Vineyard Offshore LLC
Personal Data Privacy Policy
Please read the following terms and conditions of use carefully before using this site. By using this site, you are agreeing to accept, unconditionally and without modification, the following terms and conditions.
The Board of Managers of Vineyard Offshore LLC (“Vineyard Offshore”) oversees the management of Vineyard Offshore and its business with a view to enhance the long-term value of Vineyard Offshore for its members. The Board of Managers of Vineyard Offshore(the “Board”) has adopted this Personal Data Privacy Policy (this “Policy”) to assist in exercising its responsibilities to Vineyard Offshore and its members. This Policy is subject to periodic review and modification by the Board from time to time. This Policy and Vineyard Offshore’s limited liability company agreement, corporate governance guidelines and other policies pertaining to corporate governance and regulatory compliance, risk, and social responsibility (collectively, the “Corporate GovernanceSystem”) form the framework of governance of Vineyard Offshore. Vineyard Offshore’s Corporate Governance System is inspired by and based on a commitment to ethical principles, transparency, and leadership in the application of best practices in good governance and is designed to be a working structure for principled actions, effective decision-making and appropriate monitoring of both compliance and performance.
1. Purpose
In the context of Vineyard Offshore business activities, Vineyard Offshore processes Personally Identifiable Information (“PII”) from different groups of stakeholders such as customers, employees/agents, and suppliers. Vineyard Offshore recognizes the importance of proper use and handling of the PII acquired, used, stored, destroyed, or disclosed in the course of Vineyard Offshore’s business activities. This Policy sets forth the general principles that will guide the processing of PII by Vineyard Offshore and the basic framework for the distribution of privacy compliance related responsibilities within the different Vineyard Offshore business teams. This Policy does not, and is not intended to, describe the specific privacy practices of Vineyard Offshore, but sets forth the general principles that guide Vineyard Offshore’s approach towards privacy compliance. This Policy is not, and should not be construed as, a privacy notice, statement, or disclosure.
2. Principles
Vineyard Offshore companies shall comply with all applicable privacy laws and regulations in relation to the processing of PII. In addition, Vineyard Offshore shall consider the following general principles when processing PII:
a) Management. Define, document, communicate, and assign accountability for privacy practices.
b) Notice and Purpose Specification. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, provide notice about privacy practices, including identifying the purposes for which PII is collected, used, retained, and disclosed.
c) Choice and consent. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, describe the choices available to stakeholders and obtain implicit or explicit consent with respect to the collection, use, and disclosure of PII.
d) Collection Limitation. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, limit the collection of PII to information needed for legitimate business needs and purposes and any other purposes that may be specified in a privacy notice. If stakeholders have been provided with a privacy notice identifying the purposes for which specific PII is collected, Vineyard Offshore shall only collect the specified PII for purposes that are consistent with the privacy notice.
e) Openness. Vineyard Offshore shall strive to be transparent about its practices with respect to the processing of PII.
f) Use, retention, and disposal. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, limit the use of PII to legitimate business needs and purposes and any other purposes identified in any applicable privacy notice.When appropriate, Vineyard Offshore shall strive to retain PII for only as long as necessary to fulfill legitimate business needs or stated purposes or as required by law or regulations, and thereafter appropriately dispose of such information.
g) Access. When required by applicable law or otherwise indicated in any applicable privacy notice, provide stakeholders with appropriate access to their PII for review and verification.
h) User Limitation and Disclosure to third parties. Vineyard Offshore employees’ right to access PII shall appropriately account for whether the employee “needs to know”and/or “needs to have” access to the PII to fulfil job responsibilities.
Vineyard Offshore may disclose PII to third parties, including, without limitation, to (i)affiliates, (ii) contractors, service providers, and other third parties used to supportVineyard Offshore’s business, or (iii) any successor or assignee. As appropriate, privacy notices provided by Vineyard Offshore shall strive to describe the type of third parties that could be given access to specific PII and the circumstances thereof. When contracting with third parties that may access PII, Vineyard Offshore shall take appropriate measures to assess, monitor and control the risks associated with the processing of PII by such third party.
i) Security for privacy. Vineyard Offshore shall have in place appropriate technical and organizational security measures that aim to protect PII against unauthorized accessor acquisition. In the event of a data security breach, Vineyard Offshore shall take appropriate steps to comply with applicable breach notification requirements.
j) Data Quality. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, take reasonable steps to maintain accurate and relevant and, where necessary, up-to-date PII.
k) Monitoring and enforcement. When required by applicable law or otherwise considered appropriate by Vineyard Offshore, regularly monitor compliance with privacy procedures and practices.
As feasible and appropriate, the general principles set forth in this Policy shall also be considered when developing and implementing internal procedures and rules and when designing and implementing systems containing PII.
3. Organization
Acting under the supervision of the Board of Managers, the General Counsel and theChief Compliance Officer, Vineyard Offshore shall ensure appropriate personnel are identified for (i) supervising the implementation of this Policy by Vineyard Offshore, (ii)developing and maintaining appropriate privacy procedures, rules and practices, (iii)monitoring compliance by Vineyard Offshore of this Policy and any applicable privacy procedures, rules and practices, (iv) monitoring and informing of material developments concerning privacy laws and regulations, and (v) causing IT representatives to implement appropriate information technology controls and developments.
As appropriate, the business and corporate functions of Vineyard Offshore shall identify data owners and shall strive to process PII in accordance with the principles set forth in this Policy and any applicable privacy procedures, rules and practices. The business and corporate functions that regularly process PII shall designate a coordinator for data privacy related purposes that shall be responsible for supervising compliance with thisPolicy and any applicable privacy procedures, rules and practices within such function and coordinating with the Legal and Compliance functions.
This basic framework for the distribution of privacy compliance related responsibilities within the different Vineyard Offshore business groups may be further developed or supplemented by other internal frameworks, procedures, or rules.
***
This Personal Data Privacy Policy was approved by the Board of Managers on April 12, 2023.