access to clients’ electronic-based nonpublic personal information is restricted (through passwords or similar securitization) to an enumerated group of Ironwood employees; and
4. employees are strictly prohibited from keeping or transporting clients’ non-public personal information outside of Ironwood’s business premises.
In its efforts to help protect clients against the risks of fraud and fraud-related crimes, including identity theft, Ironwood has also adopted the following internal procedures relating to
the secured disposal of non-public personal information (although this list may not be exhaustive):
1. to the extent not covered under Rule 204-2 of the Investment Advisers Act of 1940, as amended (the “Advisers Act”), hard-copies of clients’ and investors’ non- public personal information (or any extra hard-copies of such non-public personal information, whether or not covered by Rule 204-2) shall be shredded or otherwise destroyed in a manner so that such information cannot be practicably read or reconstructed;
2. to the extent not covered under Rule 204-2 of the Advisers Act, the clients’ and investors’ non-public personal information which is stored on disk, CD, tape or other electronic media (or any extra disks, CDs, tapes or other electronic media which contains such non-public personal information, whether or not covered by Rule 204-2) shall be cleared, purged, declassified, overwritten and/or encrypted in such a manner so that any information contained therein cannot be restored or decrypted; and
3. after the electronic media is cleared, purged, declassified, overwritten and/or encrypted, Ironwood’s Chief Compliance Officer, or her designee, shall check that the original information is not backed-up or saved on a hard drive, recycle bin or other memories.
Ironwood shall notify each third-party service provider engaged by Ironwood which necessarily obtains access to the clients’ and investors’ non-public personal information during the course of their services on behalf of Ironwood or an Advisory Client of its policies and procedures relating to the secure disposal of non-public personal information. Ironwood will request that such service providers notify Ironwood if they believe that their own procedures are not sufficient to ensure adherence to Ironwood’s procedures and obtain contractual assurances of the service provider’s privacy and information security safeguards.
Ironwood established and maintains a security system that covers its use of computers and other technologies. In this regard, Ironwood adopted internal technical, administrative and physical controls and procedures to (i) secure user authentication protocols, (ii) prohibit transmission of unsecured investor information over public or wireless networks and ensure there is the proper encryption of transmitted records and files containing investor information, (iii) prohibit the maintenance of unencrypted investor information on portable devices and ensure there is the proper encryption of all investors’ information stored on laptops and other portable devices, (iv) require periodic updates of firewall protection and operating system patches on systems connected to the internet, (v) ensure that any cleared, purged, declassified, overwritten or encrypted electronic media is not backed-up or saved on a hard drive, recycle bin or other memories, and (v) monitor the effectiveness of controls and update procedures as risks, business practices and security controls evolve.
Ironwood reserves the right to change this privacy notice, and to apply changes to information previously collected, as permitted by law. Ironwood will inform investors of any
changes as required by law.