21 July 2020 Privacy Notice

Overview
SEI Global Services, Inc. and SEI Private Trust Company (collectively "SEI", "we", "our", or "us") were retained by Choate, Hall & Stewart LLP ("Choate") to provide investment processing and reporting services. Choate further retained SEI Private Trust Company to provide certain custodial services to Choate. In order for SEI to provide such services to Choate, Choate provides SEI with access to certain information pertaining to you. This notice applies to the personal information to which SEI has access, stores, and processes. It explains what information SEI has access to provide services to Choate, how we will use the information, who we will share it with and what measures we will take to ensure it remains private and secure. This notice will continue to apply even after your agreement with Choate ends. You should read and understand this notice alongside the terms of services notice connected with use of this portal. Our services including the use of this portal are not directed to or intended for individuals under 18 years of age. By visiting this Website, you are accepting the practices described in this Privacy Notice.

When we refer to you or your, this means you, any authorized person on your account, anyone who looks after your investments for you (e.g., advisors, trustees, executors or those with a power of attorney).

Information Collected
We only collect your information in line with relevant regulations and laws. This information takes many forms and includes records stored on computers and magnetic or optical media, data transmitted across networks or by fax, and information printed out or written on paper. It may also include information about how you interact with this technology, how often you access this portal, on which devices you use to access it along with the IP address you use.

Specifically, SEI may have access to "Nonpublic Personal Information," information about an individual obtained in connection with providing a financial product or service to the individual for personal, family or household purposes, that you have provided to Choate to receive financial products and/or services. As a private client or otherwise in an individual capacity e.g., relating to a trust or investment vehicle (depending on the jurisdiction) we may collect the following types of personal data about you:

Personal details, such as name, previous names, age, date of birth, gender, citizenship, occupation and marital status;
Contact details, such as current and previous address, telephone, email, in some cases both private and work related contact details;
Identification documents, such as your passport, copies which generally include a head and shoulders photograph from, as applicable, your passport, national identity card or driver's license or other government issued ID, as required and permitted by applicable laws and regulations addressing due diligence and related matters;
A government-issued personal identifier, such as depending on your country of residence, your Social Security Number, National Insurance Number, Tax File Number etc. (as permitted by law);
Personal relations to any senior political figures (e.g. senior military or government official) to whom you are connected;
Login credentials used to access this portal;
Financial information, including source of wealth/funds, investment experience and objectives, risk tolerance and, in certain jurisdictions, representations required under applicable law or regulation concerning your financial resources.

You are not required to supply any of the personal data that we request. However, failure to supply any of the personal data that we request may result in our being unable to open or maintain your account, provide services to you or your company, discuss any other opportunities with you or deal with other matters.

The personal data we have access to regarding you comes primarily from information that you submit to Choate or that is otherwise captured during the course of your relationship with Choate. We also collect personal data when we monitor or record our communications with you or through use of certain technology as detailed further below.

Personal Data from Other Sources
We also have access to your personal data from third parties who provide services to you such as your financial adviser, financial planner, dealer group, or investment manager. The personal data we have access to through these sources include personal details, contact details, identification documents, personal identifier, financial account information, and where permitted by applicable law and only to the extent needed information relating to political affiliations, trade union membership or criminal convictions.

Where you are an individual associated with a corporation or institution with which SEI does business, your personal data will also be provided to us via that corporation or institution. Such personal data includes personal and contact details, identification documents and, where permitted by applicable law and only to the extent needed, information relating to political affiliations, trade union membership or criminal convictions.

Use of Information
We will only use your information where we have your consent and where we have a legitimate and lawful reason for using it. These reasons may include any of the following where we:

need to pursue our legitimate interests;
need to process the information to enter into an agreement with you or carry out an instruction you give us;
need to process the information to comply with a legal obligation;
respond to questions and requests you raise with us;
believe it is in the public interest to use your information, e.g., for the purpose of preventing or detecting crime; and
according to the terms of use or permitted by law.

We welcome online feedback and provide forums for feedback on.

Disclosure of Nonpublic Personal Information
We do not disclose any Nonpublic Personal Information to third parties, except as permitted or required by law, rules or regulations. We may disclose Nonpublic Personal Information to other financial institutions with which it has a joint marketing agreement or similar arrangement. Nonpublic Personal Information may be disclosed to affiliated and nonaffiliated third parties to enable them to provide business services for us, including marketing services, such as helping to evaluate requests for products or services, performing general administrative activities and/or assisting in processing transactions. The affiliated and nonaffiliated third parties are required to protect the confidentiality and security of this information and to use it only in accordance with our instructions. In the event that a customer decides to close an account or otherwise becomes an inactive customer, we will continue to follow its privacy and information security practices.

Cookies
What Are Cookies?
A cookie is a small text file that is stored on a user’s computer, smartphone or device for accessing the internet. We may link the information we store in cookies to any personal information you submit while in our portal. Cookies save data about individual visitors to the website, such as the visitor's name, username, screen preferences and the pages within a portal visited by the user.

What Do We Use Cookies For?
We use cookies for a variety of reasons such as to identify a user’s browser, determine preferences, help to efficiently navigate between pages during a browsing session, verify users and carry out essential security checks as well as enhance the user’s experience.

We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your computer, smartphone or device for an extended period of time. When a visitor revisits the website, we may recognize the visitor by the cookie and customize the visitor's experience accordingly. You can remove persistent cookies by following directions provided in your Internet browser’s “help” tool.

If you reject cookies, you may still have access to our portal, but your ability to use effectively some areas of our portal may be hampered.

Managing Cookies Usage
You may block the installation of cookies by certain settings provided by your browser software. We would like to inform you, however, that in this case you may find using our portal may be hampered. You can prevent the compilation of data (including your IP address) through cookies and website use by downloading and installing the browser plug-in available through the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Portal Security
We protect your account information from unauthorized access, to the best of our ability, by placing it on the most secure portion of our website. To use this portal which accesses your personal and account information, you must enter your unique user name and password as well as any additional authentication methods we employ by responding with the details used to set up portal access. You should never share your username, password or other credentials with anyone. None of our other clients can access your data, and only a restricted set of our employees can access your data and can only do so in order to provide service to you. We upgrade and maintain our technology on an ongoing basis. Although the website you used to access this portal may link to some external sites, we are not responsible for the privacy practices of those websites.

Legal Basis for which we will use your Personal Data
We are not allowed to process personal data if we do not have a valid legitimate, legal basis for doing so. Accordingly, we, will only process and use your personal data:

If necessary for taking steps to enter into or executing a contract with you for the services or products you request, or for carrying out our obligations under such a contract;
To exercise and defend our legal rights anywhere in the world including in relation to any litigation, disputes or contentious matter we are involved in and/or to assist with investigations, complaints, regulatory requests, litigation, arbitration, mediation or requests from individuals;
In order to comply with legal and regulatory obligations and requests, (including any legal or regulatory guidance, codes or opinions), applicable to us anywhere in the world;
To carry out money laundering and conflict checks and for fraud, financial crime prevention purposes (and this may include consideration of information regarding political affiliations and criminal offences committed or alleged to have been committed); to verify your personal data we collect from you or is provided by or on behalf of Choate for such credit, money laundering and conflict checks;
For reporting (including without limitation transaction reporting) to, and audits by, national and international regulatory, enforcement or exchange bodies.

Our Security Procedures
We maintain physical, electronic and procedural safeguards that are designed to protect Information. We are committed to the following principles to ensure the confidentiality and protection of Information: maintaining Information security, taking into consideration business requirements, risk mitigation, industry practice, and legal and regulatory requirements; protecting all forms of Information; implementing security measures that are effective, consistent and cost justified; effective implementation by management and staff for adherence to policies and procedures; monitoring advances in security technology to ensure that we are providing an appropriate level of privacy and safety; and, appropriate reporting of deviations from the policies and procedures or security breaches. Our employees are required to protect the confidentiality of Information and observe policies and procedures in accordance with their job function. Employees may only access information when there is an appropriate reason to do so, such as to administer or offer our products and services and may be subject to disciplinary rules for noncompliance with policies and procedures. We may conduct business in various locations where the laws conflict with our established policies and/or procedures. In such instances, we will use commercially reasonable efforts to make appropriate modifications designed to enable our use and treatment of information to comply with local law.

Changes to this Privacy Notice
We reserve the right to modify or supplement this Privacy Notice at any time. Therefore, we recommend that you review this Privacy Notice, updated and posted on this portal, regularly for changes. The effective date of this Privacy Notice, as stated above, indicates the last date it was revised or materially changed.

Questions Regarding this Policy
Please direct any questions or complaints to SEI concerning the use of your personal information by using the contact information below. We will investigate complaints promptly and diligently and endeavor to resolve any disputes quickly.
    SEI Investments
   100 Cider Mill Rd
   Collegeville, PA 19426
   (610) 676-1000 or 800-DIAL-SEI
   https://seic.com/help-clients
   Privacy Officer: email DataProtectionOfficer@seic.com

Data Subject Access Requests (DSAR)
If you wish to make a Data Subject Access Request to inform us of a change or correction to your personal information, request a copy of the information we collect on you or is provided by or on behalf of Choate, request deletion of your information or restrict the processing of your information, please use the contact details below.
Privacy Officer: email DataProtectionOfficer@seic.com
Toll Free Number: 800-DIAL-SEI

Choate PRIVACY POLICY

Choate, Hall & Stewart LLP, is a firm of lawyers, with its sole office in Boston, Massachusetts. We are subject to Rule 1.6 of the Massachusetts Rules of Professional Conduct, which provides that we shall not reveal confidential information relating to the representation of a client. An affiliate of the law firm, Choate Investment Advisors, is a registered investment advisor. Clients of our Wealth Management Group receive services from both Choate, Hall & Stewart LLP and Choate Investment Advisors. This Privacy Notice applies to both entities.

this choate privacy policy ("privacy policy") explains how choate, hall & stewart llp, and choate investment advisors (collectively "choate", "we", "us", "our") collects, uses, shares, and protects certain personal information obtained from our clients and from visitors to our websites (www.choate.com and www.choateia.com) and the choate wmg portal (www.choateweb.com) (the "sites"), in connection with the legal, investment advisory, and other services we offer (collectively, the "services"). by visiting the sites or using the services, you consent to our collection, use, and disclosure of your information under the terms of this privacy policy.

Choate may obtain "Nonpublic Personal Information," which is information about you that we obtain and use in connection with providing the Services.

Amendments to this Privacy Policy will be posted to the Sites and/or in connection with the Services and be effective when posted. Your continued use of the Services following the posting of any amendment to the Privacy Policy shall constitute your acceptance of such amendments.

1. What Nonpublic Personal Information does Choate collect ?

The type of Nonpublic Personal Information we collect depends on the Services that Choate provides for you. The Nonpublic Personal Information may include the following information of yours and of a family member:

Contact information, such as name, email address, and mailing address;
Financial information, such as income;
Account information, such as banking and debit cards numbers, investment account numbers, and associated account balances and usage;
Transaction information, such as brokerage and investment transactions,
Identification and demographics information, such as passport number, driver’s license or other state identification numbers, lifestyle information, social security number, and gender; and
Device identifiers, such as IP address.

2. How does Choate collect Nonpublic Personal Information?

We may collect your Nonpublic Personal Information directly from you, via email, mail, telephone, the Sites, in person meetings, and cookies (see our cookies policy, below.) We also may receive Nonpublic Personal Information from others, such as banks and other financial institutions, and from transactions with Choate or others.

3. How does Choate Use Nonpublic Personal Information?

Choate uses the Nonpublic Personal Information it collects in a variety of ways depending on the nature of our relationship with you and the Services we provide. We may use your Nonpublic Personal Information for our everyday business purposes of providing services, including, but not limited to:

Categories of Information	Business purpose
Contact information	Delivering requested legal services
Contact information Account information Financial information Transactional information Identification and demographics	Delivering investment advisory services; Processing, servicing, and maintaining your accounts and transactions
Account information Financial information Transactional information Identification and demographics	Completing the transactions for which the Nonpublic Personal Information was collected
Account information Financial information Transactional information	Servicing and maintaining accounts and transactions; Responding to your requests
Contact information Device identifiers	Detecting security incidents, protecting against malicious deceptive, fraudulent, or illegal activity Debugging our systems

4. Your right to limit sharing.

Federal law gives you the right to limit: (i) our affiliates from sharing information about your creditworthiness; (ii) our affiliates from using your Nonpublic Personal Information to market to you; and (iii) our sharing your Nonpublic Personal Information with non-affiliates to market to you. State laws may give you additional rights to limit sharing. Please direct any questions regarding your rights to limit sharing to: privacy@choate.com

5. Cookies

Our Sites use cookies, messages given to a Web browser by a Web server. The browser then stores the cookies in a text file. Our Sites use two types of cookies:

Session cookies, which are temporary cookies that are deleted automatically whenever you close all open Web browser windows. Session cookies are used to ensure that you are recognized when you move from page to page within the Sites and that any information you have entered is remembered. Session Cookies do not collect information from your computer. They typically will store information in the form of a session identification that does not personally identify you.

Persistent cookies, which remain permanently on the cookie file of your computer. These persistent cookies contain the user ID used to access the Sites, together with encrypted identification values associated with the user ID in conjunction with the particular device (e.g. the PC, mobile device or other computer from which you accessed the Sites). These persistent cookies are used to provide enhanced security measures, personalize your experience on the Sites, monitor overall Site performance, enable multifactor authentication, recognize the preferences of returning users, and provide overall Site usage reporting. Cookies placed on your devices do not contain any personal information, such as an email address or name.

Although your browser may permit you to reject cookies, cookies are required to login and navigate within our Sites. If you choose to disallow cookies you will be required to respond to challenge questions each time you log on to our Sites.

6. How we protect your Nonpublic Personal Information

We protect your account information from unauthorized access, to the best of our ability, which is why you must enter a unique user name and password as well as multi-factor authentication when you access the portal affiliated with Choate Investment Advisors (the "Choate WMG Portal"). Your password should never be shared with anyone.

None of our other clients can access your Nonpublic Personal Information, and only a restricted set of our employees can access your Nonpublic Personal Information in order to provide our Services to you. When you access password protected portions of our Choate WMG Portal using a web browser, Secure Sockets Layer (SSL) technology is used to protect your communications through server authentication and data encryption. We upgrade and maintain our technology on an ongoing basis.

Although the Sites may link to some external sites, we are not responsible for the privacy practices of those websites. You may wish to review the privacy policy of those third party external sites.

7. Minors

We only collect, use, or retain any Nonpublic Personal Information from or about individuals under the age of 18 with prior written parental consent. If a parent or guardian believes that Choate has in its database the Nonpublic Personal Information of a child under the age of 18 for which consent was not provided, please contact us immediately at: privacy@choate.com and we will use our best efforts to promptly remove such information from our records. Minors under the age of 18 must provide us with written permission of their parent(s) or legal guardian(s) before accessing the Choate WMG Portal or using our Services.

8. Vermont and California Consumers Only

The information practices described above comply with federal law. Vermont and California laws place additional limits on sharing Nonpublic Personal Information about their residents and consumers. If you are a Vermont resident or California consumer, Choate will automatically limit the disclosure of Nonpublic Personal Information to affiliated and nonaffiliated third parties as permitted or required by applicable law or regulation.

California consumers have additional rights under the California Consumer Privacy Act ("CCPA"), with respect to Nonpublic Personal Information that is not covered under a federal law ("Personal Information"). If you are a California consumer, this section summarizes your rights under the CCPA, how you may exercise them, and what Choate will do in response.

As a law firm, much of the data we collect and process is not subject to CCPA consumer rights. Without limiting the foregoing:

Consistent with the CCPA, job applicants, current and former employees, and independent contractors, other than prospective, current, and former partner of Choate ("Personnel"), and subjects of certain business-to-business communications acting solely in their capacity as representatives of another business are not considered “consumers” for purposes of this California privacy notice or the rights described herein.
Personal Information subject to an evidentiary privilege, such as the attorney-client privilege and/or attorney work product protection, is not subject to consumer rights to know (consumer-specific information and copies), delete, or opt-out under the CCPA as described below; however, we do include this Personal Information in our description of Personal Information, below.
Publicly available information (as defined by the CCPA) is not Personal Information under the CCPA and not included in the disclosures described below and is not data to which consumers have rights under the CCPA.

California consumers have the right to request:

Disclosure of categories of Personal Information collected by Choate in the previous twelve months;
Disclosure of categories of Personal Information sold in the previous twelve months;
Disclosure of categories of Personal Information disclosed for a business purpose in the previous twelve months; and
Deletion of the Personal Information.

We will require a verifiable request from the California consumer before we comply with a CCPA request. We are not required to delete Personal Information if it is necessary for our business to maintain the personal information to:

Complete the transaction for which the Personal Information was collected;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for the activity;
Debug;
Comply with applicable federal or state law;
Carry out solely internal uses that are aligned with your expectations based on your relationship with Choate; or
Use internally the Personal Information in a lawful manner.

Please also note that we are not obligated to comply with consumer requests to the extent that doing so would infringe on our, or any other person’s or party’s rights, or conflict with applicable law.

We may disclose your Personal Information for the following purposes: (i) if you direct us to share Personal Information; (ii) to comply with your requests; and (iii) as otherwise required or permitted by applicable law, and this may override your rights under CCPA or other applicable privacy laws.

This notice reflects our good faith understanding of the CCPA and our data practices as of July 1, 2020, but the CCPA’s implementing regulations are not yet finalized. For example, Choate has not sold any Nonpublic Personal Information or any Personal Information in 2019 but implementing regulations may change or refine the definition of “sale” by, for example, addressing the collection of data by third-party cookies and other website technologies or development of “do not sell” signals. Accordingly, we may update information regarding our data practices and your rights, modify our methods for responding to your requests, and/or supplement our response to your requests in future modifications to this Privacy Policy.

Choate may not discriminate against you for exercising any of the rights cited above.

Please direct any questions regarding our Privacy Policy, including California consumer requests to:

    Email address: privacy@choate.com; or
   Toll free number: 1-833-590-0125
   You may also send an email via the Contact page provided on the Sites.
   Choate, Hall & Stewart LLC
   Two International Place
   Boston, MA 02110    LAST UPDATED: July 9, 2020