S-D ENGAGEMENT REQUEST FORM (in accordance with Art. 3.4 of the Policy)* required fieldsformfieldRequester *Name Surname*TelephoneEmail *Category of membership *selectInvestors Proxy advisor Dialogue participants *maximum 3 people, specify position and contact detailsFirst name*Last name*Position*Email **Telephone*First nameLast namePositionEmail *TelephoneFirst nameLast namePositionEmail *TelephoneSubjects covered by S-D engagement, reasons for the request any opinions:Previous dialogue: Privacy policy Information to be given under art. 13 of EU Regulation 2016/679 and existing national regulation on personal data Pursuant to Regulation EU 2016/679 (hereinafter “GDPR Regulation” or “GDPR”) and the existing national regulation on data protection (“Privacy Law”), Mediobanca – Banca di Credito Finanziario S.p.A. with registered office in Milan, Piazzetta Enrico Cuccia 1 (the “Bank” or “the Controller”), as data controller, shall provide disclosure in relation to the use of personal data. Why a Privacy Policy notice? This page describes the management of Mediobanca’s web site since, after users’ access to the site, personal data of identified of identifiable persons may be processed. This information is provided under art. 13 of GDPR and with Privacy Regulation to any user that deals with the web based services of Mediobanca – Banca di Credito Finzanziario S.p.A., that are made available via electronic networks at the following address: https://www.mediobanca.com, which corresponds to the homepage of the web site of Mediobanca – Banca di Credio Finanziario S.p.A. The Information provided only applies to the web site of Mediobanca – Banca di Credito Finanziario S.p.A. and does not concern any web site that may be visited by a user via external link. Data Controller and Data Protection Officer (DPO) The Data Controller is Mediobanca – Banca di Credito Finanziario S.p.A., with registered office in Milan, Piazzetta Enrico Cuccia 1. Mediobanca appointed a Data Protection Officer (DPO). The Data Protection Officer may be reached at the following email addresses: • DPO.mediobanca@mediobanca.com • dpomediobanca@pec.mediobanca.com Where data are processed Data processing related to web based services of this site takes place in the abovementioned office of Mediobanca – Banca di Credito Finanziario S.p.A., and is managed only by employees of Mediobanca – Banca di Credito Finanziario S.p.A., operators entitled to processing, or any possible Data Protection Officer appointed under Privacy Regulation. No data resulting from web based services are either communicated or disseminated. Personal data provided by users are used only to provide the service and are communicated to third parties only if necessary to this extent. CATEGORIES OF DATA PROCESSED Navigation Data The information systems and software procedures related to the web site functioning acquire personal data as part of their standard operation, and the transmission of such data is an inherent feature of Internet communication protocols. Such information is not collected in order to be related to identified data subjects, however it might allow users identification after being processed and matched with data held by third parties. This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment. These data are used only to the extent of: • obtain anonymous statistical information on the site use; • check the site correct functioning; • carry out monitoring activities to support service safety. Data might be retained and used to establish liability in case computer crimes are committed against Mediobanca – Banca di Credito Finanziario S.p.A. site, except for this circumstance, any data on web contacts is currently retained for no longer than the time necessary to achieve the purposes it is processed for. Data voluntarily provided by users When personal data are provided on this site on the basis of a freely, explicit and voluntary option they are subsequently acquired for the provision of the required service. Specific information inspired by the principles of Privacy Regulation will be shown and displayed on the site pages that are used for providing on demand services. Cookies Cookies are small text files sent on the user’s electronic device (PC, tablet, etc.) during browsing. Cookies are then sent back to the originator web site during any future browsing, or are sent back to a different site able to detect the specific cookie. Cookies act as the memory of a web site, allowing the site to recognize your device during any future visit to the same site. Moreover, cookies allow to save your browsing preferences with the aim of offering a more functional use of the site, making its contents as personalized as possible. For the abovementioned reasons, also Mediobanca’s Web server, during browsing its site, might use cookies with users systems through the use of first or third part cookies. Each user, in preference, might in any case set its browser in order to receive an alert regarding the presence of a cookie and decide whether accept it or not. It is also possible to refuse receiving a cookie automatically by turning on the specific browsing option: a lack of use of cookies, however, might give rise to difficulties during the interaction with the Bank site. More information on cookies, their management and removal may be found by following the link to the extended regulation on cookies provided by Mediobanca (https://www.mediobanca.com/it/cookies.html), or following the link: www.allaboutcookies.org. Optional Personal Data provision Subject to the specifications made with regard to navigation data, users are free to provide the personal data in the electronic application forms, or in the web site sections prepared for specific on demand services, for sending newsletters, informational material or other communications. It is clarified that failure in providing data may results in the inability to satisfy the user’s request. Processing arrangements Personal data are processed with automated means and not for no longer than is necessary to achieve the purposes for which it has been collected. Specific security measures are implemented to prevent the data from being lost , used unlawfully or inappropriately and accessed without authorization. Data Subjects’ Rights Data subjects’ are entitled at any time to obtain confirmation of the existence or not of personal data concerning them and be informed on their content and origin, verify their accuracy or ask that such data are supplemented, updated or corrected (articles 15 and 16 od GDPR). Moreover, data subjects are entitled to request erasure, processing limit, consent withdrawal, data portability as well as to claim to the supervisory authority and to object in all cases, on legitimate grounds, to data processing (art. 17 et seq. of GDPR). Those rights may be exercised through a written communication sent to: privacy@mediobanca.com. The Controller, including via authorized structures, will take charge of the user’s request and provide, without undue delay, the information related to the actions taken with regard to their request.I have read and agree with the terms of the Personal Data Privacy PolicyCancelSubmit