241 APPendIx240 APPendIx MONCLER GROUP 2023

vacy@moncler.com and spwprivacy@spwco.it addresses, which al- low any party to contact the Company regarding privacy issues.

The privacy governance system adopted by Moncler includes the Privacy Committee, established in June 2019. This committee is responsible for ensuring adequate coordination and exchange of in- formation between the various companies and the data Protection Officer (dPO), in order to obtain the necessary support and mon- itor and implement regulatory adaptations in company processes. The Privacy Committee, which meets every one or two months, is composed of the General Counsel, the Head of Corporate Affairs & Compliance and the heads of the functions designated as Privacy Contacts for the areas of Information Technology, Customer Rela- tionship Management (CRM), People & Organization and Video-sur- veillance, as well as other colleagues from the Legal, Compliance and digital departments. At Stone Island, there is a privacy office which, in coordination with the Group, monitors and manages all pri- vacy issues, including the processing of personal data.

To ensure structured and efficient management of privacy is- sues and full compliance with the provisions of the GdPR, as well as other national legislation in which the Group operates, Moncler and Stone Island have provided internal procedures, tools and guide- lines including (i) the Data Protection Master Policy which pro- vides rules and instructions for the processing of personal data (clients, employees and third parties), the relevant periods of reten- tion, and which identifies and defines the individuals involved in the process, their respective roles and related responsibilities; (ii) the register of personal data processing activities; (iii) the Data Protec- tion Impact Assessment DPIA, (iv) the procedure for the man- agement of data breaches; and (v) the regulation on the use of IT tools by employees. These procedures are regularly updated to re- flect any new laws or regulations, as well as changes in the Group s organisational structure.

As part of the mandatory training for Group employees, e-learning privacy training sessions are provided. These sessions cover key provisions of the GdPR and data protection obligations for all employees.

during 2023 the monitoring and update of the documenta- tion and procedures continued in order to ensure an ongoing align- ment with the GdPR and local regulations in the countries where the Group companies operate. In this context, the documents and tools have been adopted that are necessary to deal with the chang- es introduced in the area of whistleblowing following the entry in- to force of Legislative decree 24/2023 implementing the europe directive 2019/1937, with significant impacts in the privacy area.

In 2023, the Moncler Privacy Committee also met regularly to discuss and deepen updates on projects relevant to privacy and to plan the activities necessary to ensure the constant alignment of the Company s and the Group s activities with laws and regulatory requirements. The Stone Island Privacy Office has continued its pri- vacy-related monitoring and management efforts.

The Group s Internal Audit department continued to conduct audits and related privacy follow-up activities during 2023, with the support of external consultants. In particular, Moncler s activities concerned data processing in the areas of marketing, digital, CRM and Human Resources. In the case of Stone Island, audits were conducted for Human Resources, General Services and one store.

Breaches of procedures implemented by Moncler and Stone Island under the GdPR by employees are covered by the disci- plinary system adopted by the Group. To date, no disciplinary pro- ceedings have been initiated for such breaches.

In 2023, Moncler received, through the official channels, about 815 requests of various kinds, including requests for deletion from the database pursuant to Art. 17 of the GdPR, exercising the right of access pursuant to Art. 15 of the GdPR, and further informa- tion on data management. As for Stone Island, about 180 requests were received through official channels in 2023.

In 2023, the Moncler Group was not notified of any com- plaints to the Italian data Protection Authority pursuant to Art. 77 of the GdPR.

TAX POLICY In administrative management and in drafting the Financial State- ments and any other type of accounting documentation, Moncler complies with the applicable laws and regulations, adopts general-

PARENTAL LEAVE Moncler has always guaranteed maternity, paternity and parental leave to all its employees in accordance with applicable laws and local regulations. For instance, for mothers working in Italy, the Group grants up to 44 weeks of parental leave (both compulsory and optional). Women can also benefit from hours of paid leave for nursing and rest. Since 2021, it has extended to all Italian employ- ees who became fathers after 1 January 2021 a 15-day paternity leave, five more days than the legal requirements.

In addition to parental leave policies, Moncler also offers ad- ditional extraordinary paid leave programs. In particular, Moncler grants employees in Italy who require this type of additional leave to accompany their children to medical appointments or to care for their children during illness.

In 2023 the Moncler Group introduced the new New Parents Policy to enhance parenting and improve the well-being and work- life balance of its people, regardless of gender, marital status or sexual and affective orientation. See also pages 111-112.

Measures to facilitate return from leave and family manage- ment include the possibility of applying for flexible hours and addi- tional paid leave until the child is three years of age. See also pages 110-111; 111-112.

during 2023, there were 105 employees who took at least one type of parental leave, 1.8% of the eligible female population and 0.6% of the male population, respectively. Around 123% of em- ployees returned to work after the leave period, including those who took parental leave starting in 2022. Of those who returned to work in 2022, 53.8% were still working for the Company 12 months later.

COMPLIANCE The Moncler Group strives towards the highest principles of trans- parency, integrity, and loyalty in its operations, in compliance with all applicable laws in the countries in which it operates, while concen- trating efforts on building relationships of trust with its stakeholders.

In confirmation of the above, in 2023 and in line with 2022, no final decision was handed down against the Group companies in any of the following areas:

unfair competition and antitrust product health and safety product labelling marketing, including advertising, promotion and sponsorship disputes impacting the community environment intellectual property rights privacy.

PRIVACY The protection and processing of personal data is an important ar- ea for the Moncler Group, which has become increasingly import- ant in recent years.

As also stated in the Moncler and Stone Island Codes of eth- ics, the Group is constantly committed to establish and implement appropriate measures of an organisational and technological na- ture to appropriately meet the privacy protection needs of their em- ployees, collaborators, clients and suppliers, in compliance with all applicable laws and regulations and in accordance with the most recent best practices.

In this context, the Group has also adopted the necessary steps to ensure prompt compliance with all the provisions of Reg- ulation (eU) 2016/679, the General Data Protection Regulation (GdPR), which came into effect in May 2018.

At both Stone Island and Moncler a Data Protection Offi- cer (dPO) has been designated, tasked with monitoring compliance with the GdPR and all laws and regulations on the protection of per- sonal data. In addition, the dPO also provides targeted advice to the company and employees on the compliance with, and implementa- tion of the provisions and obligations arising from the GdPR. A dPO was also appointed for the Group s German subsidiaries in accor- dance with local law.

In addition, both Brands have set up an email address dpo@ moncler.com, and dpo@spwco.it through which it is possible to draw the attention of the dPO to requests for information and clarification or possible privacy violations; these work alongside the existing pri-