I. PRIVACY

A. COOKIES POLICY

1. Definition of “cookie(s)” A cookie is a small piece of information that a website places on your PC, phone, or any other device, containing information about your browsing on that site. Cookies are necessary to facilitate browsing, make it more user-friendly, and allow the website that sent it to remember you.

2. Use of Cookies on the Website The main purpose of the cookies we use is to understand how you interact with the Website and to improve your browsing experience. For example, by remembering your preferences (language, country, etc.) during browsing and on future visits. The information collected in cookies also allows us to improve the website by estimating usage numbers and patterns, adapting the website to users' individual interests, speeding up searches, etc. Occasionally, if we have obtained your prior informed consent, we may use cookies, tags, or other similar devices to obtain information that allows us to show you advertising based on the analysis of your browsing habits, whether on our website, third-party websites, or through other means.

The information stored in the Website's cookies is used exclusively by us, with the exception of those identified below as "third-party cookies," which are used and managed by external entities to provide us with services we have requested to improve our services and the user experience when browsing our website. The main services for which these "third-party cookies" are used are obtaining access statistics and ensuring the processing of payments.

3. Preventing or Disabling the Use of Cookies on the Website. If you wish to prevent the use of cookies on the Website, taking into account the above, you must: (i) disable the use of cookies in your browser; and (ii) delete the cookies stored in your browser associated with the Website. You can do this at any time.

If you wish to restrict, block, or delete cookies from the Website, you can do so at any time by modifying your browser settings. While each browser is different, generally, to configure cookies, you should select the "Settings," "Preferences," or "Tools" menu. For more details on configuring cookies in your browser, consult its "Help" menu.

4. Cookies used on the Website. The Cookies used by the Website are as follows:

1. Session identification. Identifies the user's HTTP session. This is common in all web applications to identify requests from a user within a session.

2. Acceptance of the use of cookies. Identifies whether the user has accepted the use of cookies on the website.

3. Google Analytics (third-party cookie). These cookies allow us to track website usage through Google Analytics, a service provided by Google to obtain information about user access to websites. Some of the data saved for later analysis includes: the number of times a user visits the website, the dates of the user's first and last visits, the duration of visits, the page from which the user accessed the website, the search engine the user used to reach the website or the link they clicked, the user's location, etc. The configuration of these cookies is predetermined by the service offered by Google, so we suggest you consult the Google Analytics privacy page, http://www.google.com/intl/es/analytics/privacyoverview.html, for more information about the cookies it uses and how to disable them (with the understanding that we are not responsible for the content or accuracy of third-party websites).

B. PRIVACY NOTICE

MOTTA INTERNACIONAL, SA, is committed to the legal, lawful, legitimate, and secure processing of personal data contained in its information systems. As the data controller, it informs you that the personal data of clients, contractors, suppliers, employees, and third parties is processed in accordance with the Personal Data Processing Policy, the content of which is available on the Website. Therefore, the information provided is processed for the purposes and within the scope set forth in the aforementioned policy, which outlines your rights as the data subject to access, update, or correct your data, as well as other rights provided for in current regulations. These rights can be exercised by contacting us via email. contactenos@attenza.net.

C. AUTHORIZATION FOR THE PROCESSING OF PERSONAL DATA

I have been informed by MOTTA INTERNACIONAL, SA (Data Controller) of the following:

i. The data provided to the Data Controller will be processed for the following purposes: Sending or using the information for contractual, customer service, marketing (such as consumption analysis, brand traceability, among others), and commercial purposes (such as benefits, promotions, discounts, current campaigns, promotional events, written materials, images, data messages, partner brands, and programs of the company's own brands or those of its partners, among others); updating data and providing relevant information; consultation to answer inquiries about products and services offered; conducting studies for statistical purposes and customer knowledge; and providing information to inform data subjects about news, products, services, and special offers, and for the development of activities related to telephone customer service, collections, or other similar activities. The Data Controller may transfer or transmit the data or information, in whole or in part, to its subsidiaries, businesses, affiliated companies and/or entities, and strategic or commercial partners, whether or not they operate in another jurisdiction, for the purposes mentioned in this section.

ii. Answering questions about sensitive data or data concerning minors is optional;

iii. As the data subject and/or representative of the minor, I have the rights to access, rectify, cancel or oppose the use of my information; and/or revoke the authorization granted;

iv. If my request is not resolved directly, and subsidiarily, I have the right to file complaints with the competent authority;

v. I can exercise my rights and obligations by strictly adhering to ATTENZA's Privacy Policy, Information Processing and Personal Data Policy, available at www.attenza.net and by contacting us at the email address contactenos@attenza.net. See Privacy Policy, Information Processing and Personal Data Policy.

I declare that the provision of third-party data was done with their unequivocal and express authorization.

D. PRIVACY POLICY, PROCESSING OF INFORMATION AND PERSONAL DATA

1. GENERAL

MOTTA INTERNACIONAL, SA, domiciled in Panama, with email address contactenos@attenza.net, informs the Holders of Personal Data that are processed by the company of this Processing Policy in compliance with: (i) Law 1266 of 2008, Law 1581 of 2012 and Decree 1377 of 2013, in Colombia; (ii) Law No. 81 of March 26, 2019, in Panama; and (iii) Law No. 787 of March 29, 2012 in Nicaragua, collectively, the “Applicable Legislations”).

2. SCOPE OF APPLICATION

The policies and procedures contained in this document will be applicable at all times and during the performance of all activities involving the collection, storage, use, circulation and transfer of personal information or data, recorded in any database that makes them susceptible to processing by MOTTA INTERNACIONAL, SA

This document is mandatory and must be strictly complied with by MOTTA INTERNACIONAL, SA, as the data controller, and may be consulted by any of the Data Subjects by physical or electronic means.

Both the data controller and those in charge must safeguard the security of databases containing personal data and maintain confidentiality regarding said data.

3. DEFINITIONS

In accordance with current regulations and for the purpose of facilitating the understanding of this document, the following definitions will apply:

1. Authorization: Prior, express and informed consent of the Holder to carry out the processing of personal data.

2. Privacy Notice: Electronic document or in any other format, generated by the Responsible Party that is made available to the Data Subject for the processing of their personal data.

3. Database: Set of personal data that is processed by the Controller;

4. Personal Data: Any information linked to one or more specific or identifiable persons.

5. Public Data: Data relating to a person's marital status, profession, occupation, and status as a merchant or public servant. By their nature, Public Data may be contained in, among other sources, public registries, public documents, official gazettes and bulletins, and duly executed judicial judgments that are not subject to confidentiality.

6. Sensitive Data: All information that may affect the privacy of the Holder or whose use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical beliefs, membership in trade unions, social or human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data relating to health, sex life and biometric data.

7. Data Processor: Natural or legal person, who alone or in association with others, carries out the processing of personal data on behalf of the Data Controller.

8. Data Controller: Natural or legal person, public or private, who alone or jointly with others, decides on the database and the processing of data, i.e., MOTTA INTERNACIONAL, SA

9. Data Subject: Natural or legal person, public or private, who is the owner of the information or personal data that are included in the Data Controller's Database;

10. Processing: Any operation or set of operations performed on Personal Data, such as collection, storage, use, circulation or deletion.

11. Transfer: Data transfer takes place when the controller and/or processor of Personal Data sends the information or Personal Data to a recipient, who in turn is a Controller and is located inside or outside the country.

12. Transmission: Processing of Personal Data that involves the communication of the same within or outside the territory, when its purpose is the performance of a Processing by the Processor on behalf of the Controller.

4. RIGHTS OF PERSONAL DATA SUBJECTS

In accordance with applicable laws, data subjects have the following rights:

1. To know, update and rectify your Personal Data held by MOTTA INTERNACIONAL, SA, in its capacity as Data Controller. This right may be exercised with respect to data that is partial, inaccurate, incomplete, fragmented, misleading, or whose processing is expressly prohibited or has not been authorized.

2. Request proof of the authorization granted to MOTTA INTERNACIONAL, SA or the local affiliated company, in its capacity as Data Controller, except when expressly exempted as a requirement for the Processing, in accordance with the Applicable Laws.

3. To be informed by MOTTA INTERNACIONAL, SA, regarding the use that has been made of your personal data if you expressly request it.

4. Revoke authorization and/or request the deletion of data when the processing does not respect constitutional and legal principles, rights, and guarantees. Revocation and/or deletion will proceed when the competent authority has determined that the controller or processor has engaged in conduct contrary to applicable laws.

5. Access your personal data held in the databases of MOTTA INTERNACIONAL, SA free of charge

6. To be informed of substantial changes made to this Information Processing Policy, such as, but not limited to: changes in the identification of the Data Controller and in the purpose of the processing of personal data of MOTTA INTERNACIONAL, SA's clients, suppliers and employees

7. Receive a new request for authorization for the Processing of Information when MOTTA INTERNACIONAL, SA makes changes to the Privacy Policy that modify the purpose of the Processing of Information.

Handling requests to the Privacy Officer (updates, corrections, deletion of Information and revocation of authorization), inquiries and complaints in relation to the Processing of Information.

5. PURPOSE OF THE PROCESSING

1. To achieve efficient communication related to our products, services, offers, promotions, alliances, contests, content and other activities and thus facilitate general access to information about them.

2. Evaluate the quality of our products and services through satisfaction surveys and conduct studies on consumption habits, preference, purchase interest, product testing, concept, service evaluation, satisfaction and others related to our services.

3. To carry out marketing, promotion, advertising, billing, collection, service improvement, consultation, verification, control, enabling of payment methods, fraud prevention, as well as any other activity related to our current and future services and offers for the fulfillment of contractual obligations and our corporate purpose, through any means directly.

4. Control and prevent fraud in all its forms.

5. Perform basic administrative management tasks.

Subject to obtaining your consent, we may contact you by email, text message (SMS, MMS), direct mail, or by telephone.

If you prefer not to receive communications through any or all of these channels, you can inform us at any time by contactenos@attenza.net and request to stop receiving such communications.

6. RESPONSIBLE FOR THE EXERCISE OF THE RIGHTS OF THE DATA SUBJECTS

For the processing of requests, complaints, claims and requests for modifications made by the Data Subjects in the exercise of the rights established herein, the Data Subjects or those who exercise their representation may contact the responsible party of MOTTA INTERNACIONAL, SA, from Monday to Friday from 8:00 am to 5:00 pm, at the email address contactenos@attenza.net.

7. PROCEDURE FOR EXERCISING THE RIGHTS TO KNOW, UPDATE, RECTIFY AND DELETE INFORMATION AND REVOKE AUTHORIZATION

The Data Subject or any of the persons authorized in accordance with the provisions of this Policy, who consider that the information contained in the databases of MOTTA INTERNACIONAL, SA should be corrected, updated or deleted, or when they notice the alleged non-compliance with the Applicable Laws or any rule that complements or modifies it, may file a claim with MOTTA INTERNACIONAL, SA, which will be processed in accordance with the following rules:

1. Claims must be submitted in writing to the email address contactenos@attenza.net.

2. If the claim is incomplete, MOTTA INTERNACIONAL, SA will request the interested party to correct the deficiencies within five (5) days of receiving the claim. If the applicant fails to submit the required information within two (2) months of the date of the request, it will be understood that they have withdrawn the claim.

3. The maximum time to address the claim will be fifteen (15) business days, counted from the day following the date of its receipt. If it is not possible to address the claim within this period, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first period.

8. DATA DELETION

The data subject has the right, at any time, to request MOTTA INTERNACIONAL, SA to delete their personal data when:

• Consider that they are not being treated in accordance with the principles, duties and obligations provided for in the Applicable Legislation.

• They are no longer necessary or relevant for the purpose for which they were collected.

• The period necessary for fulfilling the purposes for which they were collected has been exceeded.

This deletion implies the complete removal of personal information in accordance with the request of the data subject from the records, files or databases of MOTTA INTERNACIONAL, SA

The right to erasure is not absolute and the Controller may deny its exercise when the Data Subject has a legal or contractual duty to remain in the database of MOTTA INTERNACIONAL, SA

9. REVOCATION OF AUTHORIZATION

The Data Subject may revoke consent to the Processing of his or her personal data at any time, provided that it is not prevented by a legal provision.

10. INTERNATIONAL TRANSFER OF PERSONAL DATA

When data is sent or transferred to another country, authorization from the data subject is required. Therefore, before sending personal data to another country, those obligated to comply with this policy must verify that they have the prior, express, and unequivocal authorization of the data subject to transmit their personal data.

By sharing your personal data with MOTTA INTERNACIONAL, SA, you authorize its transfer to another country when necessary. This transfer of personal data is only made to third parties with whom MOTTA INTERNACIONAL, SA has a contractual, commercial, and/or legal relationship, so that they can assist us with functions related to product promotion, payment collection, product shipments, or the outsourcing of our customer service systems. We may also exchange information with third parties for fraud protection and credit risk reduction purposes.

MOTTA INTERNACIONAL, SA may also transfer data to other Data Controllers when authorized by law or by an administrative or judicial mandate.

11. VIDEO SURVEILLANCE

MOTTA INTERNACIONAL, SA uses various video surveillance systems installed at different internal and external locations of its facilities and offices. Therefore, it informs the general public about the existence of these systems by posting video surveillance notices in visible locations.

The information collected through this mechanism is used for security purposes, improvement of our service and experience at MOTTA INTERNACIONAL, SA facilities, as well as evidence in any type of process before any type of authority or organization.

MOTTA INTERNACIONAL, SA does not deliver video recordings obtained to any third party, unless there is a court order or order from a competent authority or as permitted by law.

12. INFORMATION SECURITY
In accordance with the principle of security, MOTTA INTERNACIONAL, SA has adopted reasonable technical, administrative, and human measures to protect the information of Data Subjects and prevent alteration, loss, unauthorized or fraudulent access, use, or disclosure. Access to personal data is restricted to Data Subjects, and MOTTA INTERNACIONAL, SA will not permit access to this information by third parties under conditions other than those stated, except upon the express request of the Data Subject or persons authorized under national regulations.

Notwithstanding the foregoing, MOTTA INTERNACIONAL, SA shall not be liable for any action intended to infringe the security measures established for the protection of Personal Data.

13. POLICY CHANGES

MOTTA INTERNACIONAL, SA may modify this Policy at any time and will always publish the updated version in all its commercial establishments.

14. POLICY VALIDITY

This Policy takes effect upon acceptance of its Terms and Conditions. As a general rule, authorizations for the use of personal data are valid for the duration of the business relationship or service agreement and for the duration of the company's business activities.