Personal Data Protection Policies

This document describes the general policy for the protection of personal data of the Dadev Group.

Our Commitments

All operations involving your personal data are carried out in compliance with current regulations, particularly Regulation (EU) 2016/679 of April 27, 2016, or the General Data Protection Regulation.

The Dadev Group, as the data controller, adheres to the following principles:

• your personal data is used solely for explicit, legitimate, and specified purposes related to our various businesses,
• only the personal data that is necessary is collected,
• we do not retain your personal data beyond the duration necessary for the operations for which they were collected, or as specified by regulations,
• we only share your personal data with intermediaries, Dadev Group companies, partners, service providers, or authorized professional organizations who require it for our activities,
• we provide you with clear and transparent information, particularly about the purpose of using your personal data, the optional or mandatory nature of your responses in forms, and your rights regarding data protection.

Who collects your personal data (identity of the data controller)?

Unless otherwise specified, the data controller is indicated in the data collection form.

Collection of Personal Data

The term 'personal data' refers to any information relating to an identified or identifiable natural person, directly or indirectly, by reference to an identification number or one or more elements specific to them.

When one of the companies in the Dadev Group collects your personal data, this collection is carried out fairly and transparently through the presence of information or references to this Policy.

Each form will specify the personal data that may be collected and processed by one of the companies of the Dadev Group for the declared purposes.

Personal data may be collected, and this list is not exhaustive:

> Through forms published on the websites of Dadev Group companies:

• subscription to our newsletters,
• sending emails via our contact forms,
• submission of CVs through the recruitment form,
• etc.

> Through the collection of personal data when a contract or service is established, or during its execution and the management of associated services, during customer satisfaction surveys, etc.

Regardless of the collection method, the mandatory nature of the responses is indicated in the forms. If you do not wish to provide such information, you may not be able to access certain services or features. Other information is intended to better understand you and is therefore optional.

During the collection of personal data, you are solely responsible for the legal consequences arising from any false statements or omissions on your part.

Use of Your Data

Your personal data is only used for the purposes specified in the input forms.

The Dadev Group undertakes to process only personal data that is adequate, relevant, and not excessive in relation to the purposes for which it is collected.

Dadev Group companies are legally required to verify that your personal data is accurate, complete, and, if necessary, up to date. We may contact you to verify this or may need to complete your file.

Recipients and Subcontracting

Your personal data will only be communicated to authorized personnel of the Dadev Group.

The Dadev Group may use subcontractors (any company or legal entity that processes personal data according to the data controller's instructions) for the processing of all or part of the personal data to the extent necessary to fulfill their services.

The Dadev Group undertakes not to sell, rent, or transfer your personal data to third parties without your consent.

The Dadev Group may transmit your personal data without your prior consent in order to comply with a legal or regulatory requirement or at the request of an authorized third party for the provision of personal data.

The Dadev Group has established a dedicated policy and governance for the protection of personal data.

Protective Measures

The Dadev Group undertakes to implement technical and organizational measures to provide reasonable assurance that the personal data it processes is appropriately protected, particularly in terms of risks and impacts on privacy, in accordance with applicable law.

These measures ensure that your data will not be damaged, deleted, or accessed by unauthorized third parties.

Control of Data Transfers

Personal data is stored within the territory of the European Union and is not transferred outside the European Union. If applicable, for recipients located outside the European Union, we make every effort to ensure strict control of transfers, limiting them to countries listed by the European Commission as providing sufficient data protection or to recipients complying with European regulations.

The Dadev Group processes and retains personal data in a secure environment for the duration necessary to achieve the purposes for which it was collected. The retention period is specified in the collection form and in the specific Terms of Use of the relevant forms.

You have the following rights:

• to access your personal data,
• to request correction in case of errors or completion,
• to request deletion,
• to request restriction of processing,
• to request data portability,
• to object to processing, and
• to define directives regarding the fate of your data after your death.

To exercise your rights, please refer to the 'Contact' section below and include a copy of a valid identification document (identity card or passport) with your request.

You are required to comply with the provisions of the law on information technology, files, and freedoms, the violation of which is subject to criminal penalties.

You must, in particular, refrain from collecting, processing, or misusing personal data and, in general, from any act that may infringe upon the privacy or reputation of individuals.

A cookie is a small text file stored by your computer, tablet, or phone's browser that allows us to track your visit. We use cookies on the Dadev Group's websites to provide you with a better, personalized, and secure browsing experience during the validity or registration period of said cookie.

For your information, some cookies are essential for using the site, while others optimize and personalize displayed content. Cookies are placed by the Dadev Group or by third parties.

If you have not configured your browser to accept this type of file, you will not have access to all the features of the Dadev Group's sites.

The Dadev Group's websites may use the 4 categories of cookies below, the purposes of which are described below:

> Statistical and Audience Measurement Cookies (Google Analytics)

They allow us to optimize the site, resolve bugs, improve the quality of our services, and measure the audience. The data collected anonymously by this type of cookie includes:

• where a user comes from (search engine, search keywords, link);
• the number of visits for each user, and the date of the first visit, the previous visit, and the current visit;
• how long the user stays on the Site (when a visit starts and approximately when it ends);
• the pages you view and the information you search for or download, including, but not limited to, location data, weblogs, and other communication data;
• information about your computer (including your IP address), connections, operating system, browser.

The use of these cookies does not allow the identification of individuals. When this information concerns you or may identify you, we will treat it as personal data. Therefore, the collected personal data is not cross-referenced with other personal data processing.

> Preference Cookies

They allow us to help your browser remember you, such as:

• the language you prefer,
• your communication preferences, etc.

By using the Dadev Group's websites and checking the 'Ok, I understand' box, you consent to the placement of cookies as described above on your computer/smartphone/tablet in accordance with this document (checkbox for certain cookies).

The expiration date of these cookies is a maximum of one year from their first insertion.

If you prefer not to receive these cookies, you can choose to disable them at any time by changing your browser settings. You can accept or refuse them on a case-by-case basis or refuse them systematically once and for all. We draw your attention to the fact that limiting their use may result in a degradation of navigation on the Dadev Group's websites (certain features may no longer work).

The configuration of each browser is different and is described in the browser's help menu, which will allow you to know how to modify your cookie preferences.

This Policy may be amended, supplemented, or updated in order to comply with any legislative, regulatory, jurisprudential, or technical developments.

Our goal is to communicate our Policy to you and to regularly inform you of any changes made to this Policy so that you are always fully informed about how we protect your personal data.

To exercise your rights, or if you have questions or complaints regarding this Personal Data Protection Policy, or if you wish to provide recommendations or comments, contact us by email at [email protected] or in writing to the following postal address: 11 VILLAGE DE LA COQUERIE, 50480, SAINTE-MÈRE-ÉGLISE, FRANCE.