Personal Data Protection Policy

Fundiven – Fundição Venezuela, S.A. needs to gather and use certain information about individuals. These can include information about employees, customers, suppliers, business contacts, and other people and members of organizations that have a relationship that contacted or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet the Fundiven, S.A. data protection standards and to comply with the law regardless of whether data is stored (electronically, on paper or on other materials).

This policy applies to:

The head office of Fundiven, S.A.

Every branch or subsidiary of Fundiven, S.A.

All staff of Fundiven, S.A., regardless of the form of their contract

All contractors, suppliers and other people working on behalf of Fundiven, S.A.

This data protection policy ensures that Fundiven, S.A.:

Complies with data protection law, specially the Regulation (EU) 2016/679, of 27 April 2016

Protects the rights of staff, customers and other partners

Is open about how it stores and processes individuals’ data

Protects itself from the risks of a data breach

Personal data must be collected according to this principles:

Be processed lawfully, fairly and in a transparent manner: is necessary to identify the legal basis for each data processing and provide information to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language about purpose and about how we do it.

Be obtained only for specific, lawful purposes: collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

Be adequate, relevant and not excessive: limited to what is necessary in relation to the purposes for which they are processed

Be accurate and kept up to date: every reasonable step must be taken to ensure that personal data that are inaccurate are erased or rectified without delay

Not be held for any longer than necessary: when data is not necessary for the purposes that it was collected, should be deleted or destroyed. For each data set will be specified an interval to be deleted or destroyed.

Private and confidential: processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing

Privacy by default and privacy by design: before processing, implement appropriate technical and organizational measures which are designed to achieve data-protection principles in an effective manner and to integrate the necessary safeguards into the processing across all the processing cycle.

Data subjects have the right of access, rectify, restrict of processing, portability, erasure, object to automated individual decision-making Every employee that receives a request from a data subject regarding any of these rights should verify his identity before providing any information and relay the request internally to the person Responsible for Personal Data Processing. Aurimoldes could share personal data with the public authorities without knowledge or consent from data subjects only in compliance with a legal obligation or court order.

For any question regarding Personal Data Protection please contact .