SeaCorridor Compliance

The Code of Ethics brings together the set of values that the Company recognises, accepts and shares and the responsibilities it assumes towards the inside and outside of its organisation.

Integrity, respect for and protection of Human Rights, transparency, promotion of development, operational excellence, team work and collaboration, and innovation are the values that tell who we are, what we believe in, values that guide our actions, characterise our commitment and direct our behaviour and that of those who interact with us.

The observance of the Code of Ethics by SeaCorridor's directors, auditors, management and employees, as well as by any third party cooperating or working in the name of or on behalf of or in the interest of SeaCorridor, each within the scope of his or her duties and responsibilities, is of paramount importance to SeaCorridor's efficiency, reliability and reputation.

Legislative Decree No. 231 of 8 June 2001 introduced the regulation of the Administrative Liability of Companies under which they can be held liable, and consequently penalised, for certain offences committed or attempted in the interest or to the advantage of the company by its directors or employees. The company's liability is excluded if it has adopted and effectively implemented, prior to the commission of offences, organisational, management and control models suitable for preventing such offences ('Model 231') and has established a body responsible for supervising the operation of and compliance with the models ('Supervisory Body').

SeaCorridor has adopted its own Model 231, of which the Code of Ethics is a general principle that cannot be derogated, and provides for its constant updating.

The principles and contents of Model 231 are addressed to the members of the corporate bodies, management and employees of the Company (if any), as well as to all collaborators, consultants, partners, suppliers and counterparties in Italy and abroad and, in general, to all third parties acting on behalf of the Company.

The principles and contents of Legislative Decree No. 231 of 2001 and Model 231 are disseminated through training courses addressed to SeaCorridor personnel.

The Supervisory Board is collegial and consists of three external members and has a term of office of three years.

Component	Qualification
Lawyer Daniele Melegari	External component (Chairman)
Lawyer Roberto Di Mario	External component
Dr. Riccardo Amatucci	External component

The Company's Supervisory Board defines and carries out the activities for which it is responsible and is endowed, pursuant to Article 6(1)(b) of Legislative Decree No. 231 of 2001, with 'autonomous powers of initiative and control'. The Supervisory Board regulates its own functioning by means of specific regulations.

The Supervisory Board also acts as Guarantor of the Code of Ethics with the task of promoting its implementation, dissemination and knowledge. The Guarantor also has the task of examining reports of possible violations of the Code of Ethics, promoting the most appropriate checks.

SeaCorridor has adopted a Guideline for the reporting, including anonymously, of alleged irregularities, implementing specific communication channels for their receipt. Personnel and third parties may make written or oral reports of violations of which the whistleblower has become aware in the work context.

SeaCorridor ensures the receipt and analysis of each report by applying criteria of utmost confidentiality suitable, inter alia, to protect the honourability of the persons reported and the effectiveness of the investigations, consistent with the legal provisions on whistleblowing.

Anyone who receives a report outside the prescribed channels shall promptly forward it through the prescribed communication channels.

Communication channels provided:

• Email: whistleblowing@sea-corridor.com
• Voice mailbox (also accessible from abroad): +39 06 5982 4299
• Meeting face to face with the Internal Audit Function

SeaCorridor has adopted the Privacy and Data Protection Guidelines, a document describing the general principles to be observed for the correct application of personal data protection regulations and the rules aimed at ensuring, within the company organisation, the correct management of activities related to the processing of personal data.

The Privacy and Data Protection Guideline defines the fulfilments and specifies the actions to be taken in compliance with both national and European legislation with regard to the processing and protection of personal data, so that the processing of personal data is carried out with respect for the fundamental rights and freedoms of natural persons and, in particular, for the right to protection of personal data.

In particular, the Privacy and Data Protection Guideline identifies a 'data protection' management system based on the subdivision of roles and responsibilities, as well as of the related tasks and powers, at corporate level, among the persons involved in personal data processing operations, in order to ensure, in compliance with the timeframes indicated by the GDPR, compliance with legal obligations.

In addition, the Privacy and Data Protection Guideline provides for specific procedures aimed at implementing, within the company organisation, the various obligations provided for by the legislation on the protection of personal data, including a special procedure for handling any breaches of personal data (so-called 'data breach').

The Guideline applies to SeaCorridor and its subsidiaries and is also brought to the attention of other investee companies in order to promote principles and behaviour consistent with those expressed by SeaCorridor.