The controller of your personal data is Bankinter, S.A. ("Bankinter"), with Tax ID Number A28157360, whose registered office is at Paseo de la Castellana 29, (28046).

If you have any further questions, please contact our data protection officer by e-mail at the following address: [email protected].

Bankinter, S.A. processes the data you provide for the following purposes:

1. Manage the development, compliance and control of the existing shareholder relationship in relation to the calling and holding of the Annual General Meeting. Specifically, they will be processed for the exercise of your attendance, proxy and voting rights at the Annual General Meeting, the right to information, and your participation in the Electronic Shareholders' Forum.

If you are a representative of a shareholder, we hereby inform you that your personal data will be processed in order to manage the development, compliance and control of the shareholder relationship for the exercise of the rights of attendance, delegation and voting at the General Meeting.

2. In addition, we hereby notify you that your personal data will be processed to comply with our legal obligations.

The legal grounds for fulfilling these purposes are:

For the purpose stated in section 2.1, your consent given by accepting this clause. Any refusal to supply the personal data requested, or the submission of inaccurate or incomplete data, could therefore render it impossible to properly provide you the services. Shareholders are responsible for ensuring the data they provide are true, accurate, current and complete, and for notifying Bankinter of any changes.

For the purpose stated in section 2.2, compliance with the legal obligations that apply.

Bankinter, as data controller, shall not disclose your data to third parties unless under a legal obligation to do so.

We hereby inform you that your data will be communicated to the Notary when necessary for the purposes of drafting the notarial record for the General Meeting, as well as to any third parties who are entitled to the right to information in accordance with the law or where publicly available to the extent recorded in the documents available on the Company's website or declared at the General Meeting, the holding of which may be subject to audiovisual recording and published on Bankinter's website.

If you attend the General Meeting, we hereby inform you that it will be recorded and published on Bankinter's website (www.bankinter.com).

You may exercise the following rights at any time in the situations and subject to the scope established by applicable legislation:

• -Access
• -Rectification
• -Erasure
• -Objection to processing
• -Restriction of processing
• -Portability of data

To exercise these rights, you may e-mail Bankinter, S.A. at [email protected], attaching a copy of your national ID card or other proof of identity. You may also choose to file a complaint with the Spanish Data Protection Agency.

Your personal data will be kept as long as you are a shareholder. As soon as it is not required for this purpose, the data will be blocked for as long as it may be needed for taking or defending administrative or judicial actions. Generally speaking, the data will be kept for a period of six years as established by the Commercial Code.

Bankinter obtains your data from the following sources:

1.- Data provided by you in your capacity as shareholder. If you include personal data relating to other natural persons in the attendance/proxy/remote voting card, you guarantee that you have informed them of the contents of the preceding paragraphs and that you comply with any other requirements that may be applicable for the proper transfer of personal data to Bankinter, S.A.

2.- Data provided by the banks or securities companies and agencies with which you have deposited or hold shares.

You may find further information about how Bankinter processes your data on our website www.bankinter.com/banca/en/nav/seguridad-privacidad.