Grupo SM's internal communication channel

Grupo SM's internal communication channel allows reporting on any situation that may constitute a serious or very serious criminal or administrative offence, as well as the internal regulations of Grupo SM or the legislation applicable to the matters defined in the Internal Information System Policy. In the same way, inquiries can be made on the points mentioned above.

This channel can be used by employees, partners and members of the administrative, management or supervisory bodies of the SM Group companies, public employees, self-employed workers, as well as by people who work for or under the supervision of contractors, subcontractors or suppliers, volunteers, interns and employees in training, including those whose relationship has ended or has not begun.

However, it is also possible to submit a communication through a face-to-face meeting or through the different procedures specified in the internal regulations of Grupo SM.

Regulations applicable to Grupo SM's internal communication channel

This internal communication channel is governed by the provisions of Grupo SM's Internal Information System Policyand the Internal Information System Management Procedure. These internal regulations have been drafted in accordance with applicable regulations in relation to the notification of violations, the protection of the informant and personal data.

Anonymity

Grupo SM's internal communication channel allows communications to be sent completely anonymously. However, if the informant wishes to voluntarily provide their personal data, they will be treated with the strictest confidentiality. In any case, the person affected by the communication will not have access to the identity of the informant.

Examples of violations that can be reported

The following is a non-exhaustive list of behaviors susceptible to communication:

Principles of Grupo SM's internal communication channel

Grupo SM's internal communication channel is based on the following principles:

Confidentiality and protection of personal data

The Internal Information System is designed, established and managed in a secure manner, in order to guarantee the confidentiality of the identity of the informant and of any third party mentioned in the communication, as well as of the measures taken in the management and processing of the communication, preventing access by unauthorized personnel.

Grupo SM undertakes to carry out only the processing of personal data that are necessary for the knowledge of the actions or omissions indicated in the communications and that have the appropriate legal justification. It will be lawful to communicate the data to third parties when necessary for the adoption of corrective measures in the entity or for the processing of sanctioning or criminal procedures that, where appropriate, may be appropriate.

The informant can access the data, rectify and delete it, as well as exercise other legal rights, by contacting the Data Protection Officer (https://contactodpo.grupo-sm.com).

How can the informant follow up on the communication?

Within a maximum period of seven (7) days, Grupo SM will send the informant an acknowledgment of receipt of the communication. The informant will receive access data that will allow them to track the file, know its status at all times and, where appropriate, provide additional information.

The SM Group will carry out the relevant investigative activities to clarify the facts reported within a maximum period of three (3) months (extendable for an additional three months in cases of special complexity).