Personal Information Protection Policy

In Austral Group S.A.A. (hereinafter Austral) we care about the protection and privacy of our internal and external client’s personal information; Therefore, we are committed to guaranteeing absolute confidentiality of the information we safeguard. For this purpose, we use various security standards in accordance with the provisions of the Law on Protection of Personal Data Law No. 29733 and its Regulations approved by Supreme Decree No. 003-2013-JUS.

In accordance with the law, Austral is committed to its internal and external clients to the following :

1. Carry out the processing of personal data, only with the prior informed, express and unequivocal consent the personal data owner.
2. Do not collect personal data by fraudulent, unfair, or illegal means.
3. Collect updated, necessary, relevant, and adequate personal data, related to specific, explicit, and lawful purposes for which they were obtained for.
4. Not using personal data as an object of treatment for different purposes than those that motivated its collection unless there is an anonymization or dissociation procedure.
5. Store personal data in a way that enables the owner his exercise of rights of its owner.
6. Delete and replace or, where appropriate, complete the personal data process when aware of its inaccurate or incomplete, without prejudice the owner´s right.
7. Delete the personal data when they are no longer necessary or pertinent to the purpose for which they had been collected or if the term for their treatment has expired unless there is an anonymization or disassociation procedure.

Austral’ s objective is duly informing the personal data owner about their information processing, as well as the rights they can exercise with them.

The personal data user or owner has the right of information, access, rectification, cancellation, opposition, and objective treatment of their personal data. These can be exercised by the same personal data owner or by a duly accredited third party. The user or owner must submit their request in writing to Austral main address located at Av. Víctor Andrés Belaunde 147 Vía Principal 123, Torre Uno, Piso 3 - San Isidro, Lima, Peru, or to any Austral headquarters , or to the following email address: datospersonales@austral.com.pe, with the reference "Protection of Personal Data" through a request, which will include:

1. The right owner names and surnames; and accreditation of the third party in case of representation, for which he must prove his faculty by means of the personal owner legalized signature.
2. Specific request that gives rise to the request (Exercise of the right to information, access, rectification, cancellation, opposition and / or processing of your personal data or specific query).
3. Domicile, or address that may be electronic, to send the corresponding notifications.
4. Date and applicant signature.
5. Documents that support the request, if applicable.

Austral is subject to providing the National Authority for the Protection of Personal Data in charge of the Ministry of Justice and Human Rights, the information regarding the processing of personal data it requires and allowing access to the personal data banks that it administers; also, to comply with the legal information requirements, if applicable.

Safety

Austral protects personal data collected from its internal and external clients, electronic and operational security measures are taken to guarantee the confidentiality of the data processed in order to protect the information from modifications, losses and the treatment or access of unauthorized users, who may threaten the integrity and privacy of the information.

Access to the data is limited only to authorized workers who need said information to carry out its monitoring and analysis. In addition, the management of personal data will not be communicated or transferred to any third party, except those with whom a service contract has been established and will make exclusive use of the information aligned to the purpose for which they were collected.

Final Considerations

In the case the personal data owner has doubts about this Policy content and / or the way in which the organization is carrying out the data it keeps, they may approach to the Human Resources Office who will absolve all the queries on the subject.

Austral through this document declares to make use of the personal data collected for the exclusive use of the contractual relationships it maintains with its internal and / or external clients; In that sense, you may not assign or transfer them to any third party for different purposes, unless it is expressly authorized by the owner.

The filling and signing of these forms represent the owner express consent for the collection of their personal data and for their treatment for specific purposes for which they were collected.