Employee Handbook



               Reporting of Violations and No Retaliation

               Employees who observe and report violations of these Drug free Workplace Conduct Policies should promptly
               report such incidents to their manager, the Human Resources Department. SHTPL will make every effort to
               maintain confidentiality in its handling of any such reports. No adverse personnel action may be taken against
               employees or applicants who report a violation of any of these policies or who otherwise exercise, or attempt
               to exercise, any right granted under applicable law or these policies. Prohibited retaliatory personnel actions
               include  but  are  not  limited  to:  dismissal,  demotion,  suspension,  disciplinary  action,  negative  performance
               evaluations, any action resulting in loss of compensation or other benefit, failure to hire, failure to appoint,
               failure to promote, or failure to transfer or assign against the wishes of the affected.

               II.B  ISMS (Information Security Management System) & Data ProtectionPolicy


               Introduction

               The objective of this policy is to define, develop, communicate and implement formal methods and procedures
               for establishing operational standards and certain procedures for Information Security.

               Scope of ISMS:

               The Management of Information Security System & Data Security of SHTPL comprising of processing of Official
               or Personal Information or Data of their customers and preserving the confidentiality, integrity and availability
               of information assets, processes, people and its support functions.

               Business Information at SHTPL:


               SHTPL’s Business Information is any knowledge, intelligence, facts, or data of its clients, subsidiaries and
               affiliates.

               Personal Information / Data at SHTPL:

               Personal information / data is any information relating to an identified or identifiable natural person, who can
               be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification
               number, location data, an online identifier or to one or more factors specific to the physical, physiological,
               genetic, mental, economic, cultural or social identity of that natural person

               Flow  of  SHTPL’s  Business  information  or  Personal  Information  may  include,  but  is  not  limited  to  the
               following:

               •   Information in hard copy or paper format
               •   Information entered, processed, and stored in electronic form utilizing systems technology
               •   Information transmitted using telecommunications technology
               •   Customer information, subject to client, government, and SHTPL’s confidentiality policies
               •   Undisclosed financial results of SHTPL
               •   Information subjects to regulatory scrutiny
               •   Information spoken in conversation










               Strictly for Internal Circulation only              Version 7.2 – Worked on 06/2024 [PG: 7]