Privacy Policy

Nextmol (Bytelab Solutions SL) respects current legislation on the protection of personal data, the privacy of users and the secrecy and security of personal data. All the data of our clients will be treated in accordance with the principles of legality, loyalty and transparency, limitation of the purpose and term of conservation, minimization of data, accuracy, integrity and confidentiality, among others, as well as respecting the rest of the obligations and guarantees established in Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, adopting the necessary technical and organizational measures to prevent the loss, misuse, alteration, unauthorized access and theft of the personal data provided, taking into account the state of the technology, the nature of the data and the risks to which they are exposed.

BASIC INFORMATION ON DATA PROTECTION Responsible for data processing: Bytelab Solutions, S.L., Calle Mallorca 1, 08014 Barcelona Purpose of data processing: Answer queries and provide information requested by interested parties. Execution of contractual orders and maintenance and management of the commercial relationship with clients. Legitimation of data processing: Execution of contracts. Consent of the interested parties. Compliance with legal obligations. Recipients of assignments or transfers of data: The data is not transferred or shared with third parties without the prior consent of the interested parties. It is possible that some of our digital storage service providers have their servers hosted outside the European Union and therefore the data is stored outside the European Union. Rights of interested persons: Interested parties have the right to access, rectify, cancel or delete the data, as well as limit or oppose its treatment and request its portability as explained in the additional information. Additional Information: You can consult the additional and detailed information on Data Protection on our website: www.nextmol.com in the “Privacy Policy” section.

ADDITIONAL INFORMATION ON DATA PROTECTION (PRIVACY POLICY)

1. RESPONSIBLE FOR THE TREATMENT

Who is the person in charge of processing your data? The person responsible for processing your data is: Bytelab Solutions, S.L. (B67405589) Postal address: Calle Mallorca 1, 08014 Barcelona Email: info@nextmol.com

2. PERSONAL DATA

What is personal data and what data do we process? Personal data consists of information that identifies or allows the identification of individual persons such as name, postal address, email address or telephone number, etc.

The personal data that you provide us are your basic identification data and your contact data, that is, name and surname, email address, postal address and telephone number. Additionally, you may also provide us with your bank details so that we can invoice you for our products and services.

3. PURPOSE OF TREATMENT

For what purpose do we process your data? The purposes for which we will treat your data and the information you provide us are: – Answer queries and requests for information. – Prepare an individualized service proposal that is appropriate to your needs. – Carry out the correct execution of the contract and the contracted works. – Invoice the contracted services and products. – Maintain the business relationship with customers or potential customers. – Periodically send commercial information through our newsletters. – Improve our services.

If you do not provide us with your identification, contact or bank details, it would not be possible for us to present our services to you.

We do not use your data for profiling or to make automated decisions.

How long do we keep your data? In compliance with the principle of limitation of the retention period, the data collected will be processed solely and exclusively for the time necessary and for the purposes for which they have been collected at all times.

Therefore, the personal data that you provide us will be kept for the duration of the commercial relationship, for the time necessary to comply with legal obligations or until you request its deletion.

We undertake to delete your data from our databases once the retention period indicated above has elapsed and to instruct the companies in charge of treatment whose services we use to eliminate all the information about you that they may have from their databases.

LEGITIMATION What is the legitimacy for the treatment of your data? The legal basis for the treatment of your data and the personal information that you give us is the fulfillment of the contract or, alternatively, your consent.

RECIPIENTS To which recipients will your data be communicated? It is possible that we communicate your data to collaborating companies whose services are essential for the correct execution of the order or contract. We will not share your data with third parties without your prior consent. We also do not carry out international data transfers nor will we transfer your data to third parties, except under legal obligation. However, it is possible that some of our digital storage service providers have their servers hosted outside the European Union and therefore your data may be stored outside the European Union.

RIGHTS What are your rights when you provide us with your data?

I. ACCESS, RECTIFY, DELETE: All interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which they were collected.

II. LIMIT THE PROCESSING: In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.

According to current regulations, you can request the limitation of your data when: a) You have exercised the rights of rectification or opposition and we are in the process of attending to your request. b) The treatment is illegal, which would determine the deletion of the data, but you oppose it. c) The data is no longer necessary for the treatment and must be deleted, but you need it to formulate the exercise or defense of claims.

III. OPPOSE TO THE PROCESSING: The interested parties may oppose the processing of their data in which case we will stop processing their data, except for compelling legitimate reasons or the defense of possible claims.

IV. PORTABILITY: Likewise, the interested parties have the right to request portability of the data they have provided us to transfer them to another data controller. In this case, the data will be transmitted to another person in charge or to the interested party in a structured format, of common use and mechanical reading.

V. WITHDRAW CONSENT: All interested parties who have given consent for a specific purpose have the right to withdraw this consent at any time.

You can exercise all your rights by sending an email to: info@nextmol.com. Or if you prefer by mail to the address: Bytelab Solutions SL, Calle Mallorca 1, 08014 Barcelona Always indicating your name and surname(s), the right you request to exercise, the reason for the request and attaching a copy of your identity document. Within a month after receiving the request to exercise your rights, we will inform you about the actions we have carried out as a result of your request. In the case of particularly complex requests, we will contact you within a maximum period of two months.

In any case, if you are not satisfied with our response, you can file a claim with the competent Data Protection Control Authority:

Spanish Data Protection Agency Address: Calle Jorge Juan, 6, 28001 Madrid Telephone: +34 901 100 099 / +34 91 266 35 17 Website: www.agpd.es