This Privacy Policy contains the information that regulates the processing of personal data of users (hereinafter referred to as the "User") who access and use the following sites, owned by Milor S.p.A., or by companies controlled by it, in particular: 

www.bronzallure.it
www.bronzallure.com
www.bronzallure.eu
www.etruscagioielli.com
www.albertm.it 
www.duomilor.it
www.milor.com
www.galleria-milano.com
www.elledilinda.com

each individually identified as "the Site") for its consultation and for the purchase of the products for sale. ("Products").

Milor S.p.A. ("The Owner") is registered in the Company Register of the Milan Chamber of Commerce, C.F. / VAT No. 04362490155; the registered office is in Via dei Gracchi, 35 20146 Milan, email: privacy@milor.com.

This Privacy Policy is to be considered an integral and substantial part of the Terms of Use of each site and of the cookies policy.

The information contained in the Privacy Policy is extended in accordance with Article 13 of Legislative Decree 30 June 2003 n. 196 and subsequent. mod. - (the "Privacy Code") and in Article 13 of EU Regulation 2016/679 ("GDPR") to all Users who access and use the Site and/or purchase Products on the Site. This Policy only refers to the use of the Site and to any other third-party site, although referred to in any way within the Site.

Any modification will take effect immediately and will apply only to Users who use the Site after the date of such modification. Consequently, we invite you to refer to it every time you visit our site to get acquainted with its latest version available on the site.

 

Version of May 10, 2018

The data entered by the User when registering on the Site or in the Site newsletter and when placing each order, will be used for purposes strictly related to the purpose indicated at the time of data collection and/or for the purposes indicated in this Privacy Policy. More precisely for sending the newsletter and/or for carrying out the order request and all the services connected to it, such as for example payment and delivery. 

The User's personal data may also be used by the Data Controller and by third parties authorized by it to fulfill any accounting and tax obligations relating to the purchase of the Products and to complete all the activities strictly connected and preparatory to the management of Site relations -Customer. 

 In particular: carry out operations relating to our commercial relationship, i.e. concerning your registration for the Services (in particular verifying the veracity of your e-mail), Orders, deliveries, invoices, accounting, follow-up of the "customer relationship ” with a Member, and carrying out satisfaction surveys, managing complaints and after-sales service, refunds, specific commercial gestures, returning Orders, exercising your right of withdrawal, managing outstanding receivables and disputes .

In the event that the User has given consent, such personal data could be used for other purposes related to the sale of products on the Site: 
1. sending promotions, offers and suggestions on the Products for sale;
2. verification of User satisfaction;
3. sending of promotional and/or advertising information relating to other activities of the Site and its Partners;
4. carry out market surveys and post-sales analyses. 
5. offer you commercial offers close to your geographical location, particularly in the context of offers that could include the "Collection in store" service;
6. the management of your comments on the Site and/or on the internet pages published by us and hosted on the websites of our Social Networks.

All User data collected will be processed exclusively and with due expertise by subjects specifically appointed to perform this task and specially trained in the matter. The purposes of the processing are those for which the data were collected, mainly with electronic and IT tools.

The data will be stored on computer and paper media, as well as on any other media deemed suitable and compliant with the security measures imposed by the applicable regulations. The data is stored in such a way as to make it possible to identify the User in the minimum time necessary to achieve the objectives for which they were collected and then processed and, in any case, always in compliance with the provisions of the law. 

Any damage caused by causes not directly attributable to the Data Controller such as inaccessibility of the Site, or viruses, damaged files, interruption of internet or telephone connections, or other causes similar to the cases listed above are not attributable to the Data Controller.

In addition, the User is required to diligently and responsibly store all personal information strictly connected to the Site, such as, for example, Site access credentials, any order and shipping codes or other data. Any subtraction or improper use of this data, and the consequences deriving from these events are the complete responsibility of the User.

The personal data requested by the Data Controller while browsing the Site may be mandatory or optional. Failure by the User to provide the mandatory data will result in failure to fulfill the purpose for which they were requested. The compilation of optional data, on the other hand, is entirely subject to the discretion of the User who can choose whether to provide them or not. In this case, the refusal does not entail any consequences in the execution of the purposes indicated at the time of the request. 

The User is also responsible for the constant updating of such data, in order to allow the Owner to perform all the services effectively and efficiently without incurring delays, errors or additional charges deriving from the failure to update such data. 

In particular, the Data Controller collects the Data that you voluntarily declare starting from a collection form on the Site, including socio-professional information (for example, your profile, your surname, traditional name, first names, gender, date of birth , sponsor and/or delivery address, profession).

When placing an Order, our bank lenders also collect and process Personal Data relating to your means of payment (credit card number, date and end of validity of the credit card, visual cryptogram - since it will not be stored, etc. ). For our part, we may process the partial number of your credit card consisting of the first six (6) numbers and the last four (4) numbers and the expiry date of your credit card as transmitted to us by your bank. Therefore, this payment identifier does not allow you to carry out bank transactions.

 We also collect information relating to the transaction made (transaction number, purchase details, etc.), or relating to the payment of invoices issued from or through the Site (payment methods, discounts granted, receipts, balances and non-payments, or relating to the credits subscribed, the amount and duration, etc.). 

 The Data Controller processes the Data relating to the control of the commercial relationship with you: product and/or service purchased, quantity, amount, frequency, delivery and/or billing address(es), telephone number, security code, and any other information pertinent on the delivery (control number, location of the shipment, etc.) history of purchases and provision of services, return of products, correspondence and/or telephone exchanges between you and our after-sales service, etc.

The communication of the User's personal data to third parties is subject to compliance with the legal limits imposed and with the purposes declared and set out in point 1. The third parties involved fall into the following categories:

1. those responsible for warehouse services, packaging, shipping, delivery and return of the products;
2. the subjects appointed by the Data Controller to manage the administrative, contractual, accounting and legal activities of the Site;
3. credit institutions, insurance companies and the company/companies in charge of managing payments, including electronic ones;
4. the persons in charge of managing and maintaining the Site and all its functions;
5. any other subjects to whom the Data Controller has given the possibility of accessing the data, always in compliance with the provisions of the law or regulations.
6. affiliates, related companies, and offices associated with our Company, 

 Lastly, the User's personal data may be used for competitions and/or participation in prizes, for the sending of advertising and promotional material concerning the Site and the Owner's Partners, only with the prior explicit and voluntary consent expressed by the User .

In cases where the processing of data requires the explicit and voluntary consent of the User, it will be collected in a specific way with explanation of the individual purposes pursued. It is specified that Article 6 of the GDPR provides for cases in which the processing of data does not require the express authorization of the User, such as for example for the fulfillment of legal or contractual obligations assumed towards the User.

The User has the right to request confirmation of the existence of personal data concerning him at any time, pursuant to articles 12 and following of the GDPR.

In particular in accordance with the Personal Data Regulation, you benefit from the following Specific Rights of:

access (Article 15 of the GDPR), 
b. rectification (Article 16 of the GDPR), 
c. cancellation (Article 17 of the GDPR), 
d. restriction of processing (article 18 of the GDPR) 
And. transferability (Article 20 of the GDPR) 
f. opposition (Articles 21 and 22 of the GDPR) 
g. post-mortem directives (Law n. 78-17 of 6 January 1978 relating to information technology, files and freedoms);

You have the possibility of obtaining from the Data Controller confirmation that the data concerning you are or are not being processed and, if they are, access to such data and the following information:

1. the purposes of the processing;
2. the categories of data;
3. the recipients or categories of recipients to whom the data are or will be communicated;
4. when possible, the expected data retention duration or, when it is not possible, the criteria used to determine duration dates;
5. the existence of the right to ask the Data Controller to rectify or delete data, or to limit the processing of your data, or the right to oppose such processing;
6. when the data is not collected from you, any information available as to its source;
7. when data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate guarantees relating to this transfer.

You have the possibility to obtain from the Data Controller, as soon as possible, the rectification of data concerning you which are inaccurate. You also have the option to ask for incomplete data to be completed, even if you need to provide a supplementary declaration.

You have the possibility to obtain from the Data Controller the cancellation, as soon as possible, of data concerning you when for one of the following reasons:

to. the data are no longer necessary in light of the purposes for which they were collected or otherwise processed by the Data Controller,
b. you have withdrawn your consent to the processing of this data and there is no other legal basis for the processing;
c. exercise your right to object under the conditions set out below
d. there is no overriding legitimate reason for the processing;
And. the data have been subject to unlawful processing;
f. the data must be deleted to comply with a legal obligation;
g. the data was provided by a child.

You have the possibility to obtain from the Data Controller the limitation of the processing of your data in application of one of the following reasons:

to. the Data Controller verifies the accuracy of the data following your dispute as to the accuracy of the data.
b. the processing is unlawful and you oppose the deletion of the data by requesting the limitation of their use in its place;
c. the Data Controller no longer needs the data for the purposes of their processing but they are still necessary for the establishment, exercise and/or defense of rights in justice;
d. you have objected to the processing in the conditions set out below and the Data Controller checks to find out whether the legitimate reasons pursued prevail over the reasons given.

You have the option of receiving data concerning you from the Data Controller in a structured format, currently used and machine-readable when:

1. Data processing is based on consent and/or a contract, e
2. The treatment is carried out with the help of automated procedures.

When you exercise your right to portability, you have the right to have the data transmitted directly by the Data Controller to a data controller that you can designate when technically possible.

You have the right to object at any time, for reasons that pertain to your particular situation, to a processing of data concerning you based on the legitimate interest of the Controller, in which case he will no longer process the data, unless he demonstrates that there are legitimate reasons and compelling reasons for the processing which prevail over your interests and your rights and freedoms, or may retain them for the purpose of establishing, exercising or defending legal claims.

When the data is processed for prospecting purposes, you can object to the processing of this data at any time.

Finally, the User has the right to oppose, in whole or in part for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection as well as the processing of personal data concerning him for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication.

To exercise the rights, the User can contact the following addresses: Tony S.r.l. - Via Carducci 32, 2012 Milan - email: privacy@milor.it 

The owner of the processing of personal data of Users who use the Site is Milor S.p.A. - Via dei Gracchi 35, 20146  Milan. To exercise their rights and for any further information regarding data processing, the User can contact the Data Controller at the following addresses: Milor S.p.A. - Via dei Gracchi 35, 20146 Milan - email: privacy@milor.it.

Your Personal Data is kept on an active basis for a period of three (3) years starting from your last activity on the Site or on an electronic communication medium (especially an e-mail message) or, after this period, your profile is considered "inactive" and will automatically be deactivated. It is therefore up to you to create a new one for any new Orders.

Your Personal Data in connection with an Order is kept for a period of three (3) years starting from an Order. They remain accessible to you and to us, particularly after the creation of your account to enable you and us to have a complete history of your Orders. We can delete them at any time upon your simple request.

However, at the end of the aforementioned periods, and where appropriate, following your request for deletion, your Personal Data may be subject to intermediate archiving to meet our legal, accounting and tax obligations.

The site is present on social networks. For more information on the protection of your data while browsing these social networks, we invite you to consult their respective privacy policies.

To allow us to proceed with an easier registration or connection to our Site, you may be able to authenticate yourself on our Site via a Social network. Simply click on the dedicated button in order to automatically pre-fill your registration form on the Site based on the information you have already provided to the Social Network. For our part and as a recipient, we may collect information when you browse the pages of our social networks or use their authentication features.

A "cookie" is a connection marker that designates a text file that can be recorded, according to your choices, in a dedicated space on the hard disk of your Terminal, when consulting the Site. A cookie file allows anyone who issues to identify the Terminal in which it is registered, for the duration of validity or registration of the cookie, for which it must be considered as a Personal Data.

When you connect to our Site, we may be prompted, based on your choices, to install various Cookies on your Terminal which allow the navigator of your Terminal to be recognized during the period of validity of the Cookie in question.

No personal data of users is acquired by the Site for this purpose. Cookies are not used to transmit information of a personal nature, nor are so-called cookies used. persistent cookies of any kind, or systems for tracking users.

The use of c.d. session cookies (which are not stored permanently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe exploration and site efficiency. The so-called Session cookies used on this site avoid the use of other IT techniques potentially prejudicial to the confidentiality of users' browsing and do not allow the acquisition of personal identification data of the user.

The Code of Ethics represents the Identity Card of an organization; it expresses the guidelines of conduct that must inspire the behavior of its members and is the main means of disseminating the culture of ethics within the company. The diffusion of the Code of Ethics has increased over the last few years, also by virtue of specific legal provisions which, especially at an international level, have led companies and other organizations to adopt it.

As a result of the globalization of markets, the concrete need to introduce and make explicit rules of an ethical and social nature in the economic models is increasingly felt worldwide, which allow profit objectives and value creation to coexist with compliance with requests and interests of the subjects involved in the business activity, not only in national and international relations but also in the corporate spheres (you want because the expectations and interests, albeit legitimate, of the various subjects involved - Shareholders, Collaborators, Suppliers, Customers, Business Partners etc. – may be in conflict with each other, partly because in some cases there is a risk that actual behavior does not correspond at all to the proclaimed principles).

In the Italian panorama, the importance of adopting an instrument such as the Code of Ethics is emphasized, among other things, by the provision of a specific liability of entities as a result of the commission of crimes pursuant to Legislative Decree 8 June 2001 n. 231.
In this context, the companies belonging to the Milor group (the "Group") have always been committed to applying rigorous principles observed in the performance of the various activities and have always been characterized by the seriousness, reliability and professionalism of the work of their Management , of its Employees and Collaborators, so as to acquire over the years a consolidated reputation also appreciated at an international level.

In order to pursue continuous improvement objectives, Milor has deemed it appropriate to adopt and issue this Code of Ethics of conduct which explains the corporate principles and values ​​it has pursued over the years, highlighting rules of conduct whose observance - by all those who, in any capacity, they operate in the name and on behalf of the companies of the Group – it is essential to maintain and improve the regular functioning, the reliability of the company processes and the image of the Group itself.

The operations and behavior of all recipients of this Code of Ethics must refer to these principles and rules, both in internal professional relations and in relations with subjects external to the Group.

The Group recognizes the importance of ethical and social responsibility in the conduct of business and corporate activities and undertakes to respect the legitimate interests of Shareholders, Directors, Employees, Collaborators, Customers, Suppliers and Business Partners.

The companies of the Group therefore undertake to:

－ maintain consistency with the policies always adopted in terms of correctness, transparency, trust and cooperation in business conduct;
－ maintain an active role in the market, economic development and technological progress of the sectors in which it operates;
－ pursuing a solid and sustainable value from an economic, financial and social point of view, built on the trust of Customers, on the motivation of Collaborators and on a responsible and constructive relationship with the territory;
－continuously improve the quality of the products and services offered to the Customer, increase the satisfaction of the latter through effective and fair competition on the market, in full and absolute compliance with the law and regulations in force in the countries in which it operates;
－ raise Suppliers' awareness and involve them in a pro-active role, especially as regards compliance with laws and regulations in the supply of goods and services and as regards transparency and it contributes, among other things, to spontaneous compliance by each Employee and Collaborator.
－  promote the personal and professional development of its Collaborators and motivate them to a sense of belonging and to seek continuous improvement in efficiency and effectiveness in order to increase corporate and personal satisfaction and well-being.

At the same time, it requires all Employees belonging to Group companies and all those who cooperate in the exercise of business activities to comply with the company rules and the provisions established in this Code of Ethics.

In fact, the achievement of these objectives can only take place through the constant and active participation of all those involved in the business activities of the Group companies and their full awareness that these objectives must be achieved in compliance with those values. of reference and rules of conduct which, by means of this Code of Ethics, are made explicit.

The rules contained in this Code of Ethics and the principles of behavior for conducting business and in interpersonal relationships must therefore not appear "obvious" to the addressee of this document, but rather as a tool for reflecting on the values ​​referred to: personal adherence to these values contribute, among other things, to the spontaneous respect of every Employee and Collaborator.

The reference values ​​and rules of conduct set out in the Code of Ethics are binding for all Group companies, for their Directors, Employees and Third Parties who in any capacity operate in the interest of the Group; the latter include Agents, Technical Assistance, Suppliers, Distributors, developers, Consultants and Collaborators in general (hereinafter "Collaborators"). In particular, the Directors are required to be inspired by these values ​​and rules of conduct in setting the objectives of the companies in the companies of the Group, in proposing investments and implementing projects, as well as in any decision or action relating to the management of the companies.

Employees with executive status, in effectively implementing the management activity of the Group companies, must be inspired by the same values ​​and rules of conduct both within the Group, thus reinforcing cohesion and the spirit of mutual collaboration, and in towards third parties who come into contact with the Group itself.

All Employees are required to comply, in carrying out their duties and responsibilities, with the principles and rules of conduct contained in the Code of Ethics, procedures, regulations and company policies.

All Employees are also called to demand compliance with the principles and rules contained in this Code of Ethics also by independent third-party Collaborators who, in any capacity, operate in the interest of the Group. They undertake to inform the Collaborators of the content of this Code of Ethics and instruct them to comply with the rules contained therein.

Collaborators of the Group are required to adapt their conduct to the provisions of the Code, to company procedures and regulations.

Compliance with Laws and Regulations
The companies of the Group recognize compliance with the laws and regulations in force in all the countries in which they operate as an essential principle. The Directors, Employees and Collaborators who in various capacities are involved in the Group's business activities are therefore required to carry out their activities in a context of maximum transparency and in absolute compliance with the laws and regulations in force in the place and in the time in which they operate. They therefore undertake to have the best possible knowledge of the applicable regulations relating to their activity and of the responsibilities deriving from the violation of the same. Under no circumstances can the pursuit of the Group's interest justify an operation that does not comply with the laws and regulations.

Integrity
Moral integrity is a constant duty of all those who work in the name and/or on behalf of the companies of the Group. All recipients of this Code of Ethics are required to pursue the objectives with honesty, correctness and responsibility and to maintain a conduct based on compliance with the rules, laws and professional ethics.

Transparency and completeness of information
The companies of the Group promote transparency in communications, in formal agreements and in the criteria that form the basis of the behaviors followed in order to allow autonomous and informed choices by the subjects involved. All recipients of this Code of Ethics are required to respect the principles of truthfulness, correctness, completeness, accuracy and transparency of information and to communicate the Group's image clearly and diligently in all its internal and external relationships.

Value of the person
The companies of the Group promote respect for the physical, moral and cultural integrity of the person; guarantee working conditions that respect individual dignity and safe working environments. All recipients of this Code of Ethics are called to promote listening and dialogue as levers for improvement and continuous stimulus for the search for proposed solutions not only in relations with customers but also in relations with their own Collaborators and colleagues in the respect for the professionalism and competence of each one.

Fairness and equal opportunities
Group companies undertake to avoid any discrimination in personal conduct and to respect differences in gender, age, race, religion, political or trade union affiliation, language or different ability. All recipients of this Code of Ethics are called to operate taking into account the concrete circumstances; not engaging in discriminatory and opportunistic behavior but rather helping to bring out the potential of each one.

Correctness
In conducting any activity, situations must be avoided in which the parties involved in the transactions are, or may even appear to have, a conflict of interest.

Relations with control bodies
Relations with control bodies are inspired by principles of transparency, completeness, truthfulness and correctness of information.
The information which, according to current legislation, must be communicated to the control bodies cannot be withheld or distorted.

Confidentiality
Milor ensures the confidentiality of the information in its possession and refrains from searching for confidential data, except in the case of express and informed authorization in compliance with current legal regulations. Group collaborators are required not to use confidential information for purposes not connected with the exercise of their job duties.

Market freedom
Milor conforms its activity to safeguarding the principles of competition and freedom of the market and, compatibly with the managerial autonomy of the individual subsidiaries, directs the Group's activity to these principles.

Milor's Code of Ethics is aimed at all Group companies, their Directors, Employees and Collaborators, regardless of the specific production and/or commercial organizational realities and explicit rules of conduct on which it calls for compliance by all recipients . The Directors, Executives, Employees and Collaborators who have contractual relationships with the Group for any reason, are required to observe and ensure that these principles are observed within the scope of their duties and responsibilities, as well as to collaborate in the preparation of adequate procedures aimed at safeguard the interests of the Group.

In compliance with the values ​​set out above, the Group recognizes human resources as an indispensable element for successfully competing on the market and for achieving corporate objectives, as well as the importance of establishing relationships with them based on loyalty and mutual trust.

Group companies must ensure that the selection, placement and career path of company personnel, as well as the choice of Employees and Collaborators in various capacities, respond exclusively, without any discrimination, to objective considerations of the professional and personal characteristics necessary for the performance of the work to be performed and the skills demonstrated in carrying out the same. Group companies must refuse any discriminatory behavior regarding access to employment, the assignment of qualifications and duties, career progression or the assignment of tasks.

Resource selection and management
In the light of the above, the company policies for the selection, remuneration and training of Employees and Collaborators must be based on criteria of professionalism, seriousness, competence and merit. In particular, the responsible functions must ensure that:

－ the resources acquired correspond to the profiles actually necessary for the company needs, avoiding favoritism and concessions of any kind in respect of equal opportunities and without any discrimination on the private sphere and on the candidates' opinions;
－ fair towards Collaborators and coherent behavior is maintained among Employees, abuses and discrimination based on sex, race, religion, political affiliation and preventing favoritism, union, language, age or different ability;
－ fair treatment and equal opportunities in the assignment of roles or assignments are guaranteed, considering mobility to different job positions as an element to promote professional growth.

Professional enhancement and training of resources
The companies of the Group undertake to contribute to the training and professional growth of their Employees and Collaborators by offering them, periodically, opportunities both for mutual knowledge and information on their respective work experiences, and for other training interventions, and this in order to promote the growth and to allow them to develop their professional competence within the Group.

For this reason, Managers and Department Managers are called to pay the utmost attention to enhancing and increasing the professionalism of their colleagues and Collaborators by creating the conditions for the development of their skills and the realization of their potential. In particular, the appointed functions must ensure that:

－ the conditions necessary to develop the skills, abilities and talent of each person are maintained in compliance with the corporate policies of equal opportunities;
－ systems for assessing behaviour, skills, knowledge and potential are maintained according to criteria of transparency and meritocracy;
－ the possibility of expressing one's individuality in the work is recognised, valuing the diversity and specificity of each one, as an essential contribution to the growth of the Group;
－ the conditions are maintained which put everyone in a position to best interpret their role, favoring the constant improvement of the level of competence and developing the ability to work as a team to contribute to the achievement of corporate objectives;
－ training that is also attentive to individual needs is proposed, evaluated and developed in defining training courses.

Work environment
All Employees and Collaborators must be treated in strict compliance with the principles set out in this Code of Ethics and in the context of a climate that favors communication and cooperation as much as possible, with each other and with superiors and subordinates, with a view to common and shared goal of growth and consolidation of the spirit of belonging to the Group. In particular, top management, executives, employees and collaborators who operate in various capacities on behalf of and/or in the name of Group companies must:

－ base their interpersonal and professional relationships on criteria and behaviors of fairness, loyalty and mutual respect;
－ promote and support respect for the personality of each colleague and Collaborator as a fundamental element for the development of a work environment permeated by mutual trust and everyone's contribution;
－ undertake to create a work environment that guarantees conditions that respect personal dignity and in which the characteristics of individuals cannot give rise to discrimination or conditioning to all those who interact with Group companies for any reason;
－ aiming to create a work environment that is always stimulating and rewarding and which therefore favors the development of everyone's potential.

The strictest accounting transparency of each company of the Group is, at any time and in any circumstance, a priority requirement of the Group itself. The procurement and disbursement of financial resources, as well as their administration and control, must always comply with the Group's approval and authorization procedures. The Directors, Employees, Collaborators and all those who maintain relations with the Group in any capacity, must behave strictly correctly, transparently and collaboratively in compliance with the law and company procedures in all activities aimed at preparing the financial statements and other social communications. In particular, the following is mandatory: － everyone is required to strictly observe the established procedures and to provide maximum collaboration so that management facts are presented correctly and promptly in the company accounts; － everyone, within the scope of their respective duties and functions, must comply with the strictest principles of transparency, correctness and truthfulness in the preparation of accounting documents and data, as well as any registration relating to administration; － in the case of economic and patrimonial elements based on valuations, the related registration must be completed by clearly illustrating, in the relative documentation, the criteria that guided the determination of the value of the asset; － the documentation supporting each accounting operation must be adequate, truthful, clear and complete; must be kept in the records, in such a way as to allow at any time to check the characteristics of the operation, the reasons, and the precise identification of who, in the various phases, authorised, carried out, recorded and verified the operation itself; competencies must be clearly defined and known within the organisation; － the related accounting entry must clearly, completely and truthfully reflect what is described in the supporting documentation; － the supporting documentation must be easily available and filed according to appropriate criteria that allow easy consultation by both internal and external bodies authorized to control.

Correctness of financial flows
Any operation that could lead to the slightest possibility of the Company being involved in cases of receiving, laundering or using goods or money of illicit origin is strictly prohibited. Financial flows must be managed ensuring complete traceability of operations, keeping adequate documentation and always within the limits of the responsibilities assigned to each one. To this end, you must comply with the following principles regarding documentation and record keeping:
－ all payments and other transfers made by or to the Company must be accurately and fully recorded in the company accounting systems;
－. all payments must be made only to the subjects and for the activities contractually formalized and/or approved by the Company.

The Company implements the necessary controls to verify the authenticity of the cash collected and used in the context of corporate activities. Recipients are required to exercise the utmost diligence and attention in managing cash to ensure that counterfeit money is not collected or spent. The Company is committed to ensuring that the gold used for the production of its jewelery items does not come from global geographic areas involved in war conflicts generated by economic interests for the control of the extraction of precious metals. It also confirms that it is committed to responsible gold sourcing.

To this end, our commitment is to guarantee compliance with the Dodd Frank Act and to purchase gold only from banks, metal banks or refineries that are included in the LBMA Good Delivery List or that are certified by the RJC (Responsible Jewelery Council) organization.

In compliance with current legislation, the companies of the Group undertake to guarantee the protection of privacy with regard to information relating to the private sphere and the opinions of each of their Employees and of those who interact with the Group. Employees and Collaborators who act in the name or on behalf of Group companies are required to process personal data in full compliance with current privacy protection legislation, according to the directives given to them. In particular, it is mandatory to:

－ acquire and process only the data necessary and directly connected to one's functions;
－ respect the confidential nature of the information;
－ acquire and process data for specified, explicit and legitimate purposes;
－ acquire and process data that is pertinent, exact, complete and not excessive in relation to the purposes for which they were collected and subsequently processed, ensuring they are duly updated;
－ store said data in such a way as to prevent unrelated third parties from gaining knowledge of it;
－ communicate and disclose the data only within the framework of the established procedures or with the prior authorization of the managers in charge;
－ keep the data in a form that allows identification of the interested party for a period of time not exceeding that necessary for the purposes for which they were collected and subsequently processed.

The Management, Employees or Collaborators in charge of personal data processing must adopt all suitable measures to avoid the risk of destruction or loss, even accidental, of the aforementioned data, of unauthorized access to the same or of unauthorized or unauthorized processing compliant with the purpose of the collection; these measures are identified and periodically updated within the Group companies.

The companies of the Group aim to maintain the highest levels of hygiene and safety and to guarantee the necessary prevention measures against accidents and illnesses in the workplace. Everyone must contribute to keeping the work environment in which they work healthy and safe and guarantee the safety of their colleagues and collaborators of various titles.

Each corporate function must do everything possible to always have full knowledge, for the sector of its responsibility, of the rights and obligations of the Group deriving from provisions of the law, contracts or relationships with the Public Administration and must not engage in any behavior that may harm, in any way, the interests of the Group.

All Employees and Collaborators who work on behalf of or in the name of Group companies are strictly prohibited from disclosing to third parties information not known to the public regarding projects, acquisitions, mergers, commercial strategies and more generally information regarding companies in the Group of which they have become aware or whose diffusion could, in any case, cause prejudice to the interests of the Group itself.

Each subject is responsible for looking after, conserving and defending the Group's assets and resources entrusted to him in the context of his activity and has the obligation to use them in a proper and compliant manner, preventing any improper use.

In order to protect the integrity of the company's assets, it is in particular prohibited, except in the cases permitted by law, to:

－ return contributions in any form or release shareholders from the obligation to perform them;
－ distribute profits that have not actually been earned or allocated by law to reserves, or to reserves that cannot be distributed by law, purchase or subscribe for shares or
company shares;
－ carry out reductions in the share capital, mergers or demergers in violation of the regulations set up to protect creditors; sign or fictitiously increase the share capital; satisfy, in the event of liquidation, the claims of the shareholders to the detriment of the company's creditors.

This context includes all those relationships, pertaining to the activity of the Group companies, entertained with public officials or with public service appointees who operate on behalf of the Public Administration or of national and foreign legislative bodies, of community institutions, of public organizations of any foreign state.

Relations with governments and public institutions are reserved to the corporate functions authorized to establish and manage such relations on the basis of the provisions of the service orders and pro-tempore procedures in force. These relationships must be undertaken and managed in absolute and rigorous compliance with the laws and regulations in force, with the rules and principles established in the Code of Ethics and with the internal reference procedures.

Attention and care must be taken in relations with the subjects indicated above, in particular in the areas relating to: tenders, contracts, authorisations, licenses, concessions, requests and/or management and use of funding however denominated of public origin (national or community), management of job orders, relationships with supervisory authorities or other independent authorities, social security institutions, tax collection agencies, civil, criminal or administrative proceedings. Attention and care must also be paid to those sectors which, although they do not involve direct relationships aimed at concluding business with the Public Administration, are considered to support business activities such as the management of financial flows and the management and security of IT data.

The aforementioned operations and the correlated management of financial resources must be undertaken in due respect of the law, the principles of the Code of Ethics and in full compliance with internal procedures. In particular, it is expressly forbidden to:

－ accept, give or promise, either directly or indirectly or through a third party, money, gifts, goods, services, benefits or favors to public officials - or to subjects linked to them by kinship or affinity - for the purpose to promote and favor their own interests or the interests of the companies of the Group, or even to compensate or repay for an act of their office, or to achieve the execution of an act
contrary to the duties of their office;
－ receiving, offering or promising gifts or any other form of gift to public officials or subjects related to them by kinship or affinity - when such gifts, in consideration of their value, exceed normal commercial and courtesy practices or in any case are positioned at the outside of what was expected
by internal company protocols;
－ hire personnel, assign agency, consultancy or other assignments, in the event that the recruitment or assignment is - or may appear - aimed at an exchange of favors with subjects belonging, or previously belonging, to the Public
Administration;
recognize fees in favor of external Collaborators who are not adequately justified by the type of task to be performed and by current local practices;
－ submit untruthful statements or other documents to public bodies in order to influence independent judgement;
－ present untruthful declarations or other types of documentation to national or community public bodies in order to obtain public funds, grants or subsidized loans;
－ allocating sums received from national or EU public bodies by way of disbursements, contributions or loans for purposes other than those for which they were intended;
－ alter the operation of a computer or telematic system or manipulate the data contained therein in order to obtain an unfair profit causing damage to the Public Administration.

In relations with the Public Administration it is always necessary to operate in compliance with the law, with the express prohibition of engaging in conduct which, in order to bring advantages to the Group, is such as to constitute a case of crime.

Relations with suppliers
The Directors, Employees and Collaborators of the Group companies are required to ensure equal opportunities in the selection of Suppliers, taking into account their compatibility and adequacy with the size and needs of the Group. In particular, the functions responsible for selecting independent third parties such as consultants, agents, suppliers of goods, merchandise and services must ensure that:

－ are selected on the basis of objective assessments and parameters (such as quality, convenience, price, capacity and efficiency, etc.) aimed at protecting the commercial and industrial interests of the Group and, in any case, at creating greater value for the same;
－ are selected according to criteria of reliability and integrity also according to the need to respect the reference values, the rules of conduct contained in the Code of Ethics and internal procedures, using the written form and in compliance with the hierarchical structure of the Group;
－ the Group's policies are communicated to them and specific contractual clauses concerning compliance with this Code of Ethics are envisaged.
The functions in charge must also ensure that continuous awareness and involvement of Suppliers is guaranteed in a pro-active role and a responsible attitude in particular as regards transparency, communication, compliance with laws and regulations and which promotes awareness of the social and ethical risks and opportunities deriving from their activities.

Customer relations
In relations with customers, public or private, the Administrators, Employees and Collaborators of Group companies are required to:

－ develop and maintain favorable and lasting relationships with them, based on maximum efficiency, collaboration and courtesy;
－ operate within the ambit of current legislation and request punctual compliance with it;
－ make sure that the declarations and attestations made to them are accurate and truthful;
－ respect commitments and obligations assumed towards them;
－ provide accurate, complete, truthful and timely information in order to allow the Client to make informed decisions.

In business relations with Suppliers and Customers, company policies must be respected, basing relations on maximum correctness, especially in the management and conclusion of contracts, avoiding conflicts of interest, even potential ones.

Without prejudice to the provisions of the paragraph "Relations with the Public Administration", in business relations with Suppliers and Customers, donations, gifts, acts of courtesy or hospitality are prohibited (both directly and indirectly) unless they are such as not to compromise the image of the Group and cannot be interpreted as aimed at obtaining favorable treatment that is not determined by lawful market rules. In any case, any gifts, acts of courtesy and hospitality that do not fall within normal practice must be adequately documented and communicated to your manager so that they can evaluate their appropriateness. Employees or Collaborators who receive gifts or preferential treatment from Suppliers or Customers that go beyond ordinary courtesy must immediately notify their hierarchical superior; after the appropriate checks with the competent management, the companies will inform the author of the gift, homage, etc. through the appropriate functions. on the Group's policy on the matter.

The companies of the Group are committed to guaranteeing maximum competitiveness on the market and, therefore, their commercial policy must be based on compliance with the regulations governing competition, both on the national and international markets.

All recipients of this Code of Ethics must always keep up-to-date on the legislation in force and consult their hierarchical superior before concluding any agreement or understanding that may have the effects of alleged unlawful competition.

Top management, Employees and Collaborators who act in the name and on behalf of Group companies are required to operate in order to avoid situations in conflict with the interests of the Group itself. By way of example but not limited to, the following constitute a conflict of interest:

－ the exploitation of one's functional position for the realization of conflicting interests with colleagues in the company;
－ the use of information acquired in carrying out work activities for one's own benefit or that of third parties and in any case contrary to the interests of the Group;
－ the participation - open or hidden - of the Employee in the activities of Suppliers, Customers, competitors;
－ carrying out work activities of any kind for Customers, Suppliers, competitors and/or for third parties, contrary to the interests of the Group. In particular, for Employees, the acceptance of any professional assignment offered by third parties must be evaluated in advance with the hierarchical superior and with the Human Resources Director of Milor S.p.A. in order to assess the absence of any incompatibilities or situations of prejudice.

Everyone has the duty to promptly report to the competent management any situation that may be considered, even potentially, prejudicial to the rights and interests of the Group so that the same management can proceed, just as promptly, with the necessary protective actions.

Relations with bodies responsible for legally assigned control or auditing activities, and relations with auditing firms, must be based on maximum correctness, transparency and collaboration, in full compliance with the laws and regulations in force.

In particular, both internal and external auditors must have free access to the data, documents and information necessary for the performance of their activities. It is expressly forbidden to impede or hinder the performance of the control or auditing activities legally attributed to the shareholders, other corporate bodies or the auditing firm.

The same obligations extend to relations with the Supervisory Body which, within the scope of the responsibilities envisaged by the respective Organization and Management Models voluntarily prepared by the companies of the Group pursuant to Legislative Decree No. 231 of 8 June 2001 "Regulation of the administrative liability of legal persons, companies and associations even without legal liability, pursuant to art. 11 of the law of 29 September 2000, n° 300”, has the task of supervising the observance of the existing preventive and control systems, as well as their actual adequacy, in particular in those areas in which any connected crime risks are identified the activities carried out (Ref. Code of Ethics and Organizational Models pursuant to Legislative Decree 231/2001).

As part of the internal control systems of the Group companies, this Code of Ethics forms an integral part of the Organization and Management Models pursuant to Legislative Decree No. 231/2001 voluntarily adopted by them. In compliance with their full autonomy and their respective commercial and/or production specificities, the companies of the Group that adopt Organization and Management Models in compliance with the principles expressed by Legislative Decree 231/2001 and subsequent amendments and/or additions, are required to carry out risk assessment activities in order to identify the areas in which crimes may be committed and to establish prevention and control systems based on the provisions of the same decree.

The companies of the Group appoint their own Supervisory Body (SB) with independent powers of initiative and control with the task of:

－ supervising the functioning and observance of the Code of Ethics and company procedures, in particular in those areas in which the crime risks pursuant to Legislative Decree 231/2001 possibly connected to the activities carried out are identified - for this purpose it is free to access to all sources of corporate information, to view documents and consult data;
－ welcome and/or report any violations of the Code of Ethics;
－ propose any updates to the Code of Ethics and internal protocols in order to adapt them to the law;
－ check, control and evaluate cases of violation of the rules established by the Code of Ethics and report it to the functions in charge for the purpose of applying suitable sanctions in compliance with the laws, regulations and national collective bargaining agreements.

The companies of the Group are required to establish adequate communication channels through which all those who become aware of any conduct, within the companies of the Group, contrary to the principles and rules of conduct expressed in this Code can report, freely, directly and in a confidential manner to their hierarchical superior and to the Supervisory Body if appointed.

The information acquired by the Supervisory Body and by the functions in charge, for the purposes of the due investigations, must be treated in such a way as to guarantee:
－ the confidentiality and anonymity of the whistleblower,
－ the protection of the whistleblower against any form of retaliation, penalisation, discrimination, without prejudice to legal obligations and the protection of the rights of Group companies or persons accused erroneously and/or in bad faith.

Compliance with the principles and rules of the Code of Ethics must be considered an essential part of the contractual obligations of the Employees. Violations of the rules of the Code of Ethics may constitute a breach of the main obligations of the employment relationship or a disciplinary offence, with all legal consequences, also with regard to the preservation of the employment relationship, and may lead to compensation for damages deriving from the same.

Compliance with the Code of Ethics must be considered an essential part of the contractual obligations assumed by non-subordinate Collaborators and/or persons having business relations with the Group. Violation of the provisions of the Code of Ethics may constitute a breach of contractual obligations, with all legal consequences, including in relation to the termination of the contract and/or the assignment and may lead to compensation for damages deriving from the same. For the violations of the members of the Board of Directors and of the Statutory Auditors, all the provisions of the law apply with the consequent remedies and sanctions.

The companies of the Group undertake to foresee and to impose, with coherence, impartiality and uniformity, sanctions proportionate to the respective violations of the Code and compliant with the provisions in force regarding the regulation of labor relations.