This California Privacy Notice is provided in addition to the Genstar Capital Website Privacy Notice and any other privacy notice provided by Genstar, and explains Genstar’s online and offline collection, use, and disclosure of Personal Information relating to residents of the State of California (“consumers”, “you” or “your”) covered by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together, the “CCPA”) and provides information regarding how such California residents can exercise their rights under the CCPA.

This supplement is only relevant to you if you are a resident of California as determined in accordance with the CCPA.  If you are a Genstar investor, our policies and practices regarding the collection and processing of your Personal Information are detailed in our Investor Privacy Statements.  If you are a Genstar employee, you will have separately received our Employee Privacy Notice.  This California Privacy Notice is available in alternative formats upon request. Please contact [email protected] or 888-910-0557 to request this California Privacy Notice in an alternative format.

I. OUR COLLECTION, USE, RETENTION AND DISCLOSURE OF PERSONAL INFORMATION

1. Sales and Sharing of Personal Information. We do not and have not sold any categories of Personal Information to third parties or shared any categories of Personal Information for the purpose of cross-context behavioral advertising.
2. Collection, Sources and Use of Personal Information. We have collected and used the following categories of Personal Information from the following sources and for the following business purposes during the 12-month period prior to the “last updated” date of this California Privacy Notice:
   

   Categories of Personal Information	Sources	Business Purposes
   Identifiers, including name, contact details (including address, telephone number, email address and Internet Protocol address); cookies, beacons, pixel tags, mobile ad identifiers and similar technology, and other online identifiers.	·  Directly from you, including, for example, through your use of the website, when you send us an email, visit our premises, or otherwise contact or communicate with us; ·  From automated tracking technology and monitoring tools, such as cookies, that track your access and use of our website and other online services; ·  From within Genstar and from our affiliates; ·  From counterparties and intermediaries; ·  From businesses that we are evaluating in connection with a potential investment or business opportunity; ·  From vendors, including service providers, advisors and other business partners; and ·  From recruiting sources, such as agencies, as well as social media networks and other publicly available sources.	·  Providing services, that you reasonably expect from us; ·  Auditing and verifications, including but not limited to verifying the quality and effectiveness of services and compliance activities; ·  Short-term, transient uses, including in relation to cookies and similar technology; ·  Protecting our systems, including detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible; debugging to identify and repair errors that impair intended functionality; ·  To comply with legal obligations, such as in connection with a valid court order, judicial subpoena or regulatory inquiry, and as required by law enforcement agencies, federal or state regulatory agencies, or self-regulatory organizations; and ·  In connection with business transactions, including investments, acquisitions and other business transactions involving Genstar and/or our portfolio companies.
   Other records, including signature, physical characteristics or description; bank account number, other financial information (including accounts and transactions with other institutions); driver’s license or other state ID card number, or passport number; medical information and health insurance information; and verification documentation (including social security number, tax status, income and assets).	Directly from you; from automated tracking technology and monitoring tools; from within Genstar and from our affiliates; from counterparties and intermediaries; from businesses that we are evaluating; from vendors; and from recruiting sources.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.
   Protected classificationsunder California or federal law, including race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, citizenship status, and military and veteran status.	Directly from you; from automated tracking technology and monitoring tools; from within Genstar and from our affiliates; from counterparties and intermediaries; from businesses that we are evaluating; from vendors; and from recruiting sources.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.
   Commercial information, including financial products or investment services purchased, obtained, or considered, and other investing or consuming histories or tendencies.	Directly from you; from automated tracking technology and monitoring tools; from within Genstar and from our affiliates; from counterparties and intermediaries; from businesses that we are evaluating; from vendors; and from recruiting sources.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.
   Online activity, including your Internet and other electronic network activity information (e.g., browsing history, search history, and information regarding your interaction with websites, applications or advertisements).	Directly from you; from automated tracking technology and monitoring tools.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.
   Employment Information, including your professional or employment-related information.	Directly from you; from within Genstar and from our affiliates; from counterparties and intermediaries; from businesses that we are evaluating; from vendors; and from recruiting sources.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.
   Inferences, including those drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	Genstar does not collect such information.	Genstar does not collect such information.
   Other information you create or provide to us, including the content of your communications with us.	Directly from you; from automated tracking technology and monitoring tools; from within Genstar and from our affiliates; from counterparties and intermediaries; from businesses that we are evaluating; and from recruiting sources.	Providing services; auditing and verifications; protecting our systems; to comply with legal obligations; and in connection with business transactions.

   We do not knowingly collect or solicit any categories of Personal Information from any individual under the age of eighteen (18).

   Genstar may share anonymous or aggregated data in order to facilitate our business operations.  To the extent such data constitutes anonymized or de-identified data under the CCPA and other applicable privacy and data protection laws, we will maintain and use such data without attempting to re-identify the data.

   We may process some of your Personal Information automatically, but we do not use computer algorithms to make automated decisions based on your Personal Information.

3. Sensitive Personal Information.Sensitive Personal Information may include social security numbers, driver’s license numbers, passport numbers, and account credentials. To the extent we collect your Sensitive Personal Information, we will not use or disclose such information for purposes other than (i) to perform services/goods that you reasonably expect from us; (ii) to prevent, detect and investigate security incidents; (iii) to resist illegal actions directed at the business and prosecute defend our rights; (iv) to ensure the physical safety of others; (v) for short-term, transient use; (vi) to perform services necessary for the business; (vii) to verify and maintain the quality and safety of our product or services; and (viii) generally for purposes that do not infer characteristics about you.
4. Retention of Personal Information. We retain Personal Information for as long as is reasonably necessary in connection with the purposes for which the Personal Information was collected. For additional information on how we store your Personal Information, please refer to Section 5 of the Genstar Capital Website Privacy Notice.
5. Disclosures of Personal Information for Business Purposes. We have disclosed the following categories of Personal Information to the following categories of recipients for the following business purposes during the 12-month period prior to the “last updated” date of this California Privacy Notice:
   

   Business Purposes	Categories of Recipients	Categories of Personal Information
   Performing and providing the services that we offer.	Service providers, contractors, advisors and others who provide services to us or on our behalf (together, “service providers and contractors”); professional services organizations, such as auditors, tax advisors, investment advisors, compliance consultants, and law firms (together, “professional advisors”); prospective lenders to or creditors of an entity in which we have or are considering investing (together, “lenders or creditors”).	Identifiers; Other records; Protected classifications; Commercial information; Online activity; Employment information; and Other information.
   Auditing and verifications, including but not limited to, verifying the quality and effectiveness of services and compliance.	Service providers and contractors; professional advisors; lenders or creditors.	Identifiers; Other records; Protected classifications; Commercial information; Online activity; Employment information; and Other information.
   Short-term, transient uses.	Service providers and contractors.	Identifiers; Other records; Protected classifications; Online activity.
   Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.	Service providers and contractors; government entities, including regulatory agencies and law enforcement (together, “government entities”); and professional advisors.	Identifiers; Other records; Protected classifications; Commercial information; Online activity; Employment information; and Other information.
   Debugging to identify and repair errors that impair existing intended functionality.	Service providers and contractors.	Identifiers; Other records; Online activity; Employment information; and Other information.
   To comply with legal obligations such as in connection with a valid court order, judicial subpoena or regulatory inquiry, and as required by law enforcement agencies, federal or state regulatory agencies, or self-regulatory organizations.	Government entities; counterparties and intermediaries; and professional advisors.	Identifiers; Other records; Protected classifications; Commercial information; Online activity; Employment information; and Other information.

   II. YOUR CALIFORNIA PRIVACY RIGHTS

   1. 1. Your CCPA Privacy Rights. You have certain choices regarding our use and disclosure of your Personal Information, as described below.
         1. Know: You have the right to request, twice in a 12-month period, that we provide (A) certain information about the (1) the categories of Personal Information we have collected about you, (2) the categories of sources from which the Personal Information is collected; (3) the business or commercial purpose for collecting your Personal Information; and (4) the categories of third parties with whom we have shared your Personal Information; and/or (B) the specific pieces of Personal Information we have collected, used, and disclosed about you during the past 12 months.
         2. Deletion: You have the right to request that we delete certain Personal Information we have collected from you and to tell our service providers to do the same.
         3. Correction: You have the right to request that we correct or amend certain Personal Information we maintain about you if it is inaccurate.
         4. Limit: You have the right to request that we limit the use and disclosure of Sensitive Personal Information we have collected. If Genstar collects any sensitive personal information, it will use it only for purposes listed above in Section I(c). As such, any sensitive personal information that we collect does not come within this right to limit use.
         5. Opt-out: You have the right to opt out of the sale of your Personal Information to third parties and/or the sharing of your Personal Information for certain purposes. As noted above, Genstar does not sell or share Personal Information to or with third parties.
         6. Non-Discrimination: You have the right to not experience discriminatory treatment, and we will not discriminate against you, because you have exercised any California consumer privacy rights. We do not use the fact that you have exercised or requested to exercise any CCPA rights for any purpose other than facilitating a response to your request.
      2. How to Submit a Request. You may submit a request by using one of the following methods.
         Call: 888-910-0557
         Email us: [email protected]
      3. Verifying Your Requests. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your Personal Information or complying with your request. If we are successful in validating your identity, we will respond to your request within the time and in the manner required by CCPA. If we are unable to verify your identity, we will need to deny your request. We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.
         1. Consumer Verification. If you request to know, access, delete, and/or correct your Personal Information, we may require you to provide any of the following information: address, date of birth, state or country of residence, telephone number, email address, or details of a transaction. In addition, if you ask us to provide you with specific pieces of Personal Information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose Personal Information is the subject of the request. We will use the information you submit and the information we have in our systems to try to verify your identity and to match the Personal Information we have collected about you, if any, to your identity.
         2. Authorized Agent. If you designate an authorized agent to make an access or deletion request on your behalf, we may require you to (1) provide the authorized agent written permission (e.g., via a notarized letter) to do so, and (2) verify your own identity directly with us (as described above), and confirm with us that you provided the authorized agent permission to submit the request.
      4. Additional California Privacy Disclosures
         1. Do Not Track Signals. Your browser and other mechanisms may permit you to send do-not-track signals or other similar signals via your browser settings to express your preferences regarding online tracking. Due to the lack of any standard for how do-not-track should work on commercial websites, we do not currently respond to such signals.
         2. Shine the Light Notice. California residents may request and obtain from us, once a year and free of charge, information about categories of Personal Information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided in Section II(b), above.