bZ-,l-vkbZ-lh- ?kks’k.

kk i= gsrq tkudkjh
deZpkjh dk uke ------------------------------------------------------------------- ¼vk/kkj dkMZ ds vuqlkj½
firk@ifr dk uke----------------------------------------------------------------------------------------------------------------------------------
tUefrfFk ----------------------------------------- iq:’k@efgyk ---------------------------------------------------------------------------
fu;qfDr fnukWad ----------------------------- fookfgr@vfookfgr ----------------------------------------------------------------
fu;qfDr in -------------------------------------- Lo;a dk vk/kkj dkMZ uacj --------------------------------------------------
deZpkjh ds ?kj dk irk
LFkkuh;irk ----------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------
LFkkbZ irk -------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------
Qksu ua- ----------------------------------------------------------------------------------------------------------------------------------------------------
mRrjkf/kdjh dk uke @Nominee Name
Ukke firk@ifr dk uke tUefrfFk lac/k vk/kkj dkMZ ua-

ifjokj dk fooj.k
Ukke firk@ifr dk uke tUefrfFk lac/k vk/kkj dkMZ ua- fMLisUljh
dsna z

iqjkuk ESIC uacj ;fn iwoZ esa vkcafVr gks ----------------------------------------------------------------------------------------

cSad dk [kkrk dza ,oa IFSC Code ---------------------------------------------------------------------------------------------------------

gLrk{kj fu;ksDrk deZpkjh gLrk{kj

uksV %& fu;ksDrkvksa ls vuqjks/k gS fd os mijksDr tkudkjh deZpkjh fd fu;qfDr fnukWd
a ds 1 lIrkg ds vUnj vfuok;Z
:Ik ls tek djk;s A
 NON COMPETE CUM NON DISCLOSURE AND SELF DECLARATION
AGREEMENT

This Non Compete Cum Non-Disclosure Agreement (hereinafter referred to as "Agreement")

is entered into at ___________________on this day of …………. 20…., by and between:

(TTBS), a company incorporated under the provisions of the Companies Act, 1956/2013 and
presently having its registered office at (Ganesh Galaxy City, 3rd Floor, Ayodhya
Bypass, Bhopal) (M.P.), on the FIRST PARTY;

AND
Mr/Ms/Mrs.____________________Son/Daughter/Wife of ___________________________
permanently residing at __________________________________________________ and is
entering and signing this Agreement as SECOND PARTY. Technotask Business Solutions and
__________________________ are collectively referred to as the "Parties" and each
individually as a "Party".

RECITALS:

A. The parties are into a commercial relationship of employer-employee and in some cases
principal-agent, depending upon the mutual agreement between them. This agreement
shall not be construed as appointment/engagement of any kind, but is limited to the
extent of non-disclosure of sensitive information and self-declaration of related parties
and indemnification/recovery from salaries/remuneration/fees/dues/other recovery
modes in case of financial loss to the first party.
B. The parties, particularly and exclusively the first party, based on their mutual
relationship, are exchanging certain information which is critical and peculiar to their
respective businesses and which needs to be safeguarded from being abused. Moreover,
first party and/or its clients have been a victim of financial losses due to
irregular/illegal/improper/unauthorized execution of work/disclosure of financial and
other sensitive information which needs to be indemnified (Recovered) by the
defaulting parties.
C. Further,the first party is facinf financial and reputational losses with regard to
irregular,immoral and illegal competition by the employees/agents/ex-employees,such
employees/agents/ex employees,who utilize the brand image of first party and wins
over the trust of the clients of the first party,illegallly utilize the resources and sensitive
information of the first party and incorporate smaller similar businesses and start
pitching the clients/prospective clients of the first party.this not only makes financial
losses to the first party but also brings reputational losses,as the clients/prospective
clients looses the trust towards the first party.
D. Pursuant to the aforesaid, the second party would have to self- declare that he/she is
related to any party, individual or incorporated entity, which have similar or same
business interest, as that of the first party and/or its clients and that if in case of any
unauthorized act of the second party, the first party and/or its clients suffers any

1
 financial loss/implication, then the same liquidated amount shall be borne/recovered
from the defaulting party.

E. The Employee specifically agrees that for a period of one year after the employee is no
longer employed by the company, the employee will not engage, directly or indirectly,
either as proprietor, stockholder, partner, officer, employee or any otherwise, in the
same or similar activities as were performed for the company in any business within a
state where the company has offices or within the state where company has its clients
or the customers of clients which distributes or sells products or provides services
similar to those distributed, sold, or sells product or provides services similar to those
distributed, sold, provided by the company at any time during one(1) year preceding
the employee’s termination employment.

NOW IT IS HEREBY AGREED AS FOLLOWS:

1. "Confidential Information" shall mean all information, virtual and physical form of
data, know-how, ideas, designs, documents, concepts, technology, manufacturing
processes, industrial, marketing, commercial knowledge, and other materials of a
confidential nature and includes but is not limited to, information of a commercial,
technical or financial nature which contains amongst other matters, trade secrets, know-
how, patent and ancillary information and other proprietary or confidential information.

2. Except as otherwise provided in this Agreement, the second party shall, at the time of
employment or during employment, disclose to the first party, any relationship with a
related company/individual, who has same or similar business interest as of the first
party and/or its clients. Further, the Receiving Party shall keep confidential all the
confidential Information of the Disclosing Party which:
(a) is disclosed, communicated or delivered to the Receiving Party in furtherance
to the Purpose for which the Parties are entering into negotiations/discussions;
(b) comes to the Receiving Party's knowledge or into the Receiving Party's
possession in connection with negotiations/discussions towards the Purpose,

irrespective whether such Confidential Information is received before or after the date
of this Agreement.

3. The Receiving Party shall inform the Disclosing Party of any disclosures to third
parties, prior to any such disclosure. The Confidential Information as disclosed to the
Receiving Party shall be kept strictly confidential and shall not be sold, traded,
published or otherwise disclosed to anyone in any manner whatsoever, without the prior
written consent/approval of the Disclosing Party
4. Each Party acknowledges that a breach of this Agreement by one Party may cause the
other Party irreparable damage for which monetary damages would not be an adequate
remedy. Accordingly, in addition to other remedies that may be available, a Party may
seek injunctive relief against such a breach or threatened breach. Further, any monetary
loss caused to the disclosing party shall be recovered. Further, unliquidated damages
may be claimed by the disclosing party from the defaulting party. The parties further

2
 accept and understands, that such confidential information, relating to first party and/or
its client, if disclosed to the third party, may cause irreparable damages to the first party
and/or its client. Moreover, second party or his related party shall not compete with the
first party during agency/employment and even after that for a cooling period of 1 year.
Moreover, the second party undertakes that, after cessation of agency/employment,
he/she shall not solicit/poach other employees of the first party. such acts/abstainment
shall cause irreparable damages to the fist party. In such a case, the defaulting party
shall indemnify the first party to the tune of damages caused to it or its client due to
such unauthorized act of the defaulting party.
5. The parties further understand that in addition to the above civil remedy, the said
confidential information, tangible or intangible, if unauthorized utilized by the
receiving party, the same shall also attract penal provisions of Information Technology
Act, 2000 and also Indian Penal Code, 1860. Further, any intentional financial loss
caused to the first party shall attract penal provisions of Cheating and Criminal breach
of trust, as defined in Indian Penal Code, 1860.
6. This Agreement shall be effective and binding from (DOJ) and will continue until and
unless terminated in accordance with clause 7 herein.
7. This Agreement shall terminate upon the occurrence of the earlier of the following
events:
(a) by written agreement between the Parties;

(b) when either Party notifies the other in writing by a termination notice electing
to terminate this NDA from a prospective date. However, such notification
should have consent of the other party;

8. This Agreement shall be governed and construed in all respects in accordance with the
laws of India and the Courts of Bhopal, M.P. shall have exclusive jurisdiction to settle
any disputes.

Each party or representative of the party executing this Agreement represents that he/she
has the authority to enter into this Agreement and caused it to be effective as written above.
IN WITNESS WHERE OF THIS AGREEMENT was entered into the day and year first
above written.

SIGNED for and on behalf of SIGNED by

Authorized signatory for
From board resolution.
__________________________ ______________________________
Name: Name:
Address: Address:

3
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0

Information Security Policy

Version 1.0
Document History

Title Information Security Policy

Version 1.0
Classification Internal
Creation Date 2nd August 2021
Last Review Date 2nd August 2021
Author Abhishek Chatterjee
Custodian Info Sec team
Document Number Technotask / ISMS /TTBS- 01

Document Control Log

Version Change Description Reviewed by Approved by Date

1.0 Initial Policy Info Sec Team Ashutosh Singh 02nd August 2021
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0

Contents
1 Introduction ...........................................................................................................................................................4
2 Objective ................................................................................................................................................................5
3 Scope .....................................................................................................................................................................6
4 Applicability ...........................................................................................................................................................7
4.1 Policy Dissemination ....................................................................................................................................7
5 Overview ................................................................................................................................................................8
5.1 Risk Assessment ...........................................................................................................................................8
5.2 Information Security Policy Review .............................................................................................................8
5.3 Human Resource Security ............................................................................................................................8
5.4 Formal Acknowledgement ...........................................................................................................................8
5.5 Network Security ..........................................................................................................................................8
5.6 Communication and operation management ..............................................................................................9
5.6.1 Email ........................................................................................................................................................9
5.6.2 Internet ....................................................................................................................................................9
5.6.3 Logs ..........................................................................................................................................................9
5.6.4 Licensed software ....................................................................................................................................9
5.6.5 Change Management ...............................................................................................................................9
5.6.6 Patch Management..................................................................................................................................9
5.6.7 Virus Protection .......................................................................................................................................9
5.7 Business Continuity ......................................................................................................................................9
5.8 Physical Security ...........................................................................................................................................9
5.9 Incident Management ................................................................................................................................10
5.10 Logical Security ...........................................................................................................................................10
5.11 Information Asset and Data Classification .................................................................................................10
5.12 Compliance.................................................................................................................................................10
6 GLOSSARY of Terms .............................................................................................................................................11
7 Roles and Responsibilities ...................................................................................................................................12
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0

1 Introduction

This policy document provides the framework to develop and disseminate an information security policy. This
policy document provides overview of the various security policies and procedures to be followed at all applicable
facilities of TECHNOTASK Pvt. Ltd Including its Affiliates, Subsidiary, and Associates (referred as TECHNOTASK
henceforth).

2 Objective

Security of IT infrastructure and its related assets such as, but not limited to Information, Computer Systems,
network elements and related services are important to Technotask Business Solutions. Hence it is essential that
effective and efficient security measures are followed within Technotask. The aim of this policy is to ensure
confidentiality, integrity and availability of information and its processing related to Technotask.

3 Scope

All information (Technotask and its clients) and information system of Technotask along with in-house supporting
activities including facility management.

4 Applicability
Information security is team effort and requires participation from user who deals with information and/or
information systems of Technotask. This Policy is applicable to all information and IT assets owned and/or
administered by/in Technotask. Every user with access to Technotask information and/or Information Assets shall
comply with Information Security Policy specified herein and related documents when working with Technotask.

4.1 Policy Dissemination

The information security policy must be published and disseminated to all Technotask users with access to
Information and/or information systems.

5 Overview

5.1 Risk Assessment

In today’s world, IT environment has become dynamic and with technological changes being reported every day, it
becomes imperative to identify and re-evaluate risks to information and/or information systems as a practice.

The baseline for identifying and evaluating risks to be treated will be based on potential business impact of the
risk, if exercised. Business impact could be determined considering the loss to one or more of the following:
Service Disruption, revenue, Technotask repute etc. The risk assessment methodology will define the acceptable
level of risk beyond which risk will be treated. The organization will carry out an annual risk assessment process
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
that would identify major strategic developments in the industry, emerging threats, & vulnerabilities, to business
and IT assets of the Technotask and report results in a formal risk assessment document.

5.2 Information Security Policy Review

The information security policy will be reviewed by representative of senior management at least annually and
updated as needed to reflect changes to business objectives or the risk environment.

5.3 Human Resource Security

All hiring shall be done after attentive scrutiny and due diligence. All Technotask personnel are required to attend
Information Security Program presented during Induction.

All resources are also required to acknowledge and sign Non-Disclosure Agreement with Technotask, binding them
not to divulge any Technotask information to unauthorized parties/personnel.

5.4 Formal Acknowledgement

The organization should require employees to acknowledge in writing that they have read and understood the
Technotask’s security policy and procedures.

5.5 Network Security

Technotask shall implement adequate measures to ensure Confidentiality, Integrity and Availability of Information
and Information assets.
All connections to Technotask network from external networks shall be segregated and protected.
Interconnectivity of networks between Technotask and third party (Vendors, Customers etc.) shall be provided
after authorization.

5.6 Communication and operation management

5.6.1 Email
Technotask shall provide electronic mail service to all Technotask users for conducting its business. Technotask
reserves rights to monitor the email communication of all its users in the interest of the organization objectives.

5.6.2 Internet
Internet access shall be provided to all employees of Technotask in line with Business requirements and IT policy.

5.6.3 Logs
Log files will be maintained for a period of one year (wherever it is technically feasible) or otherwise mentioned in
any other policy and/or requirement.

5.6.4 Licensed software

Only licensed software will be used in the Technotask. Any other commercial software shall be used in accordance
with licensing agreement and copyright law. Refer IT Policy and Software List for approved software details.
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
5.6.5 Change Management
All new deployments and modification to existing and future internal application/computer systems/network shall
be done per approved Change Management Policy.

5.6.6 Patch Management

Vendor/OEM security release patches/updates shall be applied on all desktop, servers, laptops and other
applicable devices in line with Patch Management Policy.

5.6.7 Virus Protection

All desktops, laptops, servers and other applicable devices shall be timely and regularly updated with Anti-Virus in
line with Anti-Virus Policy.

5.7 Business Continuity

Technotask shall develop and implement an effective contingency plan and deploy mitigation strategy to recover
IT services in case of disaster. Regular Business Continuity trials/tests and mock drills shall be performed to test
effectiveness as stated in Business Continuity plan.

5.8 Physical Security

Technotask give safety of human life the highest priority and shall have systems to ensure their safety in case of
disaster like fire etc.

All server room and/or secure areas shall be physically segregated from other areas.

Physical access to Technotask and secure areas within the facility would be restricted to authorized users For more
details, please refer Physical Security Policy.

5.9 Incident Management

A formal Security incident management policy shall be in place to report security incidents. All users shall
immediately report security incidents in line with Incident Management Policy.

5.10 Logical Security

Logical and Physical access to information (including CHD), information systems and processing facilities will be
based upon roles, need to know/access and need to carry out a task. All such access will be monitored and
controlled through appropriate authentication/authorization procedure, reviewed at regular intervals.

5.11 Information Asset and Data Classification

Data and information classification is the conscious decision to assign a level of sensitivity to data as it is being
created, amended, enhanced, stored or transmitted. All information in paper form and digital form shall be
identified and classified per the relevant details outlined in Information asset and data classification policy.

5.12 Compliance
At all times shall ensure their in-scope system and network components comply with various applicable regulatory
 Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
requirement and are assessed and certified by accreditation agency at regular intervals as required by respective
standard. Technotask is currently certified to following:
1) PCI-DSS
2) ISO 27001

6 GLOSSARY of Terms
Below is the glossary of terms/abbreviations used in this document:
Term/Acronym Explanation
CHD Card Holder Data
BC Business Continuity
IT Information Technology
HR Human Resources
Admin Administration
HoD Head of Department

7 Roles and Responsibilities

The implementation of security and maintenance within Technotask is cross functional. The chart below states the
responsibilities.
Areas Responsibility/Ownership
Human Resource Security HR
Acceptable Use All users
Network Security IT
Communication and Operation management IT
Business Continuity IT, HoD’s
Physical Security Admin
Incident Management Users, IT, Admin
Logical Security IT
Information Asset and Data Classification IT, Admin and Data Owners

The Technotask InfoSec is the owner of this document and is responsible for ensuring that this policy document is
reviewed in line with the review requirements stated above.

A current version of this document is available to all members of staff.

This policy was approved by the Board and is issued on a version-controlled basis under his/her signature.

Digitally signed by
Ashutosh Singh
Ashutosh Singh Date: 2021.08.02
11:12:56 +05'30'
Signature: Date: