Information Security Policy

The MBD Analytics Security Policy reflects the principles and objectives in terms of information security, the results of which allow our company to achieve its purpose of offering services related to advanced data analysis (Data Management, Data Visualization, Data Automation, Data Discovery-Machine Learning).

Through the elaboration, communication and maintenance of this policy, the MBD Analytics Management shows its commitment to protect the confidentiality of the information with which it operates in the provision of its services, guarantee its integrity in all the treatment processes that it carries out. , as well as the availability of the information systems involved in these treatments.

For this, the Management has defined and implemented an Information Security Management System that allows the company to guarantee that the information systems and the information that is created, collected, stored and processed complies with:

• Security in Human Resources Management, before, during and at the end of employment.
• The proper management of assets that involves the classification of information and the manipulation of supports, and the establishment of a robust logical access control to their systems and applications, managing user permissions and privileges.
• The protection of the facilities and the physical environment, through the design of safe work areas and the safety of the equipment.
• The guarantee of security in operations by protecting against malicious software, making backup copies, establishing records and their supervision. control of the software in use.
• The management of technical vulnerabilities and the choice of appropriate techniques for auditing Systems.
• The security of communications, protecting networks and the exchange of information.
• Assurance of security in the acquisition and maintenance of information systems, limiting and managing change.
• Performing secure software development, separating development and production environments, and performing appropriate functional acceptance testing.
• The control of relations with suppliers, contractually demanding compliance with the relevant security measures and acceptable levels in their services.
• The effectiveness in the management of security incidents, establishing the appropriate channels for their notification, response and timely learning.
• The realization of a business continuity plan that protects the availability of services during a crisis or disaster. Identification and compliance with applicable regulations, with a special interest in intellectual property and the protection of personal data.
• Periodic review and continuous improvement of our information security management system to guarantee compliance and effectiveness with these requirements.

All the organization’s personnel have the duty to abide by this policy, for which the Management has the necessary means and sufficient resources for compliance, and assumes the responsibility of communicating and keeping it accessible to all interested parties.

 

Legal Notice

Object

In compliance with the duty of information established in Article 10 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, we inform you that the URL www.mbdanalytics.com (hereinafter referred to as the “PORTAL”) is a domain owned by MARKETING & BASES DE DATOS CONSULTORES, S.L. (hereinafter referred to as the “ENTITY”), with VAT number B79086286, with registered office at Avda. Brussels, 13 – 3, 28108 Alcobendas (Madrid), and registered in the Commercial Registry of Madrid, Volume 4230, Folio 182, Sheet M-70329, Entry 1, email address rgpd@mbdanalytics.com, and telephone number (+34) 91 570 38 05.

All trademarks, trade names, or distinctive signs of any kind appearing on the PORTAL are the property of the ENTITY or third-party collaborators, without implying that the use or access to the site and/or services grants the user any rights over said trademarks, trade names, and/or distinctive signs.

Likewise, the content published on the website, its graphic design, images, databases, and source code are the intellectual property of the ENTITY or third-party collaborators, without being understood to be transferred to the user, pursuant to the provisions of this Legal Notice, any of the exploitation rights that exist or may exist over said content beyond what is strictly necessary for the correct use of the PORTAL and the services provided through it.

Access to this website is the sole responsibility of users. Simply accessing the PORTAL does not imply establishing any kind of commercial relationship between the ENTITY and the user. By accessing it, you accept the General Terms of Use detailed below.

General Conditions of Use

IDENTIFICATION OF THE PARTIES

These General Conditions of Use of the services offered at the URL www.mbdanalytics.com (hereinafter referred to as the “PORTAL”) are subscribed to by the domain owner, MARKETING & BASES DE DATOS CONSULTORES, S.L., whose contact email is: contacto@mbdanalytics.com

An individual with the capacity to validly enter into a contract in accordance with applicable law is considered a USER.

You may not use the website and may not accept the Conditions if:

•  You are not of legal age and cannot enter into a binding contract under the law, or
•  You do not qualify as a USER as stated above.

PERFECTION OF THE AGREEMENT

To use the PORTAL, these general conditions (hereinafter, the “Conditions”), as well as those particular stipulations collected for the use and/or contracting of specific services, must be accepted. Otherwise, you must leave the PORTAL.

You may accept the Conditions:

•  By clicking on the acceptance button of the Conditions, when this option is offered to you in the user interface; or
•  By effectively using the website. You acknowledge and agree that the use of the PORTAL will be considered as an acceptance of the Conditions.

Users are advised to carefully read these conditions. You may save or print them if you wish.

SCOPE OF APPLICATION

These general conditions will apply to all services/products listed on the website www.mbdanalytics.com

The following documents are understood to be incorporated into these Conditions by reference:

• Legal Notice
• Privacy Policy

USERS AND SERVICES OFFERED

The PORTAL presents services open to the entire public that visits it.

The use of the services offered on the website is subject to the prior acceptance and compliance with the Conditions by the USER.

The use of the services offered on the site is free unless otherwise expressly stated.

PRIVACY POLICY

Personal data provided through the PORTAL will be processed by MARKETING & BASES DE DATOS CONSULTORES, S.L. for the purposes described in the conditions set forth in the Privacy Policy, which is incorporated into these Terms of Use by reference from this section.

COOKIE POLICY

The PORTAL uses functional and analytical cookies, both its own and those of third parties, based on user browsing habits, to improve the quality of the service. Personal data collected through these cookies will be processed by the ENTITY in accordance with the terms indicated in its Cookie Policy, which is incorporated into these General Conditions by reference from this section.

PRICE OF THE PRODUCTS OFFERED AND TAXES

The services offered on the portal are free of charge unless otherwise stated. For the prices shown, if applicable, it is detailed in the “Particular Contracting Conditions” whether or not they include VAT, the complete payment process, and the complete conditions for contracting products or services.

CANCELLATION OF SERVICES

The services provided by the portal for the general public are free and merely informational, so they do not require any action for their cessation, only the mere will of the user not to visit the PORTAL.

RESPONSIBILITIES

Of the portal:

It shall not be directly or indirectly liable for:

• The quality of the service, as they are provided “as is” and the ENTITY does not provide any guarantee regarding them.
• Damages that may be caused to the user’s equipment by using the portal.
• The defects and faults of all kinds of the transmitted, disseminated, stored, or made available contents.

The ENTITY is responsible for changes in the prices of the products/services it offers and for notifying users/customers as soon as possible through personal communication or through the update of the content on the PORTAL.

Of the user:

The user/customer shall be responsible for:

• The data and information entered and sent to the ENTITY in the available forms.
• The performance of any type of unlawful, harmful, and/or detrimental action.

INTELLECTUAL AND INDUSTRIAL PROPERTY

The entire website: text, images, trademarks, graphics, logos, buttons, software files, color combinations, structure, selection, arrangement, and presentation of its contents, object and source codes; are the property of the ENTITY or third-party collaborators, and their reproduction, distribution, public communication, and transformation are prohibited, except for personal and private use, and the USER must respect what is stipulated in the Legal Notice included in the PORTAL, which is incorporated into these Conditions by reference from this section.

MINORS

Children under the age of fourteen must request and obtain permission from their parents, legal guardian, or legal representative before accessing the content hosted on the PORTAL. Access and use of the portal are prohibited for unauthorized minors under 14 years of age.

The ENTITY reminds adult users who have minors under 14 years of age under their responsibility that it will be their sole responsibility to determine which services and/or content are appropriate for them; and informs them about the existence of computer programs to limit navigation, through filtering or blocking certain content.

JURISDICTION

These conditions are drafted in Spanish and are subject to the current Spanish legislation. For any type of dispute arising from the use of the services offered or the contents of the portal itself, the parties, by accepting these Conditions, will submit to the competent Courts and Tribunals of the locality where MARKETING & BASES DE DATOS CONSULTORES, S.L. has its registered office.

ADDITIONAL CONDITIONS

If any provision of these Conditions is deemed invalid or unenforceable, such provision shall be removed and the rest of the clause shall remain in effect. Section titles are for reference purposes only and

do not define, limit, interpret, or describe the scope or extent of the corresponding section.

ONLINE DISPUTE RESOLUTION

We remind you that if you are an individual acting for purposes unrelated to your commercial or professional activities, you can use the online dispute resolution platform, which you can find at the following link: http://ec.europa.eu/consumers/odr/

Privacy Policy

The purpose of this privacy policy is to inform interested parties about the various treatments that the ENTITY carries out with the personal data collected through this website www.mbdanalytics.com in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons with regard to the processing of personal data and the free movement of such data (GDPR), and in Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDgdd).

Data Controller

Identity of the Data Controller: MARKETING & BASES DE DATOS CONSULTORES, S.L.

VAT/Tax ID: ESB79086286

Address: Avenida de Bruselas, 13 – 3, 28108 Alcobendas (Madrid)

Contact: rgpd@mbdanalytics.com

Data Protection Officer (DPO)

ALARO AVANT, S.L

Email: dpombd@mbdanalytics.com

Why and for what purpose do we use your data?

The purposes for which your personal data collected through the website will be processed are as follows:

• Manage your query or request submitted through any of the contact channels provided on the website.
• In case you have provided your consent, we will send commercial communications related to the services that make up the activity of the ENTITY and/or news related to the sector.
• Manage the commercial relationship and/or provision of services you have contracted.
• Accounting, tax, and administrative management.
• Manage your application in the selection process and inform you about it.
• Comply with the legal obligations applicable to the ENTITY.

Whose data do we process?

The category of data subjects from whom we will process personal data for the purposes indicated above are users of the website, clients, and job candidates of the ENTITY.

What data do we process?

Below, we indicate the categories of data that we will process for the aforementioned purposes:

• Identifying data: name and surname, email address, telephone number. As well as any other information you provide to us when making contact.
• Commercial information: activity and businesses (Company)
• Others: CV data

How do we obtain and where do the data come from?

The personal data we process has been provided by you.

Legal basis for the processing of personal data

The legal basis that legitimizes the processing of your personal data is:

• The consent you have given us for sending commercial communications and managing your application.
• Legitimate interest in responding to the request and/or query.
• Execution of a contract or taking pre-contractual measures for the management of service provision, including administrative management.
• Compliance with legal obligations that apply to the ENTITY.

Who has access to the data?

We inform you that your personal data may be communicated to the entities listed below to manage the contractual relationship, administrative management of the ENTITY, or if required by law or competent authorities, to:

• Tax Administration
• Banks, Savings Banks, and Rural Banks
• Public Administration with competence in the matter.
• State Security Forces and Corps.
• Auditors and inspectors;
• When required by law or by competent authorities.

Will international transfers of personal data be made?

International data transfers involve a flow of personal data from the European territory to recipients established in countries outside the European Economic Area (the countries of the European Union plus Liechtenstein, Iceland, and Norway). In the event of making international transfers of your personal data, your personal data will be protected in accordance with the provisions of this Privacy Policy and will comply with the applicable legal requirements that may be in force at any given time, including verifying the level of protection of the destination country and adopting the guarantees required by the regulations.

We inform you that no international transfers of personal data provided through the website are made. However, if they are carried out, you will be informed in advance. In this case, the international transfer will be made to recipients in countries that have a level of protection equivalent to that of the European Union. In case some of these recipients are in third countries with which there is no adequacy decision of the European Commission, nor do they offer adequate guarantees to endorse a level of protection, the ENTITY will guarantee the protection of your data by signing the standard contractual clauses adopted by the European Commission, and by adopting technical, organizational, and contractual measures, complementary to ensure a level of protection essentially equivalent.

How long will we keep the data?

We inform you that the personal data provided will be kept for as long as necessary to fulfill the purposes for which they were initially collected (as indicated in point 2 of this Privacy Policy) and for the periods established by the applicable legislation, as well as for the periods established to address possible claims arising from the processing, as long as the consent granted is not revoked. Likewise, we will keep your data as long as you do not object to the processing. All this in accordance with the principles of data minimization and limitation of the retention period established in the applicable regulations.

What are the data subject’s data protection rights?

You can exercise your rights of access, rectification, erasure, objection, to not be subject to individual automated decisions, portability, and restriction of the processing of your data by contacting MARKETING & BASES DE DATOS CONSULTORES, S.L., located at Avenida de Bruselas, 13 – 3, 28108 Alcobendas (Madrid) or at the email address rgpd@mbdanalytics.com, for which we may request documentation to duly verify your identity. You have the right to file a complaint with the Spanish Data Protection Agency (AEPD) if you believe your rights have been infringed.

How do we protect user data?

We are committed to protecting the information you provide us. Therefore, in response to the trust placed in us and considering the importance of protection and confidentiality required by your personal data, we inform you that the necessary measures, technical and organizational, have been adopted to guarantee the confidentiality, availability, integrity, and resilience of your data processing systems and services. To this end, we use security measures designed to provide an adequate level of security for the risk of processing the personal data provided. However, the user should be aware that security measures on the Internet are not impregnable, and although we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss, or violation thereof will never occur.

Accuracy of personal data

The data subject guarantees that the data provided are true, accurate, complete, and up-to-date. The data subject will inform any changes regarding the data provided through the channels enabled as referenced in the heading of this policy.

In the event that the user provides data from third parties, they declare that they have the consent of the interested parties and undertake to convey the information contained in this clause, exempting the organization from any liability arising from failure to comply with this obligation.

Updates to the Privacy Policy

This privacy policy has been updated in February 2024. The ENTITY reserves the right to modify its data protection policy in the event of a change in current legislation, case law, or business criteria. If any changes are made to this policy, the new text will be published at this same address.

If you have any doubts about this Policy, you can contact the Data Controller by sending a written communication to the postal address or email address indicated in the header.

Cookies policy

What are cookies?

A cookie is a small file that is stored on users’ computers, mobile devices, or tablets when accessing certain websites, applications, or platforms, allowing these to recognize their users.

Cookies are currently essential for the functioning of the internet, providing numerous advantages in the provision of interactive services, facilitating navigation, and usability.

Cookies help tailor websites, applications, or platforms to users’ personal needs.

Cookies cannot harm your computer. Instead, when enabled, they can help identify and resolve errors, as well as improve user navigability.

Cookies allow, among other things, storing and retrieving information about a user’s or their device’s browsing preferences.

This website, application, or platform uses cookies and/or similar technologies that store and retrieve information when you browse. In general, these technologies can serve very diverse purposes, such as recognizing you as a user, obtaining information about your browsing habits, or customizing how content is displayed.

The specific uses we make of these technologies are described below.

What cookies do we use?

At www.mbdanalytics.com, we use cookies, logs, links, and other technologies to store user preferences in order to improve the quality of our services, ensure the technical operation of both the portal and the transactions carried out, measure the audience of the website, and develop new and better features, products, and services offered.

Owner of the cookies

We use first-party cookies that we send to the user’s terminal equipment from a device or domain managed by us and from which the requested service is provided.

We use third-party cookies (for example, cookies from Google, LinkeIn…) used by external companies, social networks, or external content plugins (such as Google Maps). They are sent to the user’s terminal equipment from a device or domain of a third party entity that processes the data obtained through the cookies.

Use of cookies

We use technical cookies that are strictly necessary for the user to access and navigate on mbdanalytics.com

These are cookies that allow the user to navigate through a website, platform, or application and use the different options or services available on it, including those used to allow the management and operation of the website and enable its functions and services, such as controlling traffic and data communication, identifying the session, accessing restricted access parts, remembering the items that make up an order, carrying out the purchase process of an order, managing payment, controlling fraud linked to service security, making a registration request or participating in an event, counting visits for billing software licenses used by the service (website, platform, or application), using security elements during navigation, storing content for video or audio dissemination, enabling dynamic content (e.g., loading animation of text or image), or sharing content through social networks.

Cookies that allow, for their technical nature, the management, in the most efficient way possible, of the advertising spaces that, as one more element of design or “layout” of the service offered to the user, the publisher has included on a website, application, or platform based on criteria such as the edited content, without collecting information from users for different purposes, such as personalizing that advertising content or other content.

These cookies do not require the informed consent of the user.

We use preference or customization cookies that allow us, or third parties, to remember information so that the user can access the service with certain characteristics that may differentiate their experience from that of other users.

For example, language, the number of results to show when the user performs a search, the appearance or content of the service depending on the type of browser through which the user accesses the service or the region from which the user accesses the service, etc.

These cookies may require the informed consent of the user unless the user chooses these characteristics themselves (for example, if they select the language of a website by clicking on the flag icon of the corresponding country).

We use analysis or measurement cookies that, processed by us or by third parties, allow us to track and analyze the behavior of users of the websites to which they are linked, including the quantification of the impacts of advertisements.

The information collected through this type of cookies is used to measure the activity of websites, applications, or platforms, in order to introduce improvements in the products or services offered based on the analysis of the usage data made by the users of the service.

These cookies require the informed consent of the user.

We do not use behavioral advertising cookies that, processed by us or by third parties, store information on user behavior obtained through continuous observation of their browsing habits, allowing the development of a specific browsing profile of users to show them advertising based on it.

These cookies require the informed consent of the user.

Retention time of cookies

We use session cookies that are cookies designed to collect and store data while the user accesses a website. They are usually used to store information that is only of interest to keep for the provision of the service requested by the user on one occasion (for example, a list of purchased products) and disappear when the session ends.

We use persistent cookies that are those in which the data is still stored on the terminal and can be accessed and processed during a period defined by the cookie controller, which can range from a few minutes to several years.

This type of information obtained through cookies will not be communicated to third parties, nor used for unsolicited communications.

How can our users manage the cookies we use?

Users of www.mbdanalytics.com can manage cookies and, therefore, reject them individually or altogether in the Settings Panel.

If cookies are disabled or rejected, some functions and/or services may not work properly.

The portal does not exercise control over the websites displayed as a result of your search, links, or accesses from our directory. These other websites may place their own cookies or request personal information from you.

How can our users disable third-party cookies?

Please note that if you accept third-party cookies, you will need to delete them from the browser options or from the system offered by the third party itself.

If you want to know the privacy and cookie usage conditions of third parties, you can access the cookie policies of:

Linkedin: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out?trk=microsites-frontend_legal_cookie-policy
Google: https://www.google.es/intl/es/policies/technologies/cookies/

What happens if I do not accept the website’s cookies?

If the user does not allow the installation of cookies in their browser, they may not be able to access some sections of our website.

Are international transfers of my data made?

In accordance with Articles 44 and following of the European Data Protection Regulation (GDPR), transfers based on a decision of adequacy of the European Commission or, if adequate guarantees exist through a legally binding and enforceable instrument between authorities and public bodies, or through binding corporate rules, or standard clauses adopted or approved by the Commission, or through codes of conduct or certification mechanisms, will be legitimate. Otherwise, authorization from the competent Supervisory Authority or, failing that, explicit consent from the data subject or other cases referred to in art. 49 GDPR will be necessary.

We inform you that MARKETING & BASES DE DATOS CONSULTORES, S.L. does not make international transfers of your data.

Regarding third-party cookies, you can find out about transfers to third countries that, if any, the third parties identified in this cookie policy make in their respective policies (see the links provided above).

Is my browsing profile created and are automated decisions made that may affect me legally or significantly?

We inform you that MARKETING & BASES DE DATOS CONSULTORES, S.L. does not create browsing profiles that lead to automated decisions that may affect you legally or significantly.

Is my sensitive data processed?

We inform you that MARKETING & BASES DE DATOS CONSULTORES, S.L. does not process sensitive data.

More information

For more information about cookies and your rights as a user, you can consult the Guide on the use of cookies prepared by the Spanish Data Protection Agency (AEPD).

For more information about the processing of your personal data, you can access the Privacy Policy of MARKETING & BASES DE DATOS CONSULTORES, S.L.

Ethical code

ETHICAL AND CONDUCT CODE OF MARKETING & BASES DE DATOS CONSULTORES, S.L. (commercial brand MBD Analytics)

I. INTRODUCTION

MARKETING & BASES DE DATOS CONSULTORES, S.L. (hereinafter MBD Analytics) has decided to implement a criminal risk management system aimed at preventing, detecting, and reacting to possible crimes that could generate criminal liability for the Company. This would not be possible without the creation of this Ethical and Conduct Code, which reflects the ethical commitment to act in accordance with the principles, practices, and actions defined herein, in our relationships with all stakeholders affected by our activity: employees, customers, directors, associates, and suppliers.

This Ethical and Conduct Code establishes the behavioral guidelines that must be followed to align actions with MBD’s values. It is a flexible instrument and should be adapted to social reality and current legislation, for which it should be reviewed periodically, at least once a year.

II. SCOPE OF APPLICATION

This Ethical and Conduct Code applies to:

• Company executives and employees, regardless of the contract binding them to MBD and the position or area in which they perform their activities, including, if applicable, interns.
• Customers, suppliers, directors, collaborators, and any other stakeholders, to the extent that the Code may be applicable to them.

III. OBJECTIVE AND GUIDELINES FOR CONDUCT

OBJECTIVE: The purpose of the MBD Ethical and Conduct Code is to establish the principles that should guide the business activity carried out by the company, as well as to denounce and/or reject behaviors that do not conform to the values and principles of this document.

Violations of this Code may lead to disciplinary sanctions in accordance with labor legislation, in addition to any possible legal responsibilities that may apply.

GUIDELINES FOR CONDUCT:

a) Strict compliance with and respect for current laws MBD commits to strictly complying with the laws and other regulations related to its activities, observing their ethical compliance. It also commits to ensuring that employees are aware of the applicable regulations in the sectors where they operate, and to adhering to normative standards.

b) Relationships with employees MBD recognizes that human capital is the company’s main asset. MBD is obligated to provide and promote a motivating work environment. It respects and demands respect in labor relations. It does not discriminate or allow discrimination based on gender, race, age, nationality, religion, sexual orientation, disability, family background, language, political ideology, political or union affiliation, or any other characteristic not objectively related to work conditions or prohibited by applicable law. It does not allow or tolerate any form of harassment or physical, sexual, workplace, or psychological abuse. MBD is committed to adopting policies on workplace safety, hygiene, and health, as well as continuous training for its workers, fully aware that this benefits the company. All employees are required to treat their colleagues, superiors, and subordinates respectfully.

c) Relationships with customers and suppliers MBD will interact with its customers and suppliers of goods and services lawfully, ethically, and respectfully, not tolerating any form of bribery or corruption, and promoting a zero-tolerance policy towards any illicit activity. The selection of suppliers will be based solely on objectivity and transparency, seeking stable relationships with ethical and responsible suppliers. MBD employees are expressly prohibited from granting, accepting, or requesting, directly or indirectly, gifts, favors, or payments in cash or kind that could influence decision-making related to their duties.

d) Confidentiality, intellectual property protection policy, IT tools, and email d.1) Confidentiality and non-disclosure commitment Client, employee, or third-party information accessed due to professional activity is confidential. It is our duty to keep it private and take necessary measures to collect, store, and access these data in accordance with applicable regulations, preventing unauthorized access and complying with corporate policies on the matter. MBD employees are fully committed to maintaining the confidentiality of company data and information, as well as protecting intellectual and industrial property, including, but not limited to, patents, trademarks, domain names, copyrights, utility models, engineering know-how, databases, files, processes, technology, know-how, and information about MBD’s clients, products, strategies, and financial reports. All MBD members are responsible for preserving project and professional activity documentation, complying with applicable regulations at all times, and specific rules or instructions from the Legal and Compliance Services. In dealings with third parties, MBD will scrupulously follow the rules and procedures regarding intellectual or industrial property protection to avoid infringing third-party rights. All MBD-owned material and supports must be returned to the company when requested, when no longer needed for professional activity, and, in any case, upon termination of employment or professional relationship.

e) Use of IT tools, email, and social networks Email and IT tools are work instruments to be used for professional functions. They should not be used for private purposes, except for occasional use that is moderate, proportional to the circumstances, and not detrimental to MBD. All MBD members must follow the IT tools usage rules and the email and collaborative tools usage policy; comply with our network and device security policies, and report any suspected attack or manipulation to IT Security. Regarding social networks, when publishing information or opinions as an MBD employee, internal behavior rules must be applied, acting with respect, using good judgment and common sense, and being mindful of the information shared. Confidential information about MBD, its clients, or employees, or opinions that could be attributed to MBD, must not be published.

f) Conflicts of interest and duty of loyalty MBD employees and partners must avoid situations that could create a conflict between their personal interests and the company’s interests. They should abstain from intervening, representing the company, or influencing management or decision-making processes in which they have a personal interest, directly or indirectly. Any employee who believes there is a potential conflict of interest must inform their superior and/or, if applicable, the Compliance Officer, who will take appropriate measures.

g) Respect for the environment MBD is fully committed to the principles of sustainable development, contributing to the conservation of natural resources, and promoting necessary environmental preservation training among its employees.

h) Responsibilities All MBD employees are obligated to comply with the rules of this Ethical and Conduct Code and the Criminal Risk Prevention Manual, where this Code is annexed, forming an integral part of it. They must also comply with applicable laws, regulations, and rules related to their job position. They are also required to actively collaborate in fulfilling this Code, reporting any conduct contrary to it to the Compliance Officer, participating in company-provided training activities, and collaborating in developing internal controls and audits, all to comply with, prevent, identify, and rectify any company deficiencies or weaknesses. It is also established that directors, managers, and department heads must, in addition to scrupulously complying with the above:

• Perform their work as a model for other employees.
• Actively collaborate in complying with this Ethical and Conduct Code, informing the Compliance Officer of any conduct or actions contrary to it.
• Promote a true ethical business culture, as the behavior and involvement of the company’s Governing Body and executives are crucial in conveying this compliance culture to other employees.
• Support and assist employees who, in good faith, bring their queries to them, acting firmly against violations of this Ethical and Conduct Code.

i) Validity of the Ethical and Conduct Code This Code comes into effect the day after its approval at the Extraordinary General Assembly, which will be convened for this purpose, and will remain in force until the Administrative Body approves a review or repeal action.