Security Policy

The Management of Jumbonline Accommodations & Services understands its duty to ensure information security as an essential element for its employees, customers and third parties related to destination services and therefore supports the following objectives and principles:

- To implement the value of Information Security throughout the organisation.

- To contribute each and every person in Jumbo Tours to the protection of Information Security.

- To preserve the confidentiality, integrity and availability of information, with the aim of ensuring that legal, regulatory and contractual requirements relating to information security are met.

- To protect the information assets of Jumbo Tours from all threats, whether internal or external, deliberate or accidental, in order to guarantee services to all customers.

- Establish an information security risk management system to identify, analyse, evaluate and address risks affecting Jumbo Tours or its supply chain.

- Define as a security management framework the commitment to continuous improvement using as a reference the UNE-ISO/IEC 27001:2023 standard to establish the information security management system and the UNE-ISO/IEC 27002:2023 standard as a set of good practices for information security management.

- Take responsibility for information security awareness and training as a means of ensuring compliance with this policy.

- Extend our commitment to information security to customers.