PRIVACY POLICY FOR BEER GARAGE PROGRAM WEBSITE

Version updated on April 23rd 2021

This internet website (the “Website”), which is owned and operated by ANHEUSER-BUSCH INBEVThis internet website (the “Website”), which is owned and operated by ANHEUSER-BUSCH INBEV
SA/NV, a company organized and existing under the laws of Belgium, having its registered office atSA/NV, a company organized and existing under the laws of Belgium, having its registered office at
Grote Markt 1, 1000 Brussels, Belgium, registered with the Register of Legal Entities under companyGrote Markt 1, 1000 Brussels, Belgium, registered with the Register of Legal Entities under company
number VAT 0417.497.106 RPM Brussels and its Affiliates (“ABI”, “we”, “our” or “us”).number VAT 0417.497.106 RPM Brussels and its Affiliates (“ABI”, “we”, “our” or “us”).
To ensure that you feel safe and happy visiting and using our Website, the following information givesTo ensure that you feel safe and happy visiting and using our Website, the following information gives
you a comprehensive guide as to what we do with your personal data and more specifically how weyou a comprehensive guide as to what we do with your personal data and more specifically how we
collect, use and pass on your personal data when you use this Website.collect, use and pass on your personal data when you use this Website.
This Privacy Policy describes, how your personal data are secured and how you can contact us aboutThis Privacy Policy describes, how your personal data are secured and how you can contact us about
our privacy practices, including:

  1. Data collection: What information do we collect?
  2. For which purposes do we use your information and on which legal bases?
  3. How do we share your information?
  4. What are your rights?
  5. Who can you contact in case you have questions or requests? The data protection contact point
  6. Links to Third-Party Sites
  7. Not Using Cookies And Similar Technologies
  8. International Transfers
  9. Security
  10. Children’s Privacy
  11. Changes to this Privacy Policy

Please read this Privacy Policy before using or submitting any personal data on this Website.
By accessing and using this Website, you confirm that you have read and that you understand the
way we collect, process, use and disclose your personal data as described herein.
Please note that before using or submitting personal data on certain sections or form (for example the
Beer Garage Application Form) of this Website, you may be asked to confirm electronically your
understanding and acceptance of this Privacy Policy by submitting your information. Your affirmative
action in clicking on the button “submit or send” and your use of this Website signify that you
understand and agree to the collection, processing, use and transfer of your personal data as described
in this Privacy Policy.

Our records of your acceptance of this Privacy Policy, the date thereof, and of all future amendments
to this Policy, shall be regarded as conclusive and written evidence of your consent.

1. DATA COLLECTION: WHAT INFORMATION DO WE COLLECT?

Depending on the purpose of the processing, we need to process the following categories of personal
data about you:

– your personal details (for example, your name) which you are asked to provide, e.g. if you
register to participate on the Beer Garage Program on this Website;
– your contact details (for example, your e-mail address, phone number), e.g. if you register for
our newsletter or if we need to communicate with you in relation to participate on the program
you have requested;
– commercial and technical information (for example, organization name, designation,
presence, details of what your company does, if you have subscribed to our newsletter,
participated to a competition, Beer Garage program or survey);
Remember that, when we ask you to fill in your personal data to give you access to participate in any
program of the Website, we will mark certain fields as compulsory, since this information is necessary
to be able to give you admission to the program, to evaluate and contact you. Please take into account
that, if you decide not to make such data available to us, you may be unable to complete your registration
or application.

2. FOR WHICH PURPOSES DO WE USE YOUR INFORMATION AND ON WHICH

LEGAL BASES?

The Website main purpose is to is to inform applicants about all the details of the Beer Garage Program,
and facilitate their application through this website.

We will process your personal data for the following purposes, as justified on the following legal bases:

PURPOSE LEGAL BASIS
To manage your registration on the Website to
enroll into Beer Garage Program.
Your personal data will be processed because the
processing is necessary for the entering, or taking
steps to enter into a contract with you at your
request.

We will only process your personal data for specified, explicit and legitimate purposes and we will not
process your personal data further in a way that is incompatible with those purposes. Where required
under applicable law, we will also collect your express consent to any of the above-mentioned activities.
You have the right to withdraw any given consent at any time.

3. HOW DO WE SHARE YOUR INFORMATION?

For the purposes for which we collect your personal data and subject to the appropriate legal basis
described under Section 2 above, we may disclose your personal data to the following categories of
recipients:

  1. Authorised staff members of ABI who access your personal data on a need-to-know basis;
  2. Affiliates and subsidiary companies of ABI, primarily for business and operational purposes;
  3. Service providers: companies that provide Services on behalf of ABI and under our instructions, that provide services to us, for the purposes of providing the Website or our Services.
  4. Other parties when required by law: ABI may share your personal data with other third parties:
    • – to comply with the law, regulatory requests, court orders, subpoena, or legal processes;
    • – to verify or enforce compliance with ABI’s policies and agreements; and
    • – to protect the rights, property or safety of ABI, its customers, visitors to this Website and/or the public;
  5. Other parties in connection with corporate transactions such as a merger, acquisition, sale of assets, joint venture, or any other transaction that results in a change in control or ownership of ABI, in whole or in part;
  6. Please be aware that service providers who may offer products and/or services to you through their
    services or via their own channels may separately collect personal data from you. In such case, ABI is
    not responsible for the collection of this data. These third parties are solely responsible for the control
    of such personal data and the processing of your data will be subject to their Privacy Policy.

    The above recipients of your personal data may be located within or outside the EEA, including in
    countries not recognized by the European Commission as offering an adequate level of protection of
    personal data. Please refer to Section 10 below for information regarding such transfers and the
    appropriate safeguards implemented by ABI.

    4. WHAT ARE YOUR RIGHTS?

    Under the conditions set forth under applicable data protection laws, you have the right to access and
    rectify your personal data, as well as the right to object at any time to the processing of your personal
    data for direct marketing purposes, including profiling related to such direct marketing, and, in certain
    cases, to object to the processing based on grounds relating to your particular situation. In addition, you
    have the right to request the restriction of the processing and the erasure of your personal data (right to
    be forgotten) as well as the right to data portability. When the processing of personal data is based on
    you consent, you have the right to withdraw your consent at any time.

    You can exercise these rights by sending a written request to our data protection contact (see Section 5
    “WHO CAN YOU CONTACT IN CASE YOU HAVE QUESTIONS OR REQUESTS?”).

    You also have the right to lodge a complaint with your competent supervisory authority.

    If you require further information in relation to your privacy rights or would like to exercise any of
    these rights, please also contact our data protection officer (see Section 5 “WHO CAN YOU
    CONTACT IN CASE YOU HAVE QUESTIONS OR REQUESTS?”).

    5. WHO CAN YOU CONTACT IN CASE YOU HAVE QUESTIONS OR REQUESTS?

    THE DATA PROTECTION CONTACT POINT

    ABI has in place a data protection contact point available for you to submit your questions or requests
    relating to the processing of your personal data. You can access this data protection contact point in our
    global “contact us” website (https://contactus.ab-inbev.com) or innovation-shots@ab-inbev.com.

    When you exercise these rights, ABI may collect your name, e-mail address and your request details.

    Please be aware that ABI only requires your e-mail address and request in order to process your request.

    Other details are optional for you to share with us. Your personal details will be saved only so that we
    can respond to your request, and will subsequently be deleted, unless there are legal requirements
    stipulating the retention of these data.

    Please contact our data protection contact point or our data protection officer indicated above if you
    wish to exercise your rights as data subject in the terms described in Section 4.

    6. LINKS TO THIRD-PARTY SITES

    We are not responsible for the security or privacy of any information collected by other websites,
    applications, or other services or by your mobile operating system operator, wireless carrier, or other
    similar providers. You should exercise caution and review the privacy statements applicable to the thirdparty websites, applications and services you use.

    7. NOT USING COOKIES AND SIMILAR TECHNOLOGIES

    What are cookies and similar tracking technologies? Cookies are small text files that are placed on
    your device by websites that you visit. We do not use any type of cookies and similar technologies on
    this Website.

    8. INTERNATIONAL TRANSFERS

    The Website is hosted by servers located in India . If you are attempting to access this Website from a
    physical location within the United States, Asia, or any other region with laws or regulations governing
    personal data collection, use, and disclosure that differ from European Union laws, please be advised
    that your use of this Website is governed by the General Data Protection Regulation (European law)
    and national law (Belgian law) and these policy. To the extent, you provide personal data through the
    Website, you are transferring your data to India.

    In connection with any transfer of your personal data to outside the European Economic Area (=
    member states of the European Union + Iceland, Norway, and Liechtenstein, “EEA”) in countries that
    are not recognized by the European Commission as offering an adequate level of data protection (no
    ‘adequacy decision’), we implement appropriate safeguards to ensure an adequate level of protection of
    your personal data. These safeguards can for instance consist in agreeing with recipients on standard
    data protection clauses in the form of entering into template model clauses such as the Standard
    Contractual Clauses for the transfer of personal data to third parties adopted by the European
    Commission guaranteeing such adequate level of protection. You may obtain a copy of such safeguards
    (Standard Contractual Clauses) by contacting us at data protection officer, First Privacy GmbH, at: email: abi-team@firstprivacy.com ; phone: +49 421 69663282.

    9. SECURITY

    We ensure that appropriate technical and organisational security measures are taken against unlawful
    or unauthorised access or use of your personal data, as well as against accidental loss or damage to the
    integrity of your personal data.

    We update and test our security technology on an ongoing basis. We restrict access to your personal
    data to those employees who need to know that information to provide benefits or Services to you. In
    addition, we train our employees about the importance of confidentiality and maintaining the privacy
    and security of your information. We commit to taking appropriate disciplinary measures to enforce
    our employees’ privacy responsibilities.

    Your personal data will only be processed by a third party data processor if that data processor agrees
    to comply with those technical and organisational data security measures.

    Maintaining data security means guaranteeing the confidentiality, integrity and availability of your
    personal data:

    1. Confidentiality: we will protect your personal data from disclosure to third parties.
    2. Integrity: we will protect your personal data from being modified by unauthorised third parties.
    3. Availability: we will ensure that authorized parties are able to access your personal data when needed.

    10. CHILDREN’S PRIVACY

    Please note that our Website is only available for persons of legal age, only share the content of our
    Website people who are of legal age. Our Website and Services are not intended for individuals under
    the legal age. If we learn that an individual under the legal age has provided us with personal
    information, we will delete it.

    11. CHANGES TO THIS PRIVACY POLICY

    Except to the extent limited by applicable law, ABI may decide at any time − at its discretion − to
    change, modify, and/or add all or parts of this Privacy Policy in the future. Any change to this Privacy
    Policy will be posted on this page and, notified to you by e-mail (where appropriate or required by law
    and to the extent that we have your e-mail address). We will indicate at the top of this Privacy Policy
    the date on which the Policy was last modified.

    Where required by law, we may also ask you to expressly confirm your consent to the modified Privacy
    Policy.