I.- Identification of the Responsible Party AISLAPAK, S.A., with registered address at No. 206, Rectángulos Street, Arco Vial neighborhood, postal code 66023, Municipality of García, Nuevo León, hereby informs you that your personal data collected, to be collected, or generated due to the legal relationship currently in place or that may be entered into, will be subject to processing under the following categories: Non-disclosure; non-use. All confidential information in any form is considered the exclusive proprietary disclosure of each party and shall be treated strictly confidentially. It shall not be shared with any third party, including, but not limited to, any governmental authority, without the express written consent of the disclosing party, unless required by law. Each party shall limit the use of the other party’s confidential information solely to the purposes of this agreement and shall restrict access to such confidential information to those employees who need access to perform their work duties and are bound by a contractual confidentiality obligation. Each party shall take all reasonably necessary technical, organizational, and legal measures to protect confidential information from accidental or unauthorized disclosure, use, or loss. In the event that, due to negotiations and the legal and commercial relationship between the parties, information is exchanged that includes personal data, financial or property-related personal data, or sensitive personal data (collectively referred to as “personal data”), under the terms of the Federal Law on the Protection of Personal Data Held by Private Parties and its regulatory provisions (the “Data Law”), the party receiving (the “receiving party”) the personal data from the party disclosing them (the “disclosing party”) shall be obligated to: (a) Comply with the terms and conditions of the corresponding privacy notice and the data subject’s consent, as well as any modifications to them that the disclosing party may notify. (b) Process the personal data only for the purposes stated in the privacy notice and for those strictly necessary to carry out the negotiations between the parties. (c) Implement security measures in accordance with applicable provisions for the protection of personal data. (d) Maintain confidentiality regarding the personal data. (e) Delete the personal data once the purpose of this agreement has been fulfilled or upon instruction from the disclosing party. (f) Not transfer the personal data, except under written instructions from the disclosing party or by order of a competent authority. (g) Hold the disclosing party harmless against any breach committed by the receiving party or its dependents in fulfilling their personal data protection obligations under this agreement. The receiving party agrees to hold the disclosing party harmless in the event of any legal proceedings or claims related to the legality of the personal data and their transmission to the receiving party.