We respect and protect privacy

Information obligation for participants of the General Meeting

In accordance with the requirements of the General Data Protection Regulation of 27 April 2016. (GDPR), we inform you that:

1. The administrator of personal data is Budimex S.A., ul. Siedmiogrodzka 9, 01-204 Warsaw (hereinafter referred to as the “Company”), contact details: ul. Siedmiogrodzka 9, 01-204 Warsaw, tel. +48 22 623 60 00.

2. Purpose and legal basis for the processing of personal data of shareholders or their proxies or their representatives (hereinafter referred to as the “authorised person”):

  • fulfilment of the Company’s legal obligation to organize and conduct the General Meeting of the Company and to enable the entitled person to exercise the voting rights and to make available for inspection the list of persons entitled to participate in the General Meeting (legal basis: Article 6(1)(c) of the GDPR);
  • confirmation of the identity of the entitled person, registration and transmission of the General Meeting as part of the Company’s legitimate interest in ensuring the transparency of the Company’s activities and the implementation of the principles contained in the Code of Best Practice 2021 (legal basis: Article 6(1)(f) of the GDPR);
  • establishing, pursuing or defending possible claims within the framework of the legitimate interest of the Company (legal basis: Article 6(1)(f) of the GDPR).

3. Categories of processed personal data: identification data, contact data, data identifying the basis for having the status of an authorized person, image and voice.

4. Possible source of data:

  • directly from the authorised person, if the data relate to the shareholder or their proxy or their representative;
  • from the National Depository for Securities S.A. if they concern a shareholder.

5. The Company has appointed a Data Protection Officer, who can be contacted in matters related to the protection of personal data by writing to the e-mail address: dane.osobowe@budimex.pl.

6. Personal data of authorised persons may be made available:

  • authorised persons;
  • processors, if their participation is necessary to achieve the above purposes, including IT solution providers.

7. Personal data may be transferred to entities through which Budimex pursues the indicated purposes, including entities maintaining IT infrastructure. In justified cases, personal data may be processed remotely outside the European Economic Area (EEA). If such a transfer were to take place – which could happen m.in. in connection with the possible use by the Company of IT solutions based on cloud solutions or serviced by a service center located outside the EEA – the Company will provide a mechanism that, in accordance with the European Union law, legalizes the transfer and provides appropriate guarantees of personal data protection. You can obtain a copy of the description of the technical protections transferred outside the EEA by sending a request to the following address: dane.osobowe@budimex.pl.

8. Personal data of authorized persons will be stored for the period in which the shareholder is entitled to the status of a shareholder of the Company, and then for the period of limitation of possible claims or until an effective objection is raised to the extent that the basis for processing is the legitimate interest of the Company. Personal data contained in the lists of shareholders, attendance lists of persons entitled to participate in the General Meeting and powers of attorney are stored for the duration of the Company’s existence. Recordings of the meeting will be stored for a period of 15 years from the date of the General Meeting.

9. Providing personal data to the extent necessary to verify the right of a person entitled to participate in the General Meeting is required by law, including the Commercial Companies Code, in the remaining scope providing data is voluntary, but necessary due to the method of recording the meeting adopted by the Company.

10. You have the right to request from the Company access to your personal data, rectification, deletion or restriction of processing, and the right to data portability.

11. You have the right to object to the processing.

12. You have the right to lodge a complaint with the supervisory authority, in Poland there is the President of the Office for Personal Data Protection.

13. Your personal data will not be subject to automated decision-making or profiling.