This Privacy Policy contains the information that regulates the processing of personal data of users (hereinafter referred to as the "User") who access and use the following sites, owned by Milor S.p.A., or by companies controlled by it, in particular: 

www.bronzallure.it
www.bronzallure.com
www.bronzallure.eu
www.etruscagioielli.com
www.albertm.it 
www.duomilor.it
www.milor.com
www.galleria-milano.com
www.elledilinda.com

each individually identified as "the Site") for consultation and for the purchase of the products for sale. ("Products").

Milor S.p.A. ("The Owner") is registered in the Companies Register of the Chamber of Commerce of Milan, Tax Code / VAT No. 04362490155; the registered office is located at Via dei Gracchi, 35 20146 Milan, email: privacy@milor.com.

This Privacy Policy is to be considered an integral and substantial part of the Terms of Use of each site and the cookies policy.

The information contained in the Privacy Policy is extended in accordance with Article 13 of Legislative Decree No. 196 of June 30, 2003 and subsequent amendments - (the "Privacy Code") and Article 13 of EU Regulation 2016/679 ("GDPR") to all Users who access and use the Site and/or purchase Products on the Site. This Policy refers solely to the use of the Site and not to any other third-party site, even if referenced in any way within the Site.

Any changes will take effect immediately and will apply only to Users who use the Site after the date of such changes. Consequently, we invite you to refer to it whenever you visit our Site to become aware of its latest version available on the Site.

 

Version of May 10, 2018

The data entered by the User at the time of registration on the Site or for the Site's newsletter and at the time of submitting each order will be used for purposes strictly related to the purpose indicated at the time of data collection and/or for the purposes indicated in this Privacy Policy. More specifically, for sending the newsletter and/or for executing the order request and all related services, such as payment and delivery. 

The User's personal data may also be used by the Owner and by third parties authorized by them to fulfill any accounting and tax obligations related to the purchase of Products and to complete all activities strictly related and preparatory to the management of the Site-Customer relationships. 

 In particular: to carry out operations related to our business relationship, namely concerning your registration for the Services (in particular the verification of the authenticity of your email), Orders, deliveries, invoices, accounting, the follow-up of the "customer relationship" with a Member, and the conducting of satisfaction surveys, the management of complaints and after-sales service, refunds, specific commercial gestures, return of Orders, exercise of your right of withdrawal, the management of overdue credits and disputes.

In the event that the User has given consent, such personal data may be used for other purposes related to the sale of products on the Site: 
1. sending promotions, offers, and suggestions on Products for sale;
2. verification of User satisfaction;
3. sending promotional and/or advertising information related to other activities of the Site and its Partners;
4. conduct market research and post-sales analysis. 
5. propose commercial offers close to your geographical location, particularly in the context of offers that may include the "In-store Pickup" service;
6. the management of your comments on the Site and/or on the web pages published by us and hosted on the websites of our Social Networks.

All User data collected will be processed exclusively and with due diligence by specifically appointed individuals trained in this matter. The purposes of the processing are those for which the data was collected, mainly using electronic and IT tools.

The data will be stored on computer and paper media, as well as on any other support deemed suitable and compliant with the security measures imposed by applicable regulations. The data is kept in such a way as to allow for the identification of the User for the minimum time necessary to achieve the purposes for which it was collected and then processed, and, in any case, always in compliance with legal requirements. 

Any damages caused by reasons not directly attributable to the Owner, such as inaccessibility of the Site, or viruses, damaged files, interruption of internet or telephone network connections, or other causes similar to the above-mentioned cases, are not attributable to the Owner.

Furthermore, the User is required to diligently and responsibly keep all personal information strictly related to the Site, such as access credentials to the Site, any order and shipping codes, or other data. Any theft or improper use of this data, and the consequences arising from these events, are the sole responsibility of the User.

The personal data requested by the Data Controller during navigation of the Site may be mandatory or optional. The User's failure to consent to provide the mandatory data will result in the non-fulfillment of the purpose for which they were requested. The completion of optional data, on the other hand, is entirely at the User's discretion, who can choose whether to provide it or not. In this case, refusal does not have any consequences in the execution of the purposes indicated at the time of the request. 

The User is also responsible for the constant updating of such data, in order to allow the Owner to provide all services effectively and efficiently without incurring delays, errors, or additional costs arising from the failure to update such data. 

In particular, the Data Controller collects the Data that you voluntarily provide starting from a collection form on the Site, including socio-professional information (for example, your profile, your surname, traditional name, names, gender, date of birth, godfather and/or delivery address, profession).

In the event of an Order, our banking providers collect and process Personal Data related to your payment methods (credit card number, expiration date of the credit card, visual cryptogram - which will not be stored, etc.). On our part, we may process the partial number of your credit card consisting of the first six (6) digits and the last four (4) digits and the expiration date of your credit card as transmitted to us by your bank. Therefore, this payment identifier does not allow for banking transactions.

 We also collect information related to the transaction made (transaction number, purchase details, etc.), or related to the payment of invoices issued from or through the Site (payment methods, discounts granted, receipts, balances and missed payments, or related to the subscribed credits, the amount and duration, etc.). 

 The Data Controller processes the Data related to the management of the commercial relationship with you: product and/or service purchased, quantity, amount, frequency, delivery and/or billing address(es), phone number, security code, and any other relevant information regarding delivery (tracking number, shipment location, etc.), purchase history and service performance, product returns, correspondence and/or phone exchanges between you and our after-sales service, etc.

The communication of the User's personal data to third parties is subject to compliance with the legal limits imposed and the purposes declared and provided for in point 1. The third parties involved fall into the following categories:

1. the managers of warehouse, packaging, shipping, delivery, and product return services;
2. the subjects appointed by the Owner for the administrative, contractual, accounting, and legal management of the activities of the Site;
3. credit institutions, insurance companies, and the company/companies responsible for payment management, including electronic payments;
4. the subjects responsible for the management and maintenance of the Site and all its functions;
5. any other subjects to whom the Data Controller has granted access to the data, always in compliance with legal provisions or regulations.
6. affiliated companies, related companies, and offices associated with our Company, 

 Finally, the User's personal data may be used for contests and/or prize participation, for sending advertising and promotional material related to the Site and the Holder's Partners, only with the explicit and voluntary consent expressed by the User.

In cases where data processing requires the explicit and voluntary consent of the User, it will be collected specifically with the clarification of the individual purposes pursued. It is specified that Article 6 of the GDPR provides for cases where data processing does not require the express authorization of the User, such as for the fulfillment of legal or contractual obligations assumed towards the User.

The User has the right to request at any time confirmation of the existence of personal data concerning them, pursuant to Articles 12 and following of the GDPR.

In accordance with the Personal Data Regulation, you benefit from the following Specific Rights of:

access (Article 15 of the GDPR), 
b. rectification (Article 16 of the GDPR), 
c. erasure (Article 17 of the GDPR), 
d. limitation of Processing (Article 18 of the GDPR) 
e. transferability (Article 20 of the GDPR) 
f. opposition (articles 21 and 22 of the GDPR) 
g. post-mortem directives (Law No. 78-17 of January 6, 1978 relating to computing, files, and freedoms);

You have the right to obtain from the Data Controller confirmation as to whether or not your data is being processed and, if it is, access to such data and the following information:

1. the purposes of the processing;
2. the categories of data;
3. the recipients or categories of recipients to whom the data are or will be communicated;
4. when possible, the data retention period provided or, when not possible, the criteria used to determine the duration dates;
5. the existence of the right to request the Data Controller to rectify or delete data, or to limit the processing of Your data, or the right to object to such processing;
6. when the data is not collected by you, any information available regarding its source;
7. when data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards related to such transfer.

You have the opportunity to obtain from the Data Controller, as soon as possible, the correction of the data concerning you that are inaccurate. You also have the opportunity to request that incomplete data be completed, even if it is necessary to provide a supplementary statement.

You have the right to obtain from the Data Controller the deletion, as soon as possible, of data concerning you when for one of the following reasons:

a. the data are no longer necessary in light of the purposes for which they were collected or processed in another way by the Data Controller,
b. you have withdrawn your consent to the processing of this data and there is no other legal basis for the processing;
c. exercise your right to object under the conditions mentioned below
d. there is no legitimate imperative reason for the processing;
e. the data have been subject to unlawful processing;
f. the data must be deleted to comply with a legal obligation;
g. the data was provided by a child.

You have the opportunity to obtain from the Data Controller the restriction of the processing of Your data based on one of the following reasons:

a. the Data Controller verifies the accuracy of the data following your challenge to the accuracy of the data.
b. the processing is unlawful and the opposing party requests the deletion of the data, demanding instead the limitation of their use;
c. the Data Controller no longer needs the data for processing purposes but they are still necessary for the verification, exercise, and/or defense of rights in court;
d. you have opposed the treatment under the conditions set out below and the Data Controller checks to see if the legitimate reasons pursued prevail over the reasons put forward.

You have the right to receive from the Data Controller the data concerning you in a structured, commonly used, and machine-readable format when:

1. The processing of data is based on consent and/or a contract, and
2. The treatment is carried out with the help of automated procedures.

When you exercise your right to portability, you have the right to obtain that the data be transmitted directly from the Data Controller to a processor you designate when technically feasible.

You have the right to object at any time, for reasons related to your particular situation, to the processing of data concerning you based on the legitimate interest of the Data Controller. In this case, the Data Controller will no longer process the data unless it demonstrates that there are legitimate and compelling reasons for the processing that override your interests and your rights and freedoms, or it may retain them for the purpose of establishing, exercising, or defending rights in court.

When data is processed for prospecting purposes, you can object to the processing of this data at any time.

Finally, the User has the right to object, in whole or in part for legitimate reasons, to the processing of personal data concerning them, even if relevant to the purpose of collection, as well as to the processing of personal data concerning them for the purposes of sending advertising material or direct sales or for conducting market research or commercial communication.

For the exercise of rights, the User can contact the following addresses: Tony S.r.l. - Via Carducci 32, 2012 Milan - email: privacy@milor.it 

The data controller of the personal data of Users who use the Site is Milor S.p.A. - Via dei Gracchi 35, 20146 Milan. To exercise their rights and for any further information regarding the processing of data, the User can contact the Data Controller at the following addresses: Milor S.p.A. - Via dei Gracchi 35, 20146 Milan - email: privacy@milor.it.

Your Personal Data is stored actively for a period of three (3) years from your last activity on the Site or on an electronic communication medium (particularly an email message) or, after this period, your profile will be considered "inactive" and will be automatically deactivated. It is therefore up to you to create a new one for any new Orders.

Your Personal Data in connection with an Order is retained for a period of three (3) years from the date of an Order. They remain accessible by you and us, particularly after the creation of your account to allow you and us to have a complete history of your Orders. We can delete them at any time upon simple request from you.

However, at the end of the aforementioned periods, and if applicable, from the date of your request for deletion, your Personal Data may be subject to intermediate storage to meet our legal, accounting, and tax obligations.

The Site is present on social networks. For more information on the protection of your Data while browsing these social networks, we invite you to consult their respective privacy policies.

To allow us to proceed with an easier registration or connection to our Site, you may have the option to authenticate on our Site through a Social network. Simply click on the dedicated button to automatically pre-fill your registration form on the Site based on the information you have already provided to the Social network. On our part, as the recipient, we may collect information when you browse the pages of our Social networks or use their authentication features.

A "cookie" is a connection marker that designates a text file that can be stored, based on your choices, in a dedicated space on the hard drive of your Terminal when visiting the Site. A cookie file allows the issuer to identify the Terminal in which it is stored, for the duration of the validity or registration of the cookie, and therefore must be considered as Personal Data.

When you connect to our Site, we may be prompted, based on your choices, to install various Cookies on your Terminal that allow us to recognize the browser of your Terminal during the validity period of the Cookie in question.

No personal data of users is acquired by the Site in this regard. No cookies are used for the transmission of personal information, nor are so-called persistent cookies of any kind, or systems for tracking users.

The use of so-called session cookies (which are not persistently stored on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient browsing of the site. The so-called session cookies used on this site prevent the use of other potentially harmful computer techniques for the privacy of users' browsing and do not allow the acquisition of personally identifiable user data.

The Ethical Code represents the Identity Card of an organization; it expresses the guidelines of conduct that should inspire the behaviors of its members and is the main means of spreading the culture of ethics within the company. The dissemination of the Ethical Code has been increasing over the past few years, also due to specific legal provisions that, especially at the international level, have prompted companies and other organizations to adopt it.

As a result of the globalization of markets, there is an increasing global need to introduce and clarify ethical and social rules in economic models that allow for the coexistence of profit and value creation objectives with respect for the demands and interests of the parties involved in business activities, not only in national and international relations but also within corporate environments (either because the expectations and interests, albeit legitimate, of the various stakeholders - Shareholders, Employees, Suppliers, Customers, Business Partners, etc. - may be in conflict with each other, or because in some cases there is a perceived risk that actual behaviors do not correspond at all to the proclaimed principles).

In the Italian landscape, the importance of equipping oneself with a tool like the Ethical Code is emphasized, among other things, by the provision of specific liability for entities as a result of the commission of crimes pursuant to Legislative Decree No. 231 of June 8, 2001.
In this context, the companies belonging to the Milor group (the "Group") have always been committed to applying strict principles observed in the conduct of their various activities and have always been characterized by the seriousness, reliability, and professionalism of their Management, Employees, and Collaborators, thus acquiring over the years a solid reputation that is also appreciated internationally.

In order to pursue continuous improvement objectives, Milor has deemed it appropriate to adopt and issue this Code of Ethical Conduct, which clarifies the principles and values that the company has pursued over the years, highlighting rules of conduct whose observance - by all those who, in any capacity, operate in the name and on behalf of the companies of the Group - is essential to maintain and improve the regular functioning, the reliability of business processes, and the image of the Group itself.

To such principles and norms, the operations and behaviors of all recipients of this Code of Ethics must refer, both in internal professional relationships and in relations with external parties to the Group.

The Group recognizes the importance of ethical and social responsibility in conducting business and corporate activities and is committed to respecting the legitimate interests of Shareholders, Directors, Employees, Collaborators, Customers, Suppliers, and Business Partners.

The companies of the Group are therefore committed to:

- maintain consistency with the policies always adopted regarding fairness, transparency, trust, and cooperation in conducting business;
- maintain an active role in relation to the market, economic development, and technological progress in the sectors in which it operates;
- to pursue a solid and sustainable value from an economic, financial, and social perspective, built on the trust of Customers, the motivation of Collaborators, and a responsible and constructive relationship with the territory;
- continuously improve the quality of the products and services offered to the Customer, increase their satisfaction through effective and fair competition in the market, in full and absolute compliance with the laws and regulations in force in the countries where it operates;
- raise awareness and engage Suppliers in a proactive role, particularly regarding compliance with laws and regulations in the supply of goods and services, and concerning transparency, which contributes, among other things, to the spontaneous compliance by every Employee and Collaborator.
- promote the personal and professional development of its Collaborators and motivate them towards a sense of belonging and the pursuit of continuous improvement in efficiency and effectiveness in order to increase corporate and personal satisfaction and well-being.

At the same time, it requires all Employees belonging to the Group companies and all those who cooperate in the conduct of business activities to comply with the company rules and the provisions established in this Code of Ethics.

The achievement of such objectives can indeed only occur through the constant and active participation of all parties involved in the business activities of the Group's companies and the full awareness, on their part, that these goals must be reached in compliance with the reference values and rules of conduct that are made explicit through this Ethical Code.

The rules contained in this Ethical Code and the principles of conduct for conducting business and interpersonal relationships should therefore not appear to the recipient of this document as "taken for granted," but rather as a tool for reflection on the values mentioned: a personal adherence to such values contributes, among other things, to the spontaneous respect by every Employee and Collaborator.

The reference values and the rules of conduct outlined in the Code of Ethics are binding for all companies in the Group, for their Directors, Employees, and Third Parties who operate in the interest of the Group in any capacity; among these are Agents, Technical Assistances, Suppliers, Distributors, developers, Consultants, and Collaborators in general (hereinafter "Collaborators"). In particular, the Directors are required to be inspired by these values and rules of conduct when setting the objectives of the companies within the Group, proposing investments, and implementing projects, as well as in any decision or action related to the management of the companies.

Employees with managerial qualifications, in concretely implementing the management activities of the Group's companies, must be inspired by the same values and rules of conduct both within the Group, thus strengthening cohesion and the spirit of mutual collaboration, and towards third parties who come into contact with the Group itself.

All Employees are required to adhere, in the performance of their functions and responsibilities, to the principles and rules of conduct contained in the Ethical Code, to the procedures, regulations, and company policies.

All Employees are also called upon to demand respect for the principles and rules contained in this Ethical Code from independent third-party Collaborators who, in any capacity, operate in the interest of the Group. They commit to informing the Collaborators of the content of this Ethical Code and to instructing them to comply with the rules contained therein.

The Group's Collaborators are required to adjust their behaviors to the provisions of the Code, the procedures, and the company regulations.

Respect for Laws and Regulations
The companies of the Group recognize as an essential principle the respect for the laws and regulations in force in all the countries where they operate. The Directors, Employees, and Collaborators who are involved in the Group's business activities in various capacities are therefore required to carry out their activities in a context of maximum transparency and in absolute compliance with the laws and regulations in force in the place and time in which they operate. They therefore commit to having the best possible knowledge of the applicable regulations related to their activities and the responsibilities arising from violations thereof. Under no circumstances can the pursuit of the Group's interests justify actions that are not in compliance with the laws and regulations.

Integrity
Moral integrity is a constant duty of all those who work in the name and/or on behalf of the companies of the Group. All recipients of this Code of Ethics are required to pursue objectives with honesty, fairness, and responsibility, and to maintain conduct that is based on respect for rules, laws, and professional ethics.

Transparency and completeness of information
The companies of the Group promote transparency in communications, formal agreements, and the criteria that underlie the behaviors followed in order to allow autonomous and informed choices by the parties involved. All recipients of this Code of Ethics are called to respect the principles of truthfulness, fairness, completeness, accuracy, and transparency of information and to communicate clearly and diligently the image of the Group in all its internal and external relations.

Value of the person
The companies of the Group promote respect for the physical, moral, and cultural integrity of the person; they guarantee working conditions that respect individual dignity and safe working environments. All recipients of this Code of Ethics are called to promote listening and dialogue as levers for improvement and continuous stimulation in the search for proposed solutions not only in relations with customers but also in relations with their Collaborators and colleagues, respecting the professionalism and competence of each individual.

Equity and Equal Opportunities
The companies of the Group are committed to avoiding any discrimination in personal conduct and to respecting differences in gender, age, race, religion, political or trade union affiliation, language, or different abilities. All recipients of this Code of Ethics are called to operate taking into account the concrete circumstances; not engaging in discriminatory and opportunistic behaviors but rather contributing to bringing out the potential of each individual.

Correctness
In the conduct of any activity, situations must be avoided where the parties involved in the transactions are, or may even just appear to be, in a conflict of interest.

Relations with control bodies
Relations with control bodies are inspired by principles of transparency, completeness, truthfulness, and correctness of information.
Information that, under current regulations, must be communicated to the control bodies cannot be concealed or distorted.

Confidentiality
Milor ensures the confidentiality of the information in its possession and refrains from seeking confidential data, except in the case of express and informed authorization in accordance with current legal regulations. Group collaborators are required not to use confidential information for purposes unrelated to the performance of their work duties.

Market freedom
Milor aligns its activities with the safeguarding of competition principles and market freedom and, in accordance with the managerial autonomy of the individual subsidiaries, directs the Group's activities towards these principles.

The Ethical Code of Milor is addressed to all companies of the Group, their Administrators, Employees, and Collaborators, regardless of the specific organizational, productive, and/or commercial realities, and explicitly states rules of conduct which it calls for compliance from all recipients. Administrators, Executives, Employees, and Collaborators who have any contractual relationships with the Group are required to observe and ensure compliance with these principles within their functions and responsibilities, as well as to cooperate in the preparation of appropriate procedures aimed at safeguarding the interests of the Group.

In respect of the values stated above, the Group recognizes human resources as an essential element for successfully competing in the market and for achieving business objectives, as well as the importance of establishing relationships with them based on loyalty and mutual trust.

The companies of the Group must ensure that the selection, classification, and career paths of company personnel, as well as the choice of Employees and Collaborators in various capacities, respond exclusively, without any discrimination, to objective considerations of the professional and personal characteristics necessary for the execution of the work to be performed and to the abilities demonstrated in fulfilling the same. The companies of the Group must reject any discriminatory behavior regarding access to work, the assignment of qualifications and duties, career progression, or the assignment of roles.

Selection and management of resources
In light of the above, the company's policies for the selection, compensation, and training of Employees and Collaborators must be based on criteria of professionalism, seriousness, competence, and merit. In particular, the responsible functions must ensure that:

- the acquired resources correspond to the profiles actually necessary for business needs, avoiding favoritism and any kind of facilitation in compliance with equal opportunities and without any discrimination regarding the private sphere and the opinions of the candidates;
- they are maintained in Employees and fair behaviors towards Collaborators and consistent, abuses and discrimination based on sex, race, religion, political affiliation and preventing favoritism, union, language, age or disability;
- fairness of treatment and equal opportunities in the assignment of roles or tasks is guaranteed, considering mobility across different job positions as an element to promote professional growth.

Professional enhancement and training of resources
The companies of the Group are committed to contributing to the training and professional growth of their Employees and Collaborators by periodically offering them opportunities for mutual knowledge and information about their respective work experiences, as well as other training interventions, in order to promote growth and enable them to develop their professional skills within the Group.

For this reason, Managers and Function Heads are called to pay maximum attention to enhancing and increasing the professionalism of their colleagues and Collaborators by creating the conditions for the development of their skills and the realization of their potential. In particular, the designated functions must ensure that:

- the necessary conditions are maintained to develop the skills, abilities, and talents of each individual in accordance with the company's equal opportunity policies;
- evaluation systems for behaviors, skills, knowledge, and potential should be maintained according to criteria of transparency and meritocracy;
- the possibility of expressing one's individuality at work is recognized, valuing the diversity and specificity of each person as an essential contribution to the growth of the Group;
- conditions should be maintained that enable everyone to best interpret their role, promoting the constant improvement of their level of competence and developing the ability to work as a team to contribute to the achievement of business objectives;
- it was proposed, evaluated, and developed, in the definition of training paths, a training that is also attentive to individual needs.

Work Environment
All Employees and Collaborators must be treated in strict compliance with the principles set forth in this Code of Ethics and within a climate that maximally promotes communication and cooperation, among themselves and with superiors and subordinates, with a view to a common and shared goal of growth and strengthening the sense of belonging to the Group. In particular, the Company Executives, Managers, Employees, and Collaborators who operate in various capacities on behalf of and/or in the name of the companies of the Group must:

- to shape one's interpersonal and professional relationships according to criteria and behaviors of correctness, loyalty, and mutual respect;
- promote and support the respect for the personality of each colleague and collaborator as a fundamental element for the development of a work environment permeated by mutual trust and the contribution of each individual;
- commit to creating a work environment that ensures, for all those who interact with the companies of the Group in any capacity, conditions that respect personal dignity and in which individual characteristics do not lead to discrimination or bias;
- aim to create a work environment that is always stimulating and rewarding and that therefore promotes the development of each individual's potential.

The strictest accounting transparency of every company in the Group is, at any time and in any circumstance, a priority requirement of the Group itself. The procurement and disbursement of financial resources, as well as their administration and control, must always comply with the Group's approval and authorization procedures. The Administrators, Employees, Collaborators, and all those who have any type of relationship with the Group must maintain a strictly correct, transparent, and collaborative behavior in compliance with legal regulations and company procedures in all activities aimed at the preparation of the financial statements and other corporate communications. In particular, the following obligations must be observed: - everyone is required to strictly adhere to the established procedures and to provide maximum cooperation so that management facts are presented correctly and promptly in the company accounts; - each within the scope of their respective competencies and functions, must adhere to the strictest principles of transparency, fairness, and truthfulness in the preparation of documents and accounting data, as well as in any record related to administration; - in the case of economic and asset elements based on valuations, the related registration must be carried out clearly illustrating, in the relevant documentation, the criteria that guided the determination of the asset's value; - The documentation supporting each accounting operation must be adequate, truthful, clear, and complete; it must be kept on file in such a way as to allow for control at any time over the characteristics of the operation, the reasons, and the precise identification of who, at the various stages, authorized, executed, recorded, and verified the operation itself; the responsibilities must be clearly defined and known within the organization; - the related accounting record must clearly, completely, and truthfully reflect what is described in the supporting documentation; - the supporting documentation must be easily accessible and archived according to appropriate criteria that allow for easy consultation by both internal entities and external entities authorized for control.

Correctness of financial flows
Any operation that may involve even the slightest possibility of the Company being involved in cases of receiving stolen goods, money laundering, or the use of goods or money of illicit origin is strictly prohibited. Financial flows must be managed ensuring complete traceability of operations, maintaining adequate documentation, and always within the limits of the responsibilities assigned to each individual. To this end, it is necessary to adhere to the following principles regarding documentation and record-keeping:
- all payments and other transfers made by or on behalf of the Company must be accurately and completely recorded in the company's accounting systems;
- All payments must be made only to the parties and for the activities contractually formalized and/or approved by the Company.

The Company implements the necessary controls to verify the authenticity of the cash collected and used in the course of business activities. The Recipients are required to exercise the utmost diligence and attention in managing cash to ensure that no counterfeit money is collected or spent. The Company is committed to ensuring that the gold used for the production of its jewelry items does not come from geographical areas involved in war conflicts generated by economic interests for the control of precious metal extraction. Furthermore, it confirms its commitment to the responsible sourcing of gold.

To this end, our commitment is to ensure compliance with the Dodd Frank Act and to purchase gold only from banks, bullion dealers, or refineries that are on the LBMA Good Delivery List or are certified by the RJC (Responsible Jewellery Council).

In compliance with current legislation, the companies of the Group are committed to ensuring the protection of privacy regarding information related to the private sphere and the opinions of each of their Employees and those who interact with the Group. Employees and Collaborators acting on behalf of or for the companies of the Group are required to process personal data in absolute compliance with the current privacy protection legislation, according to the directives given to them. In particular, it is mandatory to:

- acquire and process only the data necessary and directly related to their functions;
- respect the confidential and private nature of the information;
- acquire and process data for specified, explicit, and legitimate purposes;
- acquire and process relevant, accurate, complete, and not excessive data compared to the purposes for which they were collected and subsequently processed, ensuring their proper updating;
- to store said data in such a way as to prevent third parties from becoming aware of it;
- communicate and disseminate data only within the established procedures or with prior authorization from the designated managers;
- to store data in a form that allows the identification of the data subject for a period of time not exceeding that necessary for the purposes for which they were collected and subsequently processed.

Management, Employees, or Collaborators responsible for the processing of personal data must adopt all appropriate measures to avoid the risks of destruction or loss, even accidental, of the aforementioned data, unauthorized access to it, or processing that is not permitted or not compliant with the purposes of collection; these measures are identified and periodically updated within the companies of the Group.

The companies of the Group aim to maintain the highest levels of hygiene and safety and to ensure the necessary preventive measures against accidents and illnesses in the workplace. Everyone must contribute to keeping the work environment in which they operate healthy and safe and to ensuring the safety of their colleagues and various collaborators.

Every business function must do everything possible to always have full knowledge, for the area of its responsibility, of the rights and obligations of the Group arising from laws, contracts, or relationships with the Public Administration, and must not engage in any behavior that could harm, in any way, the interests of the Group.

To all Employees and Collaborators working on behalf of or in the name of the companies of the Group, it is strictly forbidden to disclose to third parties any non-public information regarding projects, acquisitions, mergers, business strategies, and more generally, information concerning the companies of the Group that they have become aware of or whose dissemination could, in any case, harm the interests of the Group itself.

Each individual has the responsibility to safeguard, preserve, and defend the assets and resources of the Group entrusted to them in the course of their activities, and is obliged to use them appropriately and in accordance with their intended purpose, preventing any improper use.

In order to protect the integrity of the social assets, it is particularly prohibited, outside the cases permitted by law, to:

- return contributions in any form or release members from the obligation to execute them;
- distribute profits not actually achieved or legally destined for reserves, or to reserves not distributable by law, purchase or subscribe to shares or
company shares;
- carry out reductions of share capital, mergers or demergers in violation of the rules established to protect creditors; sign or artificially increase the share capital; satisfy, in the event of liquidation, the claims of the shareholders to the detriment of the company’s creditors.

All relationships related to the activities of the Group's companies with public officials or with public service representatives acting on behalf of the Public Administration or national and foreign legislative bodies, community institutions, and public organizations of any foreign state fall within this context.

Relations with governments and public institutions are reserved for the authorized business functions that establish and manage such relations based on the provisions of service orders and the procedures in force at the time. Such relations must be undertaken and managed in absolute and strict compliance with the applicable laws and regulations, the rules and principles set forth in the Code of Ethics, and the relevant internal procedures.

Attention and care must be taken in relations with the subjects mentioned above, particularly in areas related to: public procurement, contracts, authorizations, licenses, concessions, requests and/or management and use of publicly sourced funding (national or European), management of contracts, relations with supervisory authorities or other independent authorities, social security institutions, tax collection agencies, civil, criminal or administrative proceedings. Attention and care must also be taken in those sectors that, although they do not involve direct relations aimed at concluding business with the Public Administration, are considered supportive of business activities such as the management of financial flows and the management and security of IT data.

The above-mentioned operations and the related management of financial resources must be undertaken in due respect of the laws, the principles of the Code of Ethics, and in full compliance with internal procedures. In particular, there is an express prohibition on:

- to accept, give or promise, either directly, indirectly, or through an intermediary, money, gifts, goods, services, benefits or favors to public officials - or to individuals related to them by kinship or affinity - in order to promote and favor one's own interests or the interests of the Group's companies, or also to compensate or repay for an act of their office, or to achieve the execution of an act.
contrary to the duties of their office;
- to receive, offer, or promise gifts or other forms of presents to public officials or to individuals related to them by kinship or affinity - when such gifts, considering their value, exceed normal commercial and courtesy practices or otherwise fall outside what is provided.
from the internal company protocols;
- hire personnel, assign agency, consultancy or other types of assignments, in the event that the hiring or assignment is - or may appear to be - aimed at an exchange of favors with individuals belonging to, or previously belonging to, the Public.
Administration;
recognize compensation in favor of external Collaborators who do not find adequate justification for the type of assignment to be carried out and the practices in force locally;
- presenting false statements or documentation of any kind to public bodies in order to influence independence of judgment;
- to present false statements or documentation of any kind to national or community public bodies in order to obtain public disbursements, contributions, or subsidized financing;
- allocate sums received from national or community public bodies as grants, contributions, or financing for purposes other than those for which they were intended;
- to alter the functioning of a computer or telematic system or to manipulate the data contained therein in order to obtain an unjust profit causing damage to the Public Administration.

In dealings with the Public Administration, it is necessary to always operate in compliance with the law, with an express prohibition against engaging in behaviors that, in order to benefit the Group, may constitute criminal offenses.

Supplier Relations
Administrators, Employees, and Collaborators of the Group companies are required to ensure equal opportunities in the selection of Suppliers, taking into account their compatibility and suitability for the size and needs of the Group. In particular, the functions responsible for selecting independent third parties such as consultants, agents, suppliers of goods, merchandise, and services must ensure that:

- they are selected based on evaluations and objective parameters (such as quality, convenience, price, capacity, and efficiency, etc.) aimed at protecting the commercial and industrial interests of the Group and, in any case, creating greater value for it;
- they must be selected according to criteria of reliability and integrity also in relation to the need to respect the reference values, the rules of conduct contained in the Code of Ethics, and the internal procedures, using written form and in compliance with the hierarchical structure of the Group;
- they are informed of the Group's policies and specific contractual clauses regarding compliance with this Ethical Code are provided.
The designated functions must also ensure that there is continuous awareness and involvement of Suppliers in a proactive role and a responsible attitude, particularly regarding transparency, communication, compliance with laws and regulations, and that promotes awareness of the social and ethical risks and opportunities arising from their activities.

Customer Relations
In dealings with Customers, whether public or private, the Administrators, Employees, and Collaborators of the Group companies are required to:

- develop and maintain favorable and lasting relationships with them, based on maximum efficiency, collaboration, and courtesy;
- operate within the framework of current regulations and require their strict compliance;
- ensure that the statements and attestations made to them are accurate and truthful;
- respect commitments and obligations made towards them;
- provide accurate, complete, truthful, and timely information in order to enable the Client to make informed decisions.

In business relations with Suppliers and Customers, company policies must be respected, guiding the relationships with the utmost correctness, especially in the management and conclusion of contracts, avoiding conflicts of interest, including potential ones.

Without prejudice to the provisions of the paragraph "Relations with the Public Administration", in business relationships with Suppliers and Customers, gifts, favors, acts of courtesy or hospitality (both directly and indirectly) are prohibited, unless they are of a nature that does not compromise the image of the Group and cannot be interpreted as aimed at obtaining preferential treatment that is not determined by legitimate market rules. In any case, any gifts, acts of courtesy, and hospitality that do not fall within normal customs must be adequately documented and communicated to the relevant supervisor for assessment of their appropriateness. The Employee or Collaborator who receives gifts or preferential treatment from Suppliers or Customers that exceed ordinary acts of courtesy must immediately inform their hierarchical superior; after appropriate checks with the relevant management, the companies will ensure, through the designated functions, to inform the giver of the gift, favor, etc. about the Group's policy in this regard.

The companies of the Group are committed to ensuring maximum competitiveness in the market and, therefore, their commercial policy must be based on compliance with the regulations governing competition, both in the national market and at the international level.

All recipients of this Code of Ethics must always stay updated on the current regulations and consult their hierarchical superior before concluding any agreement or understanding that may have effects of presumed unfair competition.

The corporate executives, employees, and collaborators acting on behalf of the companies in the Group are required to operate in order to avoid situations that conflict with the interests of the Group itself. By way of example but not limited to, the following constitute a conflict of interest:

- the instrumentalization of one's functional position to achieve interests that conflict with colleagues in the company;
- the use of information acquired during the performance of work activities for one's own benefit or that of third parties and, in any case, in contrast to the interests of the Group;
- the participation - open or hidden - of the Employee in activities of Suppliers, Clients, competitors;
- the performance of any kind of work activities at Clients, Suppliers, competitors, and/or at third parties, in contrast to the interests of the Group. In particular, for Employees, the acceptance of any professional assignment offered by third parties must be previously evaluated with the hierarchical superior and with the Human Resources Director of Milor S.p.A. in order to assess the absence of any incompatibilities or situations of prejudice.

Everyone has the duty to promptly report to the competent management any situation that may be considered, even potentially, detrimental to the rights and interests of the Group so that the same management can proceed, equally promptly, with the necessary protective actions.

Relations with bodies responsible for legally assigned control or audit activities, and relations with auditing firms, must be characterized by the utmost correctness, transparency, and collaboration, in full compliance with current laws and regulations.

In particular, auditors, both internal and external, must have free access to data, documents, and information necessary for the performance of their activities. It is expressly forbidden to prevent or hinder the performance of the control or audit activities legally assigned to the members, other corporate bodies, or the auditing firm.

The same obligations extend to the relationships with the Supervisory Body which, within the scope of the responsibilities provided for by the respective Organization and Management Models voluntarily prepared by the companies of the Group pursuant to Legislative Decree No. 231 of June 8, 2001 "Regulation of the administrative liability of legal entities, companies, and associations, even those without legal liability, pursuant to Article 11 of Law No. 300 of September 29, 2000", is responsible for overseeing compliance with existing preventive and control systems, as well as their actual adequacy, particularly in those areas where the risks-crimes potentially connected to the activities carried out are identified (Ref. Ethical Code and Organizational Models pursuant to Legislative Decree 231/2001).

In the context of the internal control systems of the companies in the Group, this Code of Ethics is an integral part of the Organization and Management Models pursuant to Legislative Decree No. 231/2001 voluntarily adopted by them. In respect of their full autonomy and respective commercial and/or productive specificities, the companies in the Group that adopt Organization and Management Models in compliance with the principles expressed by Legislative Decree 231/2001 and subsequent amendments and/or additions, are required to carry out risk assessment activities in order to identify the areas in which crimes may be committed and to establish prevention and control systems in accordance with the provisions of the same decree.

The companies of the Group appoint their own Supervisory Body (OdV) endowed with autonomous powers of initiative and control with the task of:

- monitor the functioning and compliance with the Code of Ethics and company procedures, particularly in those areas where risks-crimes pursuant to Legislative Decree 231/2001 may be identified in connection with the activities carried out - for this purpose, is free to access all sources of company information, to review documents and consult data;
- welcome and/or report any violations of the Code of Ethics;
- propose any updates to the Code of Ethics and internal protocols in order to align them with the laws;
- verify, check and assess cases of violation of the rules established by the Code of Ethics and report them to the relevant functions for the application of appropriate sanctioning measures in compliance with laws, regulations, and collective labor agreements.

The companies of the Group are required to establish appropriate communication channels through which anyone who becomes aware of any behaviors, within the companies of the Group, contrary to the principles and rules of conduct expressed in this Code can report, freely, directly and confidentially to their hierarchical superior and to the Supervisory Body if appointed.

The information acquired by the Supervisory Body and the designated functions, for the purposes of the necessary investigations, must be processed in a way that ensures:
- the confidentiality and anonymity of the reporter,
- the protection of the whistleblower against any form of retaliation, penalization, discrimination, subject to legal obligations and the protection of the rights of the Group's companies or of individuals wrongly accused and/or acting in bad faith.

Compliance with the principles and rules of the Code of Ethics must be considered an essential part of the contractual obligations of Employees. Violations of the rules of the Code of Ethics may constitute a breach of the main obligations of the employment relationship or a disciplinary offense, with all legal consequences, including those related to the preservation of the employment relationship, and may result in compensation for damages arising therefrom.

Compliance with the Code of Ethics must be considered an essential part of the contractual obligations assumed by non-subordinate Collaborators and/or parties having business relationships with the Group. Violation of the provisions of the Code of Ethics may constitute a breach of contractual obligations, with all legal consequences, including the termination of the contract and/or assignment, and may result in compensation for damages arising therefrom. For violations by members of the Board of Directors and Statutory Auditors, all legal provisions apply along with the resulting remedies and sanctions.

The companies of the Group are committed to foresee and impose, with consistency, impartiality, and uniformity, sanctions proportional to the respective violations of the Code and in accordance with the current regulations regarding labor relations.