security approach
At Goelett, we understand that your travel data is yours to protect. We are committed to providing you with a secure and reliable travel management solution that puts your data first. We employ industry-leading security measures to safeguard our users’ information and comply with all applicable privacy regulations. When you choose Goelett, you can rest assured that your travel data is in safe hands.
Goelett prioritizes user and client data security. Our renewed ISO 27001:2022 certification signifies the highest information security standards. This robust system safeguards travel data through:
We are committed to creating software that is secure from the ground up. Our team of security experts employs automated code scans and rigorous testing procedures to identify and fix security vulnerabilities early in the development process. We also adhere to strict coding guidelines and standards to minimize the risk of introducing security flaws.
We use a content delivery network (CDN) to distribute content and reduce the load on our servers. We implement load balancing to ensure that our website can handle high traffic volumes. We always use a secure communication protocol like HTTPS to protect data transmitted between the user and the website.
Our application is hosted in segmented environment alowing only neccessary data to flow between predefined elements in different tiers to minimise the risk of hackers attacks.
We use a content delivery network (CDN) to distribute content and reduce the load on our servers. We implement load balancing to ensure that our website can handle high traffic volumes. We always use a secure communication protocol like HTTPS to protect data transmitted between the user and the website.
We use strong encryption to protect all data stored in our databases, both at rest and in transit. We also implement access control measures to restrict access to sensitive data to authorized users only. Regularly back up your database to protect against data loss or corruption.
We use strong encryption to protect all data both at rest and in transit.We also implement data loss prevention (DLP) solutions to prevent sensitive data from being exfiltrated from our systems. We only store data for as long as it is needed and then securely dispose of it.
We proactively install security patches and updates for all software components as soon as they are available. We also implement a testing and validation process for new software updates to ensure that they do not introduce new security vulnerabilities. We create a rollback plan in case a software update introduces new problems.
We educate our users about cybersecurity risks and how to protect themselves from phishing attacks and other online threats. We provide clear and concise instructions for reporting security incidents. We implemented Zero Trust approach and all accounts including privileged accounts require multi-factor authentication. Any suspicious activity is automatically reported and analysed by our SOC team.
We employ firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation to protect against unauthorized access and malicious attacks. These measures help to isolate different parts of our system and reduce the risk of unauthorized movement of data. We also use strong passwords and multi-factor authentication for all network access.
Development, test and production environments are physically separated on dedicated servers to ensure data isolation. Development and testing environments use pseudonymized data to protect user privacy. Access to the production environment is strictly controlled. Before being deployed to production, the code undergoes rigorous testing. Additionally, any changes require the consent of designated reviewers before implementation
Goelett is committed to complying with the General Data Protection Regulation (GDPR), a European Union regulation that protects the personal data of individuals within the EU. We have implemented a comprehensive data protection program that includes measures to identify, assess, and mitigate data protection risks. We also have a dedicated data protection officer (DPO) who is responsible for overseeing our compliance efforts.
We are committed to protecting your privacy. Our privacy policy outlines how we collect, use, and disclose your personal information. We will never share your data with third parties except when strictly necessary for the delivery of our services. This means we only share your data with partners who directly contribute to your travel experience, such as airlines or hotels.
Request a personalized demo to unlock the potential of seamless booking with Goelett.
Explore how our online booking solution can enhance travel management at your company.
If you have any questions about your booking, please contact our dedicated team at travelsupport@goelett.eu.
|
