Privacy Policy - B Drapes

The Company with “BDRAPES” with d.t. Bdrapes”, based at 20 Xenofontos 20, 16672 (hereinafter “the Company”) wishes to be an exemplary corporate citizen and demonstrate the sensitivity and care it displays in the handling and security of the personal data of customers, suppliers and of its employees, which it processes for its operation and the execution of its corporate purposes.

Our Company strives to conduct its business actions in accordance with privacy principles, as we believe they demonstrate our unwavering commitment to ethical and responsible practices. We recognize that innovation and new technologies lead to constant changes in risk, expectations and legislation, which is why we follow privacy accountability standards and aim to adapt how we apply them in a timely manner in response to these changes.

This Policy sets out our standards for the management and protection of Personal Data from or on behalf of our company, which originates, directly or indirectly, from any country in the European Economic Area (EEA), and Switzerland and is transferred to any other country, including transfers between EEZ countries. They apply to our operations in each country, to any activity involving information about individuals that we conduct in each of our subsidiaries and in each sector (including any successors to our business),including, but not limited to, research, production, commercial activities, corporate support and data transfers necessary to carry out the above activities, including, but not limited to:

• Commercial activities: evaluating purchases regarding our products / advertising, marketing, selling, distributing and delivering our products / communicating with our customers and other end users of our products / sponsoring and conducting events / evaluating and encouraging our partners to support our commercial activities / compliance with relevant legal, regulatory or ethical requirements.

• Corporate support: recruiting, hiring, managing, developing, communicating with, and compensating employees / providing benefits to employees and their protected family members / conducting employee performance and talent evaluations / providing training and other training and development programs / conducting disciplinary proceedings and handling employee complaints / handling ethics and privacy concerns and conducting investigations/ managing and securing our physical and virtual assets and infrastructure / procuring and paying for products and services / fulfilling our environmental, health and safety and corporate responsibility commitments / communicating with the media / and complying with relevant legal, regulatory or ethical requirements.

This Policy also applies to all individuals whose data we process, including but not limited to customers, candidates, current and former employees and their dependents, partners, investors and shareholders, and other stakeholders.

All Company Employees and Management staff have important responsibilities regarding the protection of privacy which they must comply with. We recognize that inadvertent errors and misjudgment regarding data protection can cause risks to individuals’ privacy and risks to our Company’s reputation, processes, compliance and finances. Every employee of the Company, and other persons who process data for our company, are responsible for understanding and complying with their obligations towards this Policy and existing laws.

Our Values and Privacy Standards We uphold our privacy values in everything we do that involves people, including how we apply privacy standards. The four privacy values include:

Respect We recognize that privacy concerns often relate to fundamental questions of who we are, how we see the world, and how we define ourselves. Thus, we try hard to respect the perspectives and interests of individuals and communities and to be fair and transparent in how we use and share information about them.

Prevent damage We understand that the misuse of information related to people can create tangible and intangible harm to individuals, and so we strive to prevent physical, financial, reputational or other privacy-related harm.

Compliance We have learned that laws and regulations do not always keep pace with rapid developments in technology, data flow and associated changes in privacy risks and expectations. So we strive hard to comply with the spirit and regulations of privacy and data protection laws in a way that demonstrates consistency and operational adequacy for our business actions globally.

1. Necessity – Before collecting, using or distributing Personal Data, we determine and record the specific, legitimate business purpose for which it is necessary.

2. Fairness – We do not process Personal Data in ways that are unfair to the persons to whom the data concern.

3.Transparency – We do not process Personal Data in ways or purposes that are not transparent.

4.Purpose Limitation – We use Personal Data only in accordance with the principles of Necessity and Transparency.

5. Data Quality – We keep Personal Data accurate, complete and up-to-date, and consistent with its intended use.

6.Security – We incorporate security safeguards to protect Personal Data and Sensitive Data from loss, misuse, and unauthorized access, disclosure or destruction.

7. Transfer of Data – We are responsible for maintaining the security and privacy of Personal Data when it is transferred to or from other organizations or across national borders