Constance Hotels Services Limited | Annual Report 2025

ANNUAL REPORT 2025

95

Corporate Governance Committee (CGC)

Data Protection Steering Committee (DPSC)

Meetings held in 2025: 4

Management and Auditor Participation

Mandate of the Committee

Senior members of management and representatives of the Internal and External Auditors attend ARC meetings by invitation. The Internal and External Auditors have unrestricted access to the ARC and may meet with the Committee without Management present, at least once annually or whenever required.

The Corporate Governance Committee oversees the DPSC, which meets biannually to oversee CHSL’s data protection framework and ensure alignment with applicable legal and regulatory requirements. The Committee monitors the implementation and effectiveness of data protection policies, procedures and controls, with a focus on safeguarding personal data and strengthening governance practices across the organisation. During its meetings, the Committee reviews key data protection reports, including compliance status, data breach incidents (if any), and ongoing remediation or mitigation measures. It also considers updates on regulatory developments, staff awareness initiatives and progress on data protection projects, ensuring continuous improvement and adherence to best practices in data governance.

The following executives are invited to attend CGC meetings where relevant:

The CGC assists the Board in overseeing the Company’s governance and compliance framework. Through its work, the Committee supports the Board in ensuring: – Strong governance and compliance oversight – Effective data protection and regulatory compliance frameworks

– Constance Group Chief Executive Officer – Group Head of Corporate Affairs – Chief Operations Officer – Compliance Officer – Corporate Sustainability Manager – Chairperson of Fondation Constance CSR Committee

IT Steering Committee (ITSC)

– Structured sustainability and CSR governance – Transparent corporate governance disclosures

Governance & Compliance

The ARC oversees the IT Steering Committee (ITSC) which supports the governance of:

Governance Area

Key Responsibilities

– Review of Corporate Governance disclosures in the Annual Report – Review of governance Policies, Codes and Charters – Monitoring of compliance matters and legal developments

– Information technology strategy – Information systems security – IT investments and major technology initiatives – Cybersecurity risk management

Corporate Governance

Monitor the Company’s governance framework, charters, policies and codes

Meetings held in 2025: 2

Data Protection

The ITSC ensures that appropriate IT policies, controls and governance practices are implemented across the organisation.

– Oversight of GDPR and Data Protection Act compliance – Review of organisational and technical data protection measures

Regulatory Compliance

Oversee compliance with applicable laws and regulatory obligations

Nomination and Remuneration (NRC)

ITSC meetings in 2025: 2

Data Protection

Monitor implementation of the Company’s data protection framework Review measures relating to anti money laundering and countering the financing of terrorism Oversee sustainability strategy and Corporate Social Responsibility programmes

The NRC assists the Board in overseeing Board composition, succession planning, performance evaluation, and remuneration, ensuring that governance and remuneration practices are transparent, balanced, and aligned with the long-term interests of the Company.

Sustainability & CSR

Special Audit and Risk Management Committee (ERM) The Special Audit and Risk Management Committee of CHSL meets biannually to provide focused; – oversight on key risk, audit and control matters – review of the Enterprise Risk Management (ERM) Report, with particular attention to the identification, assessment and monitoring of principal risks and the effectiveness of corresponding mitigation initiatives as disclosed in the Annual Report. In fulfilling its mandate, the Committee also examines Internal Audit reports, including reviews of IT General Controls and compliance audits, ensuring that identified findings are appropriately addressed and that the control environment remains robust and aligned with regulatory and governance expectations.

– Approval and monitoring of the Fondation Constance CSR Plan – Monitoring implementation of the Sustainability Management Plan 2030

AML/CFT Oversight

Mandate of the Committee

Operational Governance

Sustainability and Corporate Social Responsibility

Through its work, the NRC ensures that the Company maintains:

– Health and safety reports and corrective actions – Intellectual property protection measures – Quality assurance audits and certifications

– an effective Board composition – structured succession planning – transparent remuneration practices – strong governance oversight

Health and Safety

Monitor implementation of health and safety standards and reporting

Reporting & Disclosure

Composition

– Review and recommendation to the Board of Annual Report disclosures – Oversight of governance disclosures on the Company’s website

Total Members: 3 Directors

Position

Profile

Chairman

Non-Executive Director

ERM Meetings: 2

Member

Non-Executive Director

Member

Executive Director