Jefferies Privacy Notice

1. Introduction

This Privacy Notice (“Notice”) explains what we do with your information. It describes how we collect, use and process your information, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your information privacy rights.

Except as noted below, this Privacy Notice applies to each of the following who interact with Jefferies LLC (whether directly or through certain of its affiliates, all of which are directly or indirectly owned by Jefferies Financial Group Inc.(together “Jefferies” “we” “our” or “us”) when you provide information to us or access our website at https://jefferies.com/ or any other website where this Notice is posted (collectively, the “Sites”): prospective clients, suppliers, personnel of corporate clients/suppliers, other persons (excluding employees and job applicants to whom a separate privacy notice applies) and any other website users whose information we may process when using the Sites.

If you are an individual who is an investor in one of Jefferies’ financial products or an existing client, this Notice does not apply to you; rather the privacy notice that you receive on an annual basis pursuant to applicable law applies to the nonpublic personal information that we collect and process in connection with our provision of financial services to you (that policy is located here). Please contact your Jefferies relationship manager if you have any questions on this or require an additional copy of your privacy notice.

The affiliated companies owned by Jefferies Financial Group Inc. allow us to provide greater value to our customers, employees and shareholders. In the course of our business, employees or representatives of various Jefferies affiliates will have access to your information. They have agreed to hold your information confidential and to comply with this Notice.

2. The types of information we collect

2.1 Information you provide to Jefferies

We may collect your contact details (name, telephone numbers, job title and employer and email or postal addresses) when you engage with us when using the Sites or otherwise, such as when you request information about Jefferies or you sign up for and attend investor conferences and other events. Where we are required to carry out verification checks, to comply with our legal and regulatory obligations, we will collect specific additional information about relevant individuals (such as directors and beneficial owners), including, for example, date of birth, payment details, tax residence information, copies of photo identification documents (such as a driver license and/or passport/identity card), information about nationality/citizenship/place of birth, national identification numbers and other identity verification documents. We may also hold information that another person within your organization has chosen to provide us.

Where existing or prospective corporate clients/vendors provide us with information relating to their directors, employees, officers, agents, clients or any other person, such information is deemed to have been provided on the basis that: (i) those individuals have been informed and understand that their information is being provided to us or our affiliates; (ii) those individuals have been provided with information regarding the collection, use, processing, disclosure and overseas transfer of their information; (iii) the client/vendor has a lawful basis (in accordance with applicable data protection laws and regulations) to provide such information to us; and (iv) those individuals are aware of their privacy/data protection rights and how to exercise them.

We may also collect information relating to your engagement with regard to material that we publish, which we use to ensure that our relationship management communications to you are relevant and timely and, where such material is subject to charges for accessing it, that you are charged the correct amount. In certain circumstances, calls with you may be recorded and monitored (to ensure compliance with regulatory obligations), depending on the applicable local laws and requirements.

We do not seek to collect or otherwise process sensitive information about individuals (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data) or criminal conviction/offence data unless it is necessary for compliance with a legal and/or regulatory obligation. We request that you do not provide us such sensitive information.

2.2 Information automatically collected

We may also collect information through automated and technical means as you browse or otherwise use our Sites.

2.2.1 Information about usage of the Sites

As you browse the Sites, we and our service providers who work on our behalf, use various technologies, like cookies and tracking pixels (see below for more information) and webserver logs, to assist in automatically collecting information about how you use the Sites. A web server log is a file where website activity is stored and our servers may automatically record certain information, such as your web request, IP address, referring/exit pages and URLs, number of clicks and how you interact with links on the Site, browser type and settings, domain names, landing pages, pages viewed, mobile carrier, mobile device identifiers and information about the device you are using to access the Sites, date and time stamp information and other such information through web server logs.

2.2.2. Location Information

We collect and process general information about the location of the device from which you are accessing the Sites (e.g., approximate geographic location inferred from an IP address).

2.2.3 Cookies and other tracking technologies

We and our service providers may also collect information about your use of the Sites using online tracking technologies, like cookies and tracking pixels. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to recognize your computer; enhance your user experience by delivering content specific to your inferred interests; understand the web pages you have visited; perform searches and analytics; and assist with security administrative functions. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are electronic tags with a unique identifier embedded in websites, and/or email, and that are designed to provide usage information like clicks and to access user cookies. We and our service providers may also include Web beacons in email messages, newsletters and other electronic communications to determine whether the message has been opened and for other analytics, personalization and advertising. As we and our service providers adopt additional technologies, we may also gather additional information through other methods. You can change the settings on your own device to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information. Please note that by blocking any or all cookies, you may not have access to certain features.

2.3 Information we receive from other sources

Where appropriate and in accordance with any local laws and requirements, we may seek contact and other information about you or your organization from other sources by way of due diligence or other market intelligence including: (i) from third party data providers and by analyzing online and offline media (which we may do ourselves, or employ other organizations to do so for us); (iii) from delegate lists at relevant events; and/or (iii) from other limited sources and third parties (for example, from third party brokers and counterparties who may provide us with your details in accordance with any regulatory requirements).

3. How we use your information

We and our service providers may use the information we collect from and about you for the following purposes:

• To maintain, provide, and improve the Sites and our services;
• To prevent or address technical or security issues;
• To contact you to offer you initial or additional services, keep you up to date with business development and market insights or to invite you to events that may be of interest (except where you have asked us not to).
• To process and respond to your inquiries or to request your feedback;
• To identify you by your device(s) and to match your device(s) with other browsers or devices you use for the purpose of providing relevant and easier access to content and other operational purposes;
• To conduct events you may attend;
• To engage in internal analytics, research, and reporting;
• To work with our suppliers including to store their details in our database, obtain support services; perform certain legal and regulatory obligations, such as carrying out anti-money laundering and verification/background checks; and facilitating invoicing;
• To comply with the law;
• To detect, respond to and perform investigations of potential fraudulent or illegal activity, and protect your safety, rights, property, or security, or the safety, rights, property, or security of Jefferies, the Sites, Jefferies clients, Jefferies personnel, the general public and other third parties (collectively, “Security Purposes”); and
• To enforce the legal terms that govern your use of the Sites.

We and our service providers may use the categories of personal information we collect from and about you for the following business and commercial purposes (as those terms are defined in applicable law):

• Our or our service providers’ operational purposes;
• Auditing consumer interactions on our Sites;
• Security Purposes;
• Bug detection and error reporting;
• Customizing content that we or our service providers display
• Other uses such as reaching out to our Site visitors;
• Other uses about which we notify you.

We may combine information that we collect from or about you (including automatically collected information) with information we obtain about you from any companies that are part of Jefferies and/or non-affiliated third parties, and use such combined information in accordance with this Notice.

We may aggregate and/or de-identify/anonymize information collected through the Sites or otherwise. We may use aggregate or de-identified/anonymized information for any purpose, including without limitation for research and analytics, and may also share such information with any third parties, including partners, affiliates, subsidiaries, services providers, and others

4. How we share and disclose your information

Where appropriate and in accordance with local laws and requirements, we may share your information, in various ways and for various reasons, with the following categories of people:

• Affiliates within Jefferies;
• Tax, audit, regulatory bodies, law enforcement agencies or other authorities, when we believe in good faith that the law or other regulation requires us to share this information (for example, because of a request by a tax authority, in connection with any anticipated litigation or in compliance with our legal and regulatory obligations), or for Security Purposes;
• Third party service providers who perform functions on our behalf (including, without limitation, administrators, external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems, and others who provide sales, marketing, analytics, data storage, Security Purposes related, and other similar services);
• Third party outsourced IT and document storage providers (including cloud-based storage providers) where we have an appropriate processing agreement (or similar protections) in place;
• Third parties for legal purposes. We may disclose information that we collect and maintain about you if we are required to do so by law, or in a good faith belief that such disclosure is reasonably necessary to comply with legal process or for Security Purposes; and
• If Jefferies is subject to a bid, or otherwise merges with or is acquired by another business or company in the future, we may share your information with the new (or prospective) owners of the business or company.

To ensure that your information receives an adequate level of protection, we put in place appropriate procedures with the third parties we share your information with to ensure that your information is treated by those third parties in a way that is consistent with, and which respects, the law and regulation on data protection.

5. How we safeguard your information

We are committed to taking appropriate steps to protect the information that we hold from misuse, loss, or unauthorized access. We do this by having in place a range of appropriate technical and organizational measures. These include measures to deal with any suspected data breach and training for staff on handling information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information because despite our efforts, no Internet and/or other electronic transmissions and data can be completely secure. Please note you are responsible for ensuring that any information that you send to us is sent securely (e.g. encrypting attachments) and that you do not share your credentials with anyone.

6. How long we keep your information

We will ordinarily process your information throughout the course of our interactions and will then generally retain it for an appropriate amount of time after we have parted ways. The precise length of time will depend on the type of information, our legitimate business needs and other legal or regulatory rules that may require us to retain it for certain minimum periods. There may also be some legal, regulatory or risk-management requirements to retain information, including where certain information might be relevant to any potential litigation (bearing in mind relevant limitation periods).

Once we have determined that we no longer need to hold your information, we will undertake one or more of the following: delete it from our systems and destroy hard copies, archive the information so it is beyond use or anonymize/de-identify the relevant information.

7. How we store and transfer your information

In undertaking services for you, your information may be transferred to companies that are part of Jefferies and third parties. Jefferies protects the information that it transfers with appropriate technical and organizational measures described above.

8. Site analytics and do-not-track

8.1 Website Analytics

We may use third-party web analytics services on our Sites to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics generally, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

8.2 Notice Concerning Do Not Track

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. However, we do not currently recognize or respond to browser-initiated DNT signals.

9. California Privacy Rights

If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)). We describe the categories of information we collect, our business purposes for collecting such information, the sources and uses of such information and the entities to which we share such information in “The types of information we collect” “How we use your information” “How we share and disclose your information” sections of this Notice.

This information and the rights discussed below do not apply to information collected from or about our employees, former employees, candidates, job applicants, contractors, service providers, or business contacts of Jefferies or any other persons who are not covered by this Notice.

CCPA Rights. California residents can make certain requests about their personal information under the CCPA. Specifically, if you are a California resident, you may request that we:

• provide you with information about: the categories of personal information we collect, disclose or sell about you; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we share personal information. Such information is also set forth in this Privacy Notice.
• provide access to certain information we hold about you;
• delete certain information we have about you; and/or
• provide you with information about the financial incentives that we offer to you, if any.

California residents can also designate an authorized agent to make such requests on their behalf.

The CCPA further provides you with the right to not be discriminated against (as provided for in applicable law) for exercising your rights.

Please note that certain information may be exempt from such requests under California law, such as business contact information.

We will take reasonable steps to verify your identity before responding to a request. If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at [email protected] or 1- (833) 454-0667 (toll-free) or speak to your Jefferies representative.

Sale of personal information. The CCPA sets forth certain obligations for businesses that “sell” personal information. Pursuant to the definition of “sell” under the CCPA and current guidance, we do not believe that we engage in such activity and have not engaged in such activity in the past twelve months, including for minors under 16 years of age without affirmative authorization.

Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.

10. European Privacy Rights

Where personal data of individuals resident in the European Union is controlled or processed by Jefferies LLC in the US, then, in addition to the above, Jefferies LLC will follow the provisions of the Jefferies EMEA Privacy Notice as to such EU personal data (for which, click here).

11. Changes to our Privacy Notice

We reserve the right to amend this Notice at any time to reflect changes in the law, our data collection and use practices, the features of our Sites, or advances in technology. We will make the revised Notice accessible through the Sites, so you should review the Notice periodically.

12. Jefferies contact details

If you have any comments, questions or concerns about any of the information in this Notice, or any other issues relating to the processing of your information by Jefferies, please contact our Jefferies Americas Privacy Office by email or mail: