The Management of Jumbo Tours understands its duty to ensure the security of information as an essential element for its employees, customers and third parties related to destination services and, therefore, supports the following objectives and principles:
- Implement the value of Information Security throughout the Organization.
- Contribute each and every one of the people of Jumbo Tours to the protection of Information Security.
- Preserve the confidentiality, integrity and availability of information, with the aim of ensuring that legal, regulatory and contractual requirements relating to information security are met.
- Protect Jumbo Tours’ information assets from all threats, whether internal or external, deliberate or accidental, with the aim of guaranteeing services to all customers.
- Establish an information security risk management system, with the aim of identifying, analyzing, assessing and dealing with risks affecting Jumbo Tours or its supply chain.
- Define the commitment to continuous improvement as a security management framework, using the UNE-ISO/IEC 27001:2023 standard as a reference to establish the information security management system and the UNE-ISO/IEC 27002:2023 standard as a set of good practices for information security management.
- Assume responsibility for information security awareness and training as a means of ensuring compliance with this policy.
- Extend our commitment to information security to customers.
