Privacy Policy

Smead Capital Management, Inc. (“Smead Capital”) and Smead Capital Management UK (LTD) (“Smead Capital UK”) (together, “Smead” or “we”) have adopted this Privacy Policy with recognition that protecting the privacy and security of the personal data we collect and process about our clients and prospective clients is an important responsibility. We also know that you expect us to service you in an accurate and efficient manner. To do so, we must collect and maintain certain personal data about you. We want you to know what information we collect and how we use, share and safeguard that information.

WHERE THIS PRIVACY POLICY APPLIES

This Privacy Policy applies to www.smeadcap.com and its subdomains as well as any other website or other online services in or to which this Privacy Policy is linked or referenced (collectively, the “Services”). If a particular Service has its own privacy policy or links to a different privacy policy, then that privacy policy -- not this Privacy Policy -- applies.

Our agreements with our clients may contain provisions about the collection, use, storage and disposal of information collected through the Services and offline. If a provision of a customer agreement conflicts or otherwise is inconsistent with a provision of this Privacy Policy, then the provision of the customer agreement will prevail but solely to the extent of the conflict or inconsistency.

In this Privacy Policy, to “process” personal data means to perform any operation on personal data, whether or not by automated means, such as collection, recording, organizing, storing, adapting, use, disclosure, combining, erasing or destroying.

DATA CONTROLLER

If you are an EU resident, then the data controller of your personal data under applicable law depends on whether you enter into a business relationship with Smead Capital or Smead Capital UK. If you enter into a business relationship with Smead Capital UK, then Smead Capital UK is the data controller. If you enter into a business relationship with Smead Capital, then Smead Capital is the data controller.

As data controller, Smead is responsible for deciding how to hold and use personal data about you. We may process your personal data ourselves or through others acting as data processors on our behalf. We may provide additional supplemental notifications in the future so that you are fully aware of how and why we are using your personal data. These notices should be read together with this Privacy Policy.

To process your personal data as described in this Privacy Policy, we rely on the following legal bases:

o Provide our service to you: Most of the time, the reason we process your personal data to perform the contract that you have with us.

Legitimate interests: We process your personal data when we have legitimate interests to do so. For example, we use your information to provide the products and services that you request and to market similar products and services.

o Consent: From time to time, we may ask for your consent to process your personal data for certain specific reasons. You may withdraw your consent at any time by contacting us at the address provided at the end of this Privacy Policy.

INFORMATION WE COLLECT

Information you provide to us

We collect information:

o That you provide on applications or other forms and in our communications with you or your authorized representatives, including your brokerage accounts and transactions (such as purchases, sales, account balances, inquiries, etc.);

o When you request information about our products and services; and

o If you ask us to communicate with or otherwise process information of other people, we collect the information about others that you give us in order to complete your request.

As a security measure, we may request information from you to help confirm your identity before providing access to your data.

Information we receive from others

In addition to the information you provide us directly, we receive information about you from others, including:

o Service Providers: We use third parties to help us operate and improve the Services including for data hosting and maintenance, analytics, marketing and security operations. All our service providers must adhere to confidentiality obligations that are consistent with this Privacy Policy and the agreements we enter into with them.

o Our Affiliates: Smead Capital may receive information from Smead Capital UK and vice versa.

o Social Media: When you connect with us through a social media platform, we may, depending on your privacy settings, receive some information from your social media account.

Information collected when you use the Services

When you use the Services, we use collect information about which features you’ve used, how you’ve used them and the devices you use to access the Services.

We collect information:

o Usage Information: We collect information about your activity on the Services, such as how you use them (e.g., clicks and pages which have been shown to you, referring webpage address).

o Device information: We collect information from and about the device you use to access the Services, including:

• Hardware and software information such as IP address, device ID and type, device-specific and apps settings and characteristics, app crashes, advertising IDs, browser type and language, operating system, time zones, identifiers associated with cookies or other technologies that may uniquely identify your device or browser; and

• Information on your wireless and mobile network connection, such as your service provider and signal strength.

Much of this information is collected using cookies and other data collection technology, as described below.

Other information with your consent

When you give us permission, we collect other information about you.

You are not required to provide us with any information unless and until you decide to invest or otherwise engage in a business transaction with us. If you do not provide us with certain information when requested after engaging with us, we may be limited or restricted in our ability to accept or retain you as a client.

COOKIES AND OTHER DATA COLLECTION TECHNOLOGY

The Services may use cookies, pixel tabs (also known as web beacons, flash cookies and clear GIFs) and similar technology (“Data Collection Technology”).

We use Data Collection Technology to help us improve your experience of the Services by, for example, compiling statistics about use of the Services and helping us analyze technical and navigational information about the Services and to detect and prevent fraud. We also may use other Data Collection Technology to collect information from the computer or device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone in which your computer or device is located. For more information about our use of Data Collection Technology, please see our Cookie Notice here.

We also use Google Analytics, which is a Google service that collects and aggregates information about use of the Services and reports website trends. Google Analytics does not directly identify individual users. You can learn about Google’s practices and opt out by visiting www.google.com/settings/ads or by downloading the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout.

Your Control of Cookies

Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer, tablet or mobile device. You also may be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. Although you are not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.

You can opt out of seeing online interest-based advertising from participating companies through the US Digital Advertising Alliance, European Interactive Digital Advertising Alliance, Digital Advertising Alliance of Canada and the Network Advertising Initiative.

Opting out does not mean you will not see advertising - it means you will not see personalized advertising from the companies that participate in the opt-out programs. Also, if you clear your cookies, you need to opt-out again.

Our Policy on Do Not Track Signals

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including Smead, do not respond to DNT signals.

HOW WE USE INFORMATION

How we use information depends on how you use the Services. We use information:

• To evaluate and assess pre-investment steps such as eligibility, due diligence and establishing preferred investment strategies.

• For Business development and marketing activities related to investments we believe to be of legitimate interest to you. You may opt-out of receiving marketing emails at any time by clicking the unsubscribe link in the footer of the email.

• For operating and improving our website and your customer experience.

• To open, manage, administer and service your account.

• To carry-out anti-money laundering checks or any other related required legal obligations.

• To report tax-related information as required by law.

• To disclose information to third parties as required by law, such as service and technology providers, legal advisors, auditors and regulatory authorities.

• For complying with obligations provided by laws, current regulations and European legislation (e.g. tax regulations), and where processing is based on a legal obligation.

• To maintain our records to conduct our business.

• Analyze data to better understand and design countermeasures against fraudulent activities.

• Comply with legal requirements.

• Assist law enforcement.

• Enforce or exercise our legal rights.

HOW WE SHARE INFORMATION

We share information as follows:

o With our service providers and partners
We use third-party service providers to help us operate and improve the Services. These third parties assist us with data hosting and maintenance, analytics, customer care, marketing, payment processing and security operations. All of our service providers must adhere to confidentiality obligations that are consistent with this Privacy Policy.

o With our affiliates
We may share your information with our affiliates to help us with technical processing operations, such as data hosting and maintenance, customer care, marketing and targeted advertising, better understanding how our service is used and users’ behavior to improve our service, securing our data and systems, fighting against spam, abuse, fraud and intellectual property infringement.

o For corporate transactions
We may transfer your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.

o When required by law
Applicable law may require us and our service providers to disclose your information if: (i) reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements; or (ii) necessary for the prevention or detection of crime (subject in each case to applicable law).

o To enforce legal rights
We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.

o With your consent or at your request
We may ask for your consent to share your information with third parties. When we do, we will make clear why we want to share the information.

We may also use and share information that, by itself, does not identify who you are (such as device information, general demographics or general behavioral data). We may share this information with third parties to analyze and we may combine this information with additional non-personal information collected from other sources.

SECURITY OF YOUR INFORMATION

We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal data to those employees who need to know that information to service your account.

Although Smead takes precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal data.

CROSS-BORDER DATA TRANSFERS

Our processing of your information sometimes involves cross-border data transfers, including from the European Economic Area (“EEA”) to countries outside of the EEA. We use standard contract clauses approved by the European Commission or other suitable safeguard to permit personal data transfers from the EEA to other countries. Standard contractual clauses are commitments between companies transferring personal data, binding them to protect the privacy and security of your data.

HOW LONG WE RETAIN YOUR PERSONAL DATA

We will retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

o The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you have an account with us or keep using the Services).

o Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).

o Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)

YOUR CHOICES ABOUT YOUR PERSONAL DATA

If you would like to review, correct, update, suppress, restrict or delete personal data that you have previously provided to us, or if you would like to receive an electronic copy of your personal data for purposes of transmitting it to another company (if this right to data portability is provided to you by law), please contact us at info@smeadcap.com.

In your request, please make clear what personal data you would like to have changed, whether you would like to have your personal data suppressed from our database or other limitations you would like to put on our use of your personal data. For your protection, we only fulfill requests when received from the email address associated with your account. We may need to verify your identity before fulfilling your request. Please note that we often need to retain certain information for recordkeeping purposes and/or to complete any transaction that you began prior to requesting a change or deletion. We also may not allow you to review certain data for legal, security or other reasons.

If at any time you believe that we have not adhered to this Privacy Policy, please let us know. We will use good faith efforts to determine and correct the problem.

If you are an EEA resident, you have the right to lodge a complaint with a data protection authority about how we process your personal data.

RESIDENT OF CALIFORNIA?

If you are a California resident, you can request a notice disclosing the categories of personal information about you that we have shared with third parties for their direct marketing purposes during the preceding calendar year. To request this notice, please submit your request by email to info@smeadcap.com with the words “California Resident Request” in the subject line. Please include your name and address in the body of the email. Please allow 30 days for a response.

CHANGES TO THIS PRIVACY POLICY

The Effective Date at the top of this page indicates when this Privacy Policy was last revised. Unless we are not able to do so, we will notify you at least five business days in advance before any material change takes effect so that you have time to review the changes. Any change is effective when we post the revised Privacy Policy. Your use of the Services following these changes means that you accept the revised Privacy Policy.

HOW TO CONTACT US

Smead Capital Management
600 University Street, Suite 2412
Seattle, WA 98101
877.701.2883

Smead Capital Management (UK) Ltd.
23 Austin Friars
London EC2N 2QP
United Kingdom
+44 (0)20.8819.6490

info@smeadcap.com