INFORMATION SECURITY POLICY

Information Security Management System

Last update: 26/06/2023

The Management of Travel Compositor understands its duty to ensure the security of information as an essential element for its employees, customers and third parties related to online sales, and therefore supports the following objectives and principles:

• Implement the value of Information Security throughout the organisation.
• Contribute each and every person in Travel Compositor to the protection of Information Security.
• Preserve the confidentiality, integrity and availability of information, in order to ensure compliance with legal requirements, regulations relating to information security.
• To protect Travel Compositor’s information assets from all threats, whether internal or external, deliberate or accidental, with the objective of ensuring continuity of service to applicants and information security.
• Establish an information security plan that integrates the activities of prevention and minimisation of the risk of security incidents based on the risk management criteria established by Travel Compositor.
• To provide the necessary means to be able to carry out the relevant actions in order to manage the identified risks.
• Define as a security management framework the commitment to continuous improvement using as a reference the ISO/IEC 27001 standard to establish the information security management system and the ISO/IEC 27002 standard as a set of good practices for information security management.
• Take responsibility for information security awareness and training as a means of ensuring compliance with this policy.
• Extend our commitment to information security to customers.