Information Security Policy Statement

We, at Whisk Software Pvt Ltd. (WSPL) (A subsidiary of GSPANN Technologies Inc.) are committed to “establish, monitor and continually improve our safeguards for the confidentiality, integrity and availability of all our physical and electronic information assets to ensure that regulatory, operational and contractual requirements are fulfilled.”

We are committed to ensure that.

• Regulatory and legislative requirements related to operation are met
• The confidentiality of information is protected and prevent disclosure of valuable or sensitive information
• The integrity of information is maintained to ensure its accuracy and completeness
• The availability of information is maintained to meet business needs and client’s requirements.
• Enhance employee’s participation through regular training programs.
• Incident management process is established and implemented to ensure that all breaches of information security, actual or suspected are reported and investigated
• Risks are mitigated to an acceptable level through a risk management framework
• The information security management system is continually improved
• Appropriate resources are allocated in order to implement, operate and review an effective Information Security Management System

All stakeholders are responsible for implementation of respective security policies and procedures within their area of operation and oversee adherence by their team members.

WSPL shall follow a formal disciplinary process for employees who have allegedly violated the information security policies and procedures.

WSPL will take all necessary steps to ensure that its Information Security policy is understood, implemented, and maintained at all levels in the Organisation.

Date: 2024-01-10

Version: 1.2

Approved By: Mohit Malik, COO