security approach

A Travel Partner you can Trust

At Goelett, we understand that your travel data is yours to protect. We are committed to providing you with a secure and reliable travel management solution that puts your data first. We employ industry-leading security measures to safeguard our users’ information and comply with all applicable privacy regulations. When you choose Goelett, you can rest assured that your travel data is in safe hands.

ISO 27001 Certification

Goelett prioritizes user and client data security. Our renewed ISO 27001:2022 certification signifies the highest information security standards. This robust system safeguards travel data through:

  • Multi-Layered Protection: Technical, operational, and legal measures ensure data availability, integrity, and confidentiality.
  • Empowered Team: Every Goelett employee is trained to prioritize data security.
  • Secure Development: Our ISO-certified development lifecycle prioritizes secure code from the start.
  • Data Sanctuary: Strict data protection measures guarantee information confidentiality, accuracy, and availability.


Goelett's Multi-Layered Security Framework

  • All
  • Application Security
  • Data Security
  • Network Security
  • Standards Compliance
All
  • All
  • Application Security
  • Data Security
  • Network Security
  • Standards Compliance
Application Security

Secure coding practices

We are committed to creating software that is secure from the ground up. Our team of security experts employs automated code scans and rigorous testing procedures to identify and fix security vulnerabilities early in the development process. We also adhere to strict coding guidelines and standards to minimize the risk of introducing security flaws.
Application Security

Secure website infrastructure

We use a content delivery network (CDN) to distribute content and reduce the load on our servers. We implement load balancing to ensure that our website can handle high traffic volumes. We always use a secure communication protocol like HTTPS to protect data transmitted between the user and the website.
Application Security

Multi-tier architecture

Our application is hosted in segmented environment alowing only neccessary data to flow between predefined elements in different tiers to minimise the risk of hackers attacks.
Application Security

Secure website infrastructure

We use a content delivery network (CDN) to distribute content and reduce the load on our servers. We implement load balancing to ensure that our website can handle high traffic volumes. We always use a secure communication protocol like HTTPS to protect data transmitted between the user and the website.
Data Security

Secure database management

We use strong encryption to protect all data stored in our databases, both at rest and in transit. We also implement access control measures to restrict access to sensitive data to authorized users only. Regularly back up your database to protect against data loss or corruption.
Data Security

Secure data storage and transmission

We use strong encryption to protect all data both at rest and in transit.We also implement data loss prevention (DLP) solutions to prevent sensitive data from being exfiltrated from our systems. We only store data for as long as it is needed and then securely dispose of it.
Data Security

Secure software updates

We proactively install security patches and updates for all software components as soon as they are available. We also implement a testing and validation process for new software updates to ensure that they do not introduce new security vulnerabilities. We create a rollback plan in case a software update introduces new problems.
Network Security

Secure user accounts

We educate our users about cybersecurity risks and how to protect themselves from phishing attacks and other online threats. We provide clear and concise instructions for reporting security incidents. We implemented Zero Trust approach and all accounts including privileged accounts require multi-factor authentication. Any suspicious activity is automatically reported and analysed by our SOC team.
Network Security

Secure network infrastructure

We employ firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation to protect against unauthorized access and malicious attacks. These measures help to isolate different parts of our system and reduce the risk of unauthorized movement of data. We also use strong passwords and multi-factor authentication for all network access.
Standards Compliance

Isolated environment

Development, test and production environments are physically separated on dedicated servers to ensure data isolation. Development and testing environments use pseudonymized data to protect user privacy. Access to the production environment is strictly controlled. Before being deployed to production, the code undergoes rigorous testing. Additionally, any changes require the consent of designated reviewers before implementation

GDPR compliance

Goelett is committed to complying with the General Data Protection Regulation (GDPR), a European Union regulation that protects the personal data of individuals within the EU. We have implemented a comprehensive data protection program that includes measures to identify, assess, and mitigate data protection risks. We also have a dedicated data protection officer (DPO) who is responsible for overseeing our compliance efforts.

Privacy Policy

We are committed to protecting your privacy. Our privacy policy outlines how we collect, use, and disclose your personal information. We will never share your data with third parties except when strictly necessary for the delivery of our services. This means we only share your data with partners who directly contribute to your travel experience, such as airlines or hotels.

Request a demo

Request a personalized demo to unlock the potential of seamless booking with Goelett.
Explore how our online booking solution can enhance travel management at your company.

If you have any questions about your booking, please contact our dedicated team at travelsupport@goelett.eu.

Request a demo EN

The information you provide on this form will be used by Goelett to send you news about our brand. You have the right to access, modify, delete and port all data concerning you.