ENVIALIA WORLD, S.L. hereinafter ENVIALIA, in compliance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, informs you that your data are part of a file detailed throughout the following privacy policy. You declare that the information and data you have provided are accurate and truthful. ENVIALIA reserves the right to exclude from the services those data subjects who have provided false information, without prejudice to the initiation of legal action. You will be solely responsible for any false or inaccurate statements made and for the damage caused to ENVIALIA or third parties. If, by means of a form, email or other means, you provide us with personal data of other people, we warn you that you must do so with their consent and have informed them, in advance, of the legal points contained in this Privacy Policy. Likewise, ENVIALIA undertakes to provide any third party, whose data we provide, with pertinent information, in accordance with the provisions of Article 14 of the General Regulation. In addition, if you have any questions or suggestions, you can always contact us email (legal@envialia.com), phone (91 655 76 05) or post to Av. Suiza 2, 28821 – COSLADA (MADRID). We would be happy to assist you. Data controller: ENVIALIA con C.I.F. B-83115402 – Avenida Suiza 2, 28821 – COSLADA (MADRID). – 91 655 76 05 Purpose of the Processing:

1. The realisation and control of the contracted courier services.
2. To ensure the data of the Service to be provided are kept up-to-date. This includes changes in the status of the shipments, the management of incidents or changes in the recipient's data, always under the instructions of the service requester (who provides the data collected in the database).
3. To keep service users informed of the progress and status of their shipments.
4. The sending of satisfaction survey forms, which the user is not obliged to answer (only to direct customers of ENVIALIA).
5. To process requests for information on shipments, complaints and claims and congratulations from users received by Customer Service.
6. To deal with the requests of users to be a customer of the Envialia Network (made up of ENVIALIA and the participating service centres).
7. To handle requests from users to create an account in the MyEnvialia tool.
8. To communicate offers, improvements and incorporation of services to users who have given their authorisation to receive information campaigns on improvements and service expansion, or to get ENVIALIA followed on social networks.

ENVIALIA is present on social networks and facilitates for users the possibility of communicating through different means of social communication. The processing of data of people who become followers, establish a link with or are connected with ENVIALIA through social networks or the means of communication placed at their disposal, shall be governed by: - This privacy policy. - The privacy policy described on the Envialia website and its terms of use. - The privacy policies and other regulations for access, use and similar of the corresponding social network or media. The user of these social networks must be aware of them and have previously accepted them. ENVIALIA will process the data of the users that it receives through these social networks to: - Properly manage their presence on the corresponding social network. - Publicise ENVIALIA news and its products and services. - Carry out promotional campaigns through each social network. ENVIALIA also makes use of statistics from the www.envialia.com website in order to analyse how users use our website. Commitments: ENVIALIA undertakes not to collect unnecessary information about users of the service, whether they are senders or recipients shipments, to diligently handle the personal information that they provide and to comply with the obligation of secrecy at any stage of the data processing. ENVIALIA has adopted the legally required security levels for personal data protection, and has installed all the means and technical measures at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of personal data provided to ENVIALIA. Legitimacy of processing: The justification of legitimacy is specified below for each of the purposes described: - The contractual relationship of ENVIALIA with the Cargo Service Centres (purposes A and B): The Cargo Service Centre is the agency that incorporates the shipment to the ENVIALIA Computer System to start the process of providing the service. This agency acts as a customer of ENVIALIA, and must have a contractual relationship with its customer (end customer) who is the one requesting the service and provides the necessary data for the Service to be carried out. In the event that the end customer provides data from a third party, they must ensure that they have their prior authorisation, ENVIALIA shall not being held liable for the possible legal consequences of failure to comply with said prior condition, with the end customer being responsible for said responsibilities. - In compliance with the applicable regulations: Commercial Code RD 22 of 1885; Royal Decree 1619/2012 by which the billing obligations are regulated (purposes A and B). - The legitimate interest of the company to provide the best service to the users of the service and to keep them informed of the shipment(s) status (purpose C), as well as the explicit consent of the data subject when requesting such information through the corresponding customer service section on the Envialia website (purpose E). - The legitimate interest to know the degree of satisfaction of users of the services for the continuous improvement of the company’s processes (purpose D). - The legitimate interest of ENVIALIA to market its services and inform users who follow the company on Social Networks of the new services offered, including offers and promotions, always faithful to the exercise of our activity (purpose H). - Explicit consent of the owners. When personal data reach Envialia and are not covered by the previous legitimisation assumptions (purpose F and G). In this case, the data subject must send us their application in the forms established, either on the website www.envialia.com, or through www.myenvialia.com, or the envialianetcon application, with the necessary data for us to study or inform them of the services offered by accepting this policy, which grants us their consent to process the data provided for the purpose described above. When the user has given their consent and there is no legal or contractual condition prevention, they can withdraw their consent through the email address and postal address mentioned above. The personal data required will be the minimum necessary to offer the required services or information. Processing of the data will be limited to the purposes described and in case ENVIALIA wishes to process the data for a different purpose, it will request prior authorisation. In case of inaccuracy or lack of the data provided, this may not be able to meet requirements, or cause non-compliance with legal or contractual requirements, the data subject who provides the data being the one responsible for legal consequences resulting therefrom. Data recipients: Are: - ENVIALIA WORLD - Data controllers: These are the parties that ENVIALIA has hired to help us in the provision of services: oThe provider that manages the servers and the Shipment Management program, which also performs the technical service and its backup copies. oHosting provider for the Envialia computer system and email manager. oThe provider that manages the MyEnvialia.com tool. oThe collaborating companies of ENVIALIA necessary for the provision of the service. These include transporters, distributors and collaborating agencies of ENVIALIA. oInsurance companies when necessary to provide information in the event of an incident. oBanks and financial institutions when necessary for the payment or charge of any amount according to the contractual conditions of the service. ENVIALIA follows strict selection criteria for service providers in order to comply with its obligations regarding data protection, in accordance with the standards of Regulation (EU) 2016/679 and undertakes to sign the corresponding data processing contract with them, through which it will impose, among others, the following obligations: apply appropriate technical and organisational measures; process the personal data for the agreed purposes and taking into account only the documented instructions of ENVIALIA, and delete or return the data once the provision of services has concluded. - Public administrations: In accordance with the applicable legal and regulatory provisions, ENVIALIA may disclose to the competent Public Authorities the personal data and any other information that is available and required. Conservation: ENVIALIA will process the personal data as long as they are necessary for the management of the purposes described and listed above (and the user has not requested their erasure or cancellation) and for the periods required by current legislation for the fulfilment of its obligations (6 years plus the current year, according to the commercial code for customers and suppliers). After this period, the data will be stored in computerised form unless the data subject exercises their rights of Correction, Cancellation, Erasure or Opposition. In the event that there is no specified legal requirement (for example, requests from potential customers) the data will be kept until no longer necessary for the purposes described, or the customer requests their removal or cancellation. In the event that the user revokes their consent to process their data or requests cancellation thereof (provided that they have said right in accordance with the regulations), ENVIALIA will proceed to block them to avoid processing said data. Once blocked, their data will be inaccessible, and will not be processed, except for making it available to Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the processing, as well as for the exercise and defence of claims before the Spanish Data Protection Agency. ENVIALIA undertakes to keep and store the personal data that users provide us with in a confidential manner, guaranteeing its security and avoiding access by unauthorised third parties. Rights: Anyone has the right to obtain confirmation on whether or not ENVIALIA WORLD, S.L. is processing their personal data. Likewise, the following rights are recognised:

Right	Your rights	How to exercise them
Access	You can ask us about your data that we have in our files and how we process it.	By letter: For the attention of the Data Controller ENVIALIA WORLD, S.L. Avenida Suiza 2, 28821 – COSLADA (MADRID) By email: legal@envialia.com To exercise any of these rights, you must include the following information: name and surname, address for notification purposes, ID, passport or other document proving identity and your specific request. When contacting us by email, you must use the email address you used to register in our system, and you must also provide the documents indicated in the previous paragraph.
Correction	You can ask us to modify your data in our files to keep them updated.
Erasure	You can request that your data be deleted, stating your refusal or opposition to the consent for the processing of your data and there is no statutory obligation preventing this.
Limitation	You can request a limitation of the data use, in which case you must specify the uses you do not want your data to be used for.
Opposition	For reasons related to your particular situation, you may object to the processing of your data. In that case, ENVIALIA will stop processing the data, except for compelling legitimate reasons, or when the exercise or defence of possible claims prevents it.
Portability	The personal data that you have provided us for our service can be sent to you in electronic format, or we can send them to the companies that you specify.
Consultations, observations and complaints	The data subject may revoke consent to process their data without affecting the legality of the processing based on the prior consent. If you would like to ask us about how we process your data, or you would like to raise any query with us, or you believe we have not acted according to the data protection regulations, you can write to us (legal@envialia.com”> legal@envialia.com) without prejudice to the fact that the data subject can submit a claim to the Spanish Data Protection Agency (www.agpd.es).

Exercise of these rights is completely free Once the request is received, ENVIALIA will analyse whether all the necessary information has been provided for its processing, as well as the legitimacy and pertinence of the request. In the event that it is not pertinent or that, in the specific case, exercise of the requested right cannot be granted, the data subject shall be informed so that they may bring the corresponding claims. This exercise of rights will always be carried out within the legally established deadlines (Art. 12(3) of Regulation (EU) 2016/679) which establishes a period of one month from receipt of the request, except where necessary, taking into account the complexity and number of the requests, this period is extended as described in said article. In any case, the user will receive a notification in this respect within that period. EXTENSION OF LIABILITY We offer you the possibility of extending the liability established in the Land Transport Act (LTOL) for damages, losses and/or breakdowns suffered by goods during transportation up to €16.00 per billed kg. Check the conditions at your Envialia service centre. OPTIONAL DECLARED VALUE INSURANCE Envialia provides you with the option of taking out additional insurance to cover the loss, theft at destination or breakage of your shipment, paying a percentage of the declared value. For the insurance payment, the purchase invoice value will be taken into account, as well as the possible depreciation of the insured item. There is no insurance payment for lost profits, non-material damage, commercial losses for unperformed sales, exchange differences, among others. The "Optional Insurance" can be taken out as additional insurance for national and international shipments. Uninsurable goods Such as, for example: Living beings, perishable products. Money in cash, securities coupons, bank notes, negotiable or banking instruments and papers. Plane, train, or lottery tickets. Bank cards, pre-paid telephone cards. Dangerous goods and articles (corrosive, inflammable, explosive, poisonous, radioactive, infectious items, etc.). Cold chain products. Fine metal jewellery, precious stones, real pearls, flat glass panes. Commercial samples. Works of art. Goods with insufficient packing or packaging. Goods for repair. Documents or photocopies of any kind. Press in any of its varieties. Loss of integrity: When an insured loss occurs in a piece that is part of a set or collection, the amount to be paid in the event of a claim will be limited exclusively to the value of said piece, without any amount being claimed for loss of value or loss of integrity.

ENVIALIA WORLD, S.L. hereinafter ENVIALIA, in compliance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, informs you that your data are part of a file whose information is described throughout the following privacy policy. You declare that the information and data you have provided are accurate and truthful. ENVIALIA reserves the right to exclude from the services those interested parties who have provided false information, without prejudice to the initiation of legal action. You will be solely responsible for any false or inaccurate statements made and for the damage caused to ENVIALIA or third parties. If, by means of the Online System, email or other means, you provide us with personal data of other people, we warn you that you must do so with their consent and have informed them, in advance, of the legal points contained in this Privacy Policy. Likewise, ENVIALIA undertakes to provide any third party, whose data we provide, with pertinent information, in accordance with the provisions of Article 14 of the General Regulation. In addition, if you have any questions or suggestions, you can always contact us by email (legal@envialia.com), by phone (91 655 76 05) or writing to us at Av. Suiza 2, 28821 – COSLADA (MADRID). We would be happy to assist you. Data controller: ENVIALIA con C.I.F. B-83115402 – Avenida Suiza 2, 28821 – COSLADA (MADRID). – 91 655 76 05 Purpose of the Processing: A) To achieve and maintain the commercial relations between ENVIALIA and its customers, with respect to the marketed products and services, which implies being able to respond to their requests for products and services. B) To provide the courier and transport services contracted by the users of the Envialia Network to the Service Centres and issuing centres. C) To carry out a control of services performed by third parties on behalf of ENVIALIA. D) To provide information about the services supplied by ENVIALIA as well as the incorporation of new products and services similar to those currently marketed. E) To maintain commercial relationships with suppliers of products and services. F) To keep registered data up-to-date. G) The sending of satisfaction survey forms, which the user is not obliged to answer. ENVIALIA also makes use of statistics from the www.envialia.com website in order to analyse how users use our website. ENVIALIA is present on social networks and, in addition to these, it provides users with the possibility of communicating through different means of social communication. The processing of the data of people who become followers, establish a link or connect with ENVIALIA through social networks or the media made available, will be governed by: - This privacy policy. - The privacy policy described on the Envialia website and its terms of use. - The privacy policies and other regulations for access, use and similar of the corresponding social network or media. The user of these social networks must be aware of them and have previously accepted them. ENVIALIA will process the data of the users that it receives through these social networks to: - Properly manage their presence in the corresponding social network. - Publicise ENVIALIA news and its products and services. - Carry out promotional campaigns through each social network. Commitments: ENVIALIA undertakes not to collect unnecessary information about the users of the service, whether they are senders or recipients of shipments, to diligently handle the personal information that they provide and to comply with the obligation of secrecy at any stage of the data processing. ENVIALIA has adopted the legally required security levels for personal data protection, and has installed all the means and technical measures at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of personal data provided to ENVIALIA. However, the user must be aware that security measures on the Internet are not infallible. Legitimacy of processing: The justification of legitimacy is specified below for each of the purposes described: - The contractual relationship of ENVIALIA with its customers and suppliers in the provision of transportation and courier services and the supply of corporate products related to the activity of the Envialia Network, as described in Article 6(1) (b) of Regulation (EU) 2016/679. (Purposes A, B, C, E and F). - The legitimate interest of the company to market its services and keep its customers and contacts informed of the news in the products and services offered, always faithful to the exercise of our activity. (Purposes A, B, D and F). - In compliance with the applicable regulations: Commercial Code RD 22 of 1885; Royal Decree 1619/2012 by which the billing obligations are regulated (purposes A and B). - The legitimate interest of Envialia to carry out the control of the performance of the services carried out by the employees of the Envialia Network (Routes, Service Centres and Distributors). (Purpose C). - The legitimate interest to know the degree of satisfaction of customers for the continuous improvement of the processes of the company (purpose G). - Explicit consent of the owners. When personal data reach Envialia and are not covered by the previous legitimisation assumptions (purpose A and D). In this case, the data subject must send us their application (contracting or information) with the necessary data for us to study or inform them of the services or products offered by accepting this policy, which grants us their consent to process the data provided for the purpose described above. When you have given your consent and there is no legal or contractual condition prevention, you can withdraw your consent through the email and address mentioned above. The personal data required are the minimum necessary to be able to offer the services or the required information, whether it be a contractual relationship or a request for service or information. Processing of the data will be limited to the purposes described and in case ENVIALIA wishes to process the data for a different purpose, it will request prior authorisation. In case of inaccuracy or lack of the data provided, this may not be able to meet requirements, or cause non-compliance with legal or contractual requirements, the data subject who provides the data being the one responsible for legal consequences resulting therefrom. Data recipients: Are: - ENVIALIA WORLD - Data processors: These are the parties that ENVIALIA has hired to help us in the provision of services: oConsultancies: VILEMINA, S.L. (tax ID code: B80420458). Providing accounting and financial advisory services. ABG ABOGADOS, S.L. (tax ID code: B84668904). Providing legal advice services. oThe provider that manages the servers and the Online program, which also performs the technical service and its backup copies. DINAPRISE SERVICIOS INFORMÁTICOS, S.L.U. Tax ID code: B-91737494 oHosting provider for the Envialia computer system and email manager: ACENS TECHNOLOGIES, S.L. with Tax ID code: B-84948736. oThe provider of the MyEnvialia.com tool: PARCEL2GO.COM LIMITED with Tax ID code GB- 597849161. oOther centres from the ENVIALIA NETWORK: The centres from the NETWORK must be able to access certain data from other centres in the Network, in order to manage shipments, as well as the data provided by the Cargo Service Centres on the senders and recipients of the shipments. These data must be collected with the express consent of their customer, and must also inform them that the data provided by third parties must be provided with their prior consent. oInsurance companies when necessary to provide information in the event of an incident. oBanks and financial entities that the company works with for the collection or payment of the corresponding invoices. ENVIALIA follows strict selection criteria for service providers in order to comply with its obligations regarding data protection, in accordance with the standards of Regulation (EU) 2016/679 and undertakes to sign the corresponding data processing contract with them, through which it will impose, among others, the following obligations: apply appropriate technical and organisational measures; process the personal data for the agreed purposes and taking into account only the documented instructions of ENVIALIA, and delete or return the data once the provision of services has concluded. - Public administrations: In accordance with the applicable legal and regulatory provisions, ENVIALIA may disclose to the competent Public Authorities the personal data and any other information that is available and required. Conservation: ENVIALIA will process the personal data as long as they are necessary for the management of the purposes described and listed above (and the user has not requested their erasure or cancellation) and for the periods required by current legislation for the fulfilment of its obligations (6 years plus the current year, according to the commercial code for customers and suppliers). After this period, the data will be stored in computerised form unless the data subject exercises their rights of Correction, Cancellation, Erasure or Opposition. In the event that there is no specified legal requirement (for example, requests from potential customers) the data will be kept until no longer necessary for the purposes described, or the customer requests their removal or cancellation. In the event that the user revokes their consent to process their data or requests cancellation thereof (provided that they have said right in accordance with the regulations), ENVIALIA will proceed to block them to avoid the processing of said data. Once blocked, their data will be inaccessible, and will not be processed, except for making them available to Public Administrations, Judges and Courts, in order to deal with possible responsibilities arising from processing, as well as for the exercise and defence of claims before the Spanish Data Protection Agency. ENVIALIA undertakes to keep and store the personal data that users provide us with in a confidential manner, guaranteeing the security thereof and avoiding access by unauthorised third parties. Rights: Anyone has the right to obtain confirmation as to whether or not ENVIALIA, S.A. is processing their personal data. Likewise, the following rights are recognised:

Right	Your rights	How to exercise them
Access	You can ask us about your data that we have in our files and how we process it.	By letter: For the attention of the Data Controller ENVIALIA WORLD, S.L. Avenida Suiza 2, 28821 – COSLADA (MADRID) By email: legal@envialia.com To exercise any of these rights, you must include the following information: name and surname, address for notification purposes, ID, passport or other document proving identity and your specific request. When contacting us by email, you must use the email address you used to register in our system, and you must also provide the documents indicated in the previous paragraph.
Correction	You can ask us to modify your data in our files to keep them updated.
Erasure	You can request that your data be deleted, stating your refusal or opposition to the consent for the processing of your data and there is no statutory obligation preventing this.
Limitation	You can request a limitation of the data use, in which case you must specify the uses you do not want your data to be used for.
Opposition	For reasons related to your particular situation, you may object to the processing of your data. In that case, ENVIALIA will stop processing the data, except for compelling legitimate reasons, or when the exercise or defence of possible claims prevents it.
Portability	The personal data that you have provided us for our service can be sent to you in electronic format, or we can send them to the companies that you specify.
Consultations, observations and complaints	The data subject may revoke consent to process their data without affecting the legality of the processing based on the prior consent. If you would like to ask us about how we process your data, or you would like to raise any query with us, or you believe we have not acted according to the data protection regulations, you can write to us (legal@envialia.com”> legal@envialia.com) without prejudice to the fact that the data subject can submit a claim to the Spanish Data Protection Agency (www.agpd.es).

Exercise of these rights is completely free. Once the request is received, ENVIALIA will analyse whether all the necessary information has been provided for its processing, as well as the legitimacy and pertinence of the request. In the event that it is not pertinent or that, in the specific case, exercise of the requested right cannot be granted, the data subject shall be informed so that they may bring the corresponding claims. This exercise of rights will always be carried out within the legally established deadlines (Art. 12(3) of Regulation (EU) 2016/679) which establishes a period of one month from receipt of the request, except where necessary, taking into account the complexity and number of the requests, this period is extended as described in said article. In any case, the user will receive a notification in this respect within that period. EXTENSION OF LIABILITY We offer you the possibility of extending the liability established in the Land Transport Act (LTOL) for damages, losses and/or breakdowns suffered by goods during transportation up to €16.00 per billed kg. Check the conditions at your Envialia service centre. OPTIONAL DECLARED VALUE INSURANCE Envialia provides you with the option of taking out additional insurance to cover the loss, theft at destination or breakage of your shipment, paying a percentage of the declared value. For the insurance payment, the purchase invoice value will be taken into account, as well as the possible depreciation of the insured item. There is no insurance payment for lost profits, non-material damage, commercial losses for unperformed sales, exchange differences, among others. The "Optional Insurance" can be taken out as additional insurance for national and international shipments. Uninsurable goods Such as, for example: Living beings, perishable products. Money in cash, securities coupons, bank notes, negotiable or banking instruments and papers. Plane, train, or lottery tickets. Bank cards, pre-paid telephone cards. Dangerous goods and articles (corrosive, inflammable, explosive, poisonous, radioactive, infectious items, etc.). Cold chain products. Fine metal jewellery, precious stones, real pearls, flat glass panes. Commercial samples. Works of art. Goods with insufficient packing or packaging. Goods for repair. Documents or photocopies of any kind. Press in any of its varieties. Loss of integrity: When an insured loss occurs in a piece that is part of a set or collection, the amount to be paid in the event of a claim will be limited exclusively to the value of said piece, without any amount being claimed for loss of value or loss of integrity.

ENVIALIA WORLD, S.L. hereinafter ENVIALIA, in compliance with the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, informs you that your data are part of a file detailed throughout the following privacy policy. You declare that the information and the data that you have provided us are accurate and true; if this is not the case, you will be solely responsible for the false or inaccurate statements made or carried out by the company based on the data provided and the damage caused to ENVIALIA or third parties. In addition, if you have any questions or suggestions, you can always contact us by email (legal@envialia.com), phone (91 655 76 05) or writing to us at Av. Suiza 2, 28821 – COSLADA (MADRID). We would be happy to assist you. Data controller: ENVIALIA WORLD, S.L. with C.I.F. B-83115402 – Avenida Suiza 2, 28821 – COSLADA (MADRID). – 91 655 76 05 Purpose of the Processing: - Selection of the most suitable candidates for incorporation into job positions. - Management of Human Resources of the company. - Payroll management and payment. - Management of the prevention of occupational hazards, including health surveillance. Commitments: ENVIALIA undertakes: - To not collect unnecessary information about its employees and applicants, unless the data subject has provided it voluntarily (for example, when incorporating information not relevant to the position in their Curriculum Vitae). - To diligently handle the personal information that they provide and to comply with the obligation of secrecy at any stage of the data processing. ENVIALIA has adopted the legally required security levels for personal data protection, and has installed all the means and technical measures at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of personal data provided to ENVIALIA. Legitimacy of processing: The processing of personal data of candidates is legitimised by: - The legitimate interest of the company to gather information on possible candidates in the personnel selection processes. In this case, the data are provided directly by the data subject by providing their data freely and voluntarily when they wish to apply for a job as a candidate, thus consenting to the processing of their data under the criteria described in this policy. Anyone who provides their data to participate in a selection process must accept this policy so that ENVIALIA can store their data; in the absence of evidence of the acceptance of this policy, their curriculum vitae will be eliminated, since there is no explicit consent from the data subject to process their data, in accordance with what is described in this policy. The processing of personal data of company employees is legitimised by: - The existence of an employment contract between ENVIALIA and its employees. - The processing of the data in compliance with the applicable regulations. Highlighting the following regulations: Law 58/2003 General Tax Law; Royal Legislative Decree 8/2015 of 30 October, approving the revised text of the General Law on Social Security and Law 31/1995 on the Prevention of Occupational Hazards. - The legitimate interest of the company in training its workers for their professional development and compliance with current regulations (Law 31/1995 on the Prevention of Occupational Hazards). Data recipients: Are: - ENVIALIA - Data controllers: These are the parties that ENVIALIA has hired to perform certain services: oConsultancies: GENERA 100 ASESORES, S.L. (Tax ID code: B83478255). oThe provider that manages the servers and the Online program, which also performs the technical service and backup copies. oProvider hosting the Envialia computer system: ACENS TECHNOLOGIES, S.L. with Tax ID code: B-84948736. oExternal Prevention Service. - QUIRÓNPREVENCIÓN S.L.U. (B-64076482). oAccident Insurance Company. - FREMAP Mutua Colaboradora with Social Security No. 61 (G- 28207017). oInsurers when necessary to provide information in case of an incident. oBanks and financial entities with which the company works for the payment of their payroll. All of them have confirmed that they comply with the European regulation on data protection. ENVIALIA follows strict selection criteria for service providers in order to comply with its obligations regarding data protection and undertakes to sign the corresponding data processing contract with them, through which it will impose, among others, the following obligations: apply appropriate technical and organisational measures; process personal data for the agreed purposes and taking into account only the documented instructions of ENVIALIA, and delete or return the data once the provision of services has concluded. - Public administrations: In accordance with the applicable legal and regulatory provisions, ENVIALIA may disclose to the competent Public Authorities (Treasury, Social Security, security forces, etc.) the personal data and any other information that is available and required. - Service Centres and collaborators of the Envialia Network. Given that sometimes they need access to the identification data of workers to contact them or provide support. - Customers: On certain occasions, customers may request information on the qualification of workers and in compliance with the requirements of Business Activities Coordination according to Law 31/1995 on Prevention of Occupational Hazards. Conservation: ENVIALIA will process the personal data as long as they are necessary for the management of the purposes described and listed above (and the user has not requested their erasure or cancellation) and for the periods required by current legislation for the fulfilment of its obligations (5 years according to the General Tax Law). In the case of the data provided by the candidates to be employed in a job, these data will be kept for a period of 6 months after the selection process, or until they cease to be necessary for the purposes described. In the event that the user revokes their consent to process their data or requests cancellation thereof (provided that they have said right in accordance with the regulations), ENVIALIA will proceed to block them to avoid processing said data. Once blocked, their data will be inaccessible, and will not be processed, except for making it available to Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the processing, as well as for the exercise and defence of claims before the Spanish Data Protection Agency. ENVIALIA undertakes to keep and store the personal data that users provide us with in a confidential manner, guaranteeing its security and avoiding access by unauthorised third parties. Rights: Anyone has the right to obtain confirmation on whether or not ENVIALIA is processing their personal data. Likewise, the following rights are recognised:

Right	Your rights	How to exercise them
Access	You can ask us about your data that we have in our files and how we process it.	By letter: For the attention of the Data Controller ENVIALIA WORLD, S.L. Avenida Suiza 2, 28821 – COSLADA (MADRID) By email: legal@envialia.com To exercise any of these rights, you must include the following information: name and surname, address for notification purposes, ID, passport or other document proving identity and your specific request. When contacting us by email, you must use the email address you used to register in our system, and you must also provide the documents indicated in the previous paragraph.
Correction	You can ask us to modify your data in our files to keep them updated.
Erasure	You can request that your data be deleted, stating your refusal or opposition to the consent for the processing of your data and there is no statutory obligation preventing this.
Limitation	You can request a limitation of the data use, in which case you must specify the uses you do not want your data to be used for.
Opposition	For reasons related to your particular situation, you may object to the processing of your data. In that case, ENVIALIA will stop processing the data, except for compelling legitimate reasons, or when the exercise or defence of possible claims prevents it.
Portability	The personal data that you have provided us for our service can be sent to you in electronic format, or we can send them to the companies that you specify.
Consultations, observations and complaints	The data subject may revoke consent to process their data without affecting the legality of the processing based on the prior consent. If you would like to ask us about how we process your data, or you would like to raise any query with us, or you believe we have not acted according to the data protection regulations, you can write to us (legal@envialia.com”> legal@envialia.com) without prejudice to the fact that the data subject can submit a claim to the Spanish Data Protection Agency (www.agpd.es).

Exercise of these rights is completely free Once the request is received, ENVIALIA will analyse whether all the necessary information has been provided for its processing, as well as the legitimacy and pertinence of the request. In the event that it is not pertinent or that, in the specific case, the exercise of the requested right cannot be granted, the data subject shall be informed so that they may bring the corresponding claims. This exercise of rights will always be carried out within the legally established deadlines (Art. 12(3) of Regulation (EU) 2016/679) which establishes a period of one month from receipt of the request, except where necessary, taking into account the complexity and number of the requests, this period is extended as described in said article. In any case, the user will receive a notification in this respect within that period. EXTENSION OF LIABILITY We offer you the possibility of extending the liability established in the Land Transport Act (LTOL) for damages, losses and/or breakdowns suffered by goods during transportation up to €16.00 per billed kg. Check the conditions at your Envialia service centre. OPTIONAL DECLARED VALUE INSURANCE Envialia provides you with the option of taking out additional insurance to cover the loss, theft at destination or breakage of your shipment, paying a percentage of the declared value. For the insurance payment, the purchase invoice value will be taken into account, as well as the possible depreciation of the insured item. There is no insurance payment for lost profits, non-material damage, commercial losses for unperformed sales, exchange differences, among others. The "Optional Insurance" can be taken out as additional insurance for national and international shipments. Uninsurable goods Such as, for example: Living beings, perishable products. Money in cash, securities coupons, bank notes, negotiable or banking instruments and papers. Plane, train, or lottery tickets. Bank cards, pre-paid telephone cards. Dangerous goods and articles (corrosive, inflammable, explosive, poisonous, radioactive, infectious items, etc.). Cold chain products. Fine metal jewellery, precious stones, real pearls, flat glass panes. Commercial samples. Works of art. Goods with insufficient packing or packaging. Goods for repair. Documents or photocopies of any kind. Press in any of its varieties. Loss of integrity: When an insured loss occurs in a piece that is part of a set or collection, the amount to be paid in the event of a claim will be limited exclusively to the value of said piece, without any amount being claimed for loss of value or loss of integrity.

Information about cookies

Definition and purpose of cookies

A cookie is a file that is downloaded on your computer when you access certain websites. Cookies allow a website, among other things, to store and retrieve information about the browsing habits of a user or their devices and, depending on the information contained and how devices are used, cookies can be used to recognize the user. A cookie is a small text file that a website places on your pc, phone or any other device with information about your browsing on that website. Cookies are necessary to facilitate browsing and make it more user-friendly, and do not harm your computer. Although the general term “cookie" is used in this policy, since it is the main method of storage of information used by this website, the browser’s "local storage" space is also used for the same purposes as cookies. In this sense, all the information included in this section is equally applicable to this "local storage". What are cookies used for on this website? Cookies are an essential part of how our website works. The main objective of our cookies is to improve your browsing experience. For example, they are used to remember your preferences (language, country, etc.) while you browse and also for future visits. The information collected in the Cookies also allows us to improve the website by estimating numbers and usage patterns, adapting the website to the individual interests of users, accelerating searches, etc. What are cookies on this website NOT used for? We do not store sensitive personal identification information such as your address, your password, your credit or debit card details, etc., in the cookies we use. Who uses the information stored in cookies? The information stored in our website’s cookies is used exclusively by us, except for those identified below as "third-party cookies", which are used and managed by external entities to provide services requested by us to improve our services and the user experience when browsing our website. How can I avoid the use of cookies on this website? If you prefer to avoid using cookies on this page considering the above limitations, you must first disable in your browser the use of cookies and, secondly, delete saved cookies associated with this website in your browser. You may select the option of disabling cookies at any time. How do I disable and eliminate the use of cookies? To restrict, block or delete cookies from this website, you may do so at any time by changing your browser settings as detailed in the guidelines below. Although all browser settings are different, the cookies settings can be found in either the "Preferences" or the "Tools" menu. For more details on setting up cookies in your browser, please check your browser's "Help" menu.

CHANGES TO THE COOKIES AND PRIVACY POLICY

We may change the information contained in this Cookies and Privacy Policy when we deem it convenient. If we do so, we will notify you in different ways through the Platform (for example, through a banner, a pop-up or a push notification), or we will even notify it to you by email when the change in question is significant to your privacy, so you can review the changes, assess them and, if need be, object to or cancel any service or functionality. In any case, we suggest you check this Cookies and Privacy Policy from time to time in case there are minor changes or in case we introduce some interactive improvement, taking advantage of the fact that you will always find it as a permanent information point on our Website and in our App.

What specific Cookies does this website use and for what purpose?

We use two types of cookies, "persistent cookies" and "session cookies". Persistent cookies will remain in the browser even if you leave the page, allowing us to remember your preferences each time you revisit the website. These cookies remain stored until they are deleted. Session cookies allow actions during a single session to be saved. These cookies are deleted when you close the browser.