Privacy Policy

HERIZON PARTNERS

Effective Date: May 2026 | Last Updated: May 2026

INTRODUCTION

This Privacy Policy governs the manner in which Herizon Partners ("Company," "we," "us," or "our") collects, uses, maintains, and discloses information collected from users (each, a "User") of the https://www.herizonpartners.com/ website ("Site") and all products and services offered by Herizon Partners. This Policy has been updated to reflect applicable federal and state privacy laws in effect as of its Effective Date, including but not limited to the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Personal Data Privacy and Online Monitoring Act (CTDPA), and other applicable state privacy statutes.

1. INFORMATION WE COLLECT

A. Personal Identification Information

We may collect personal identification information from Users in a variety of ways, including but not limited to when Users visit our Site, register an account, subscribe to our newsletter, fill out a form, or engage with other activities, services, features, or resources we make available. We may collect:

· Name, email address, mailing address, and phone number

· Financial information (e.g., payment card or bank account details) as necessary to process transactions

· Government-issued identifiers where required by law (e.g., for investor accreditation verification)

· Professional or employment-related information

· Inferences drawn from any of the above to create a profile about your preferences or characteristics

Users may visit our Site anonymously. We collect personal information only when voluntarily submitted. Refusing to supply certain information may prevent Users from engaging in specific Site-related activities.

B. Sensitive Personal Information

To the extent we collect information that qualifies as "sensitive personal information" under applicable law (e.g., precise geolocation, financial account credentials, or government ID numbers), we collect such information only as strictly necessary to provide the services requested and do not use or disclose it for purposes beyond those described in this Policy or otherwise permitted by law. California residents have the right to limit our use and disclosure of sensitive personal information (see Section 7).

C. Non-Personal Identification Information

We may automatically collect non-personal information whenever Users interact with our Site. This may include browser type and version, device type, operating system, internet service provider, pages visited, time spent on pages, referring URLs, and similar technical data.

D. Categories of Sources

We collect personal information from the following categories of sources:

· Directly from Users (e.g., forms, registrations, email inquiries)

· Automatically through cookies, web beacons, and similar tracking technologies

· Third-party service providers (e.g., payment processors, analytics partners)

· Publicly available databases or government records (e.g., accreditation verification)

· Business partners and affiliates

2. COOKIES AND TRACKING TECHNOLOGIES

Our Site may use cookies, web beacons, pixel tags, and similar technologies to enhance User experience and collect usage data. Cookies may be session-based (deleted when you close your browser) or persistent. We use strictly necessary cookies, functional cookies, analytics cookies, and, where applicable, targeted advertising cookies.

You may set your browser to refuse cookies or to alert you when cookies are being sent. Certain parts of the Site may not function properly if cookies are disabled. Where required by applicable law (including California's CPRA and state laws requiring opt-out mechanisms), we honor browser-based universal opt-out signals such as the Global Privacy Control (GPC). We do not use automated decision-making or profiling technologies that produce legal or similarly significant effects without your consent or a legally recognized basis under applicable law.

3. HOW WE USE YOUR INFORMATION

We collect and use personal information for the following business and commercial purposes:

· Providing Services: To process transactions, manage accounts, and deliver products and services you request.

· Personalization: To understand how Users interact with our Site and tailor content to their interests.

· Site Improvement: To analyze usage patterns, conduct research, fix bugs, and improve our products and services.

· Marketing & Communications: To send periodic emails, newsletters, or promotional materials where you have opted in. You may opt out at any time via the unsubscribe link in any email.

· Legal Compliance: To comply with applicable laws, regulations, court orders, and governmental requests, including anti-money laundering (AML) and know-your-customer (KYC) obligations.

· Security & Fraud Prevention: To detect, investigate, and prevent fraudulent transactions or other illegal activity and to protect the rights and safety of our Users and the Company.

· Investor Relations: To communicate with prospective and current investors regarding fund activities, performance, and regulatory disclosures.

· Aggregate Analytics: To produce aggregated, de-identified statistical data for internal business analysis—data in this form is not subject to this Policy.

We will not use personal information collected for one purpose to carry out materially different, incompatible, or unexpected processing without providing notice and, where required, obtaining your consent.

4. SHARING YOUR INFORMATION

We do not sell, rent, or trade your personal information for monetary consideration. However, we may share your information in the following limited circumstances:

· Service Providers: Third-party vendors who assist with payment processing, IT infrastructure, email delivery, analytics, and similar operational functions, subject to confidentiality obligations.

· Professional Advisors: Attorneys, accountants, auditors, and other advisors under duties of confidentiality.

· Regulatory & Legal Authorities: Government agencies, regulators, or courts where disclosure is required by law, including the SEC, FINRA, or other applicable regulators.

· Business Transfers: In connection with a merger, acquisition, sale of assets, or other corporate transaction, with appropriate notice to affected Users.

· With Your Consent: For any other purpose disclosed to you at the time of collection, with your prior consent.

· Aggregated/De-identified Data: We may share aggregated demographic information not linked to personal identifiers with partners, affiliates, and advertisers.

Where we share information with third-party service providers, we require them to implement appropriate technical and organizational safeguards and to use the information only for the purposes for which it was shared, consistent with this Policy and applicable law.

5. DO NOT SELL OR SHARE / TARGETED ADVERTISING OPT-OUT

Although we do not sell personal information for money, certain disclosures to third-party advertisers or analytics providers may constitute a "sale" or "sharing" for cross-context behavioral advertising under the CCPA/CPRA or "targeted advertising" under other state privacy laws. Where such activities occur, we provide the following opt-out mechanisms:

· California Residents: You may opt out of the sale or sharing of your personal information by contacting us at privacy@herizonpartners.com or by submitting a request through our website's "Do Not Sell or Share My Personal Information" link.

· Other State Residents (CO, CT, VA, TX, OR, MT, IN, KY, RI, and others): You may opt out of targeted advertising by using the same contact information above.

· Global Privacy Control (GPC): We honor GPC signals as a valid opt-out request for applicable residents.

6. HOW WE PROTECT YOUR INFORMATION

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

· SSL/TLS encryption for all data transmitted between your browser and our Site

· Encrypted storage of sensitive data at rest

· Access controls limiting information access to authorized personnel on a need-to-know basis

· Regular security assessments and penetration testing

· Incident response and data breach notification procedures consistent with applicable state breach notification laws

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you as required by applicable state breach notification laws.

7. YOUR PRIVACY RIGHTS

Depending on the state in which you reside, you may have some or all of the following rights with respect to your personal information:

· Right to Know / Access: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, the business purposes, and the categories of third parties with whom we shared it.

· Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions (e.g., completing a transaction, legal obligations).

· Right to Correct: Request correction of inaccurate personal information we maintain about you.

· Right to Data Portability: Receive a copy of your personal information in a portable, readily usable format (where technically feasible).

· Right to Opt Out of Sale / Sharing / Targeted Advertising: As described in Section 5.

· Right to Opt Out of Profiling: Opt out of profiling in furtherance of decisions that produce legal or similarly significant effects (available to residents of CO, CT, VA, OR, TX, and others).

· Right to Limit Use of Sensitive Personal Information: Direct us to limit the use and disclosure of sensitive personal information to what is necessary for providing requested services (California residents).

· Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights—we will not deny goods or services, charge different prices, or provide a different level of quality solely because you exercised a right.

· Right to Appeal: If we deny your privacy rights request, you may appeal our decision by contacting privacy@herizonpartners.com. We will respond to appeals within the timeframe required by your state's law.

To exercise any of the above rights, please submit a verifiable consumer request by using the contact information in Section 11.

8. DATA RETENTION

We retain personal information only as long as necessary to fulfill the purposes outlined in this Policy, to comply with applicable legal and regulatory obligations (including SEC and FINRA recordkeeping requirements for investment-related data), to resolve disputes, and to enforce our agreements. When personal information is no longer required, we securely destroy or de-identify it.

9. CHILDREN'S PRIVACY

Our Site and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at so that we may delete that information. We comply with the Children's Online Privacy Protection Act (COPPA) and, where applicable, the California Age-Appropriate Design Code (CAADC).

10. THIRD-PARTY WEBSITES

Our Site may contain links to third-party websites, including those of partners, suppliers, sponsors, and advertisers. We do not control those websites and are not responsible for their content, privacy policies, or practices. We encourage you to review the privacy policy of any third-party site you visit. Browsing or interacting with any third-party website is subject solely to that website's own terms and policies.

11. USE OF ARTIFICIAL INTELLIGENCE (AI) ON OUR SITE

We may use artificial intelligence (AI) and automated decision-making technologies on our Site and in connection with our services. In the interest of transparency, and consistent with California's CPRA automated decision-making disclosure regulations (effective January 1, 2026), Colorado's AI Act (effective February 1, 2026), and related state-level requirements, we provide the following disclosures:

A. How We Use AI

AI tools and technologies may be used for one or more of the following purposes:

· Site functionality and user experience: AI-powered features such as chatbots, virtual assistants, or intelligent search may be used to respond to inquiries and improve navigation.

· Analytics and personalization: We may use AI to analyze how Users interact with our Site and to personalize content, communications, or investment-related information presented to you.

· Fraud detection and security: Automated systems may monitor activity on our Site to detect suspicious behavior, unauthorized access, or potential fraud.

· Document and data processing: AI tools may assist in reviewing documents, processing forms, or analyzing data submitted by Users in connection with our services.

· Marketing: AI may assist in determining which content or communications may be relevant to you based on your interactions with our Site.

B. AI-Generated Content

In accordance with California's AI Transparency Act (SB 942) and similar state disclosure requirements, we will disclose when material content published on our Site or sent to you has been substantially generated by AI tools. AI-generated content will be labeled as such where required by law.

C. Third-Party AI Tools

We may utilize third-party AI platforms and APIs (such as large language model providers or analytics services) to power certain features. Where such tools process your personal information, we require contractual commitments from those providers consistent with applicable privacy law.

12. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will post a prominent notice on the main page of our Site and update the "Last Updated" date at the top of this Policy.Your continued use of the Site following the posting of changes constitutes your acceptance of those changes. We encourage you to review this Policy periodically.

13. CONTACTING US

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data practices, please contact us at:

Herizon Partners

1968 S. Coast Hwy #5035

Laguna Beach, CA 92651

https://www.herizon-partners.com/

katelen@herizonpartners.com

We will respond to all legitimate inquiries within the timeframes required by applicable law.