Standard Control and Specifications of Hardware and Software: GC has introduced policies to control hardware and software standards, which require, for instance, the replacement of IT equipment every three years; quarterly preventive maintenance; the installation of a server monitoring system that notifies administrators via SMS and email upon detecting irregularities for prompt troubleshooting; annual vulnerability assessment and remediation; the installation and regular updating of antivirus software in server and client computers; as well as daily, weekly, and monthly data backup. Information Security and Safety: GC has implemented various measures, including the identification of key information assets according to ISO 27001 and ISO 22301 and risk assessment for safety planning. The Company has also established relevant policies, compiled handbooks, installed defense systems, and appointed a cyber response team to cope with cyber attacks, examine damage, and initiate recovery according to the cyber security incident procedure, as well as fostered a cybersecurity culture and cultivated cybersecurity awareness in all employees. (4) Use of Internal Information An Internal Information Use Policy has been established and included in the Corporate Governance and Business Code of Conduct Handbook. It has also been published on the Company’s website for shareholders’ ready access. Directors, Executives and employees are constantly reminded to strictly comply with the policy, and must not disclose any internal information received from performing their duties to anyone or use such information to seek profits or benefit from unlawful trading of security or causing the Company to lose benefits either directly or indirectly. The details of the policy appear under “Prevention of Internal Information Use” of “Policy and Practices Related to Shareholders and Stakeholders.” In 2021, it was not found that any Directors or Executives traded securities during GC’s blackout period. Changes in the shareholding of the Board of Directors, their spouses, and their minors appear under Key Information on the “Board of Directors” and “Executives”. (5) Prevention of conflicts of interest GC prioritizes the interests of the Company and its stakeholders in its business operation as an important policy and has thus established best practices to demonstrate its commitment to transparency and accountability. Under these practices, it is the duty of GC’s Directors, Executives, and employees at all levels, including related persons, to avoid involving in a conflict of interest or acting in such a matter that may bring about a conflict of interest. In case such avoidance is impossible, responsible units must supervise the transaction to ensure its transparency and clarity for the best interests of the Company. In this regard, GC has set standards and guidelines for performing of duties and engaging in other activities which may give rise to stake or conflict of interest, as follows: 1. Refrain from any action that will cause one to have stake or conflict of interest with the Company either by contact with trade partners of the Company, take opportunity, or use information received by being employee of the company to seek personal benefits and engage in business which competes with the Company or engage in other work outside of the Company affecting work of the Company. 2. In case the Company’s employee or its related person is obligated in transaction with the Company for the benefit of the Company, the undertaking of such transaction must be on an arm’s-length basis with normal commercial terms. 3. The consideration and disclosure on stake, connected transaction or conflict of interest must be carried out strictly and carefully in accordance with the applicable laws and regulations of the Security and Exchange Commission and the Thailand’s Stock Exchange whereby the Directors, Executives and/or employee having conflict of interests must not be included in the consideration of the transaction and, if it is necessary for such person to provide information and details for consideration, such person shall not vote nor give any opinion in the consideration approving the entry into such transaction for independency of the consideration. 4. An entry into business transaction must be carried out with honesty, trustworthiness, reasonability and independency within the scope of corporate governance and taking best benefit of the Company into consideration. 5. In case there is an undertaking or circumstance that may cause or deem to give rise to conflict of interest with the Company, a written report on the aforesaid transaction in the form specified by the 182 PTT GLOBAL CHEMICAL PUBLIC COMPANY LIMITED Form 56-1 One Report 2021