April 15 - 16, 2026

Palma Convention Centre

REGISTER NOW

Get your ticket
Contact us

Public Safety Policy 

1. Purpose

To establish the general framework for protecting the information assets of Juniper Travel Technology S.L., ensuring their confidentiality, integrity, and availability (C-I-A) and compliance with applicable regulations. 

2. Scope

This policy applies to: 

  • All business units, processes, information, systems, and networks under Juniper’s control, regardless of geographic location. 
  • Employees, executives, interns, contractors, suppliers, and third parties who access or process company information. 
  • Information in any format: digital, printed, or verbal. 

3. Context and requirements

The Information Security Management System (ISMS) considers: 

  • The organization’s internal and external environment. 
  • The expectations of customers, employees, shareholders, regulators, partners, and suppliers. 
  • Applicable legal and contractual obligations (GDPR, PCI-DSS, LOPDGDD, SOC 2, ISO 27001:2022, among others). 

Requirements are reviewed at least annually or whenever significant changes occur. 

4. Management commitment

Management is committed to: 

  • Complying with legal, regulatory, and contractual requirements. 
  • Providing resources to implement and improve the ISMS. 
  • Establishing and reviewing measurable security objectives. 
  • Communicating the importance of information security. 
  • Promoting continuous improvement through audits and management reviews. 

5. General principles

  • Protection of information according to its value and criticality. 
  • Access based on the “need-to-know” principle. 
  • Risk-based approach to decision-making. 
  • Mandatory compliance with ISMS policies and controls. 
  • Zero tolerance for misuse of systems or information. 
  • Individual responsibility to report security incidents or weaknesses. 

6. Security objectives

Information security objectives: 

  • Are aligned with the confidentiality, integrity, and availability of information. 
  • Are documented, monitored, and periodically reviewed. 
  • Include regulatory compliance, customer trust, business continuity, and continuous improvement. 
  • Incorporate performance indicators (KPIs) such as incidents, response times, training completion, and audit compliance. 

7. Risk management

Juniper maintains an ongoing process for identifying, analyzing, and treating risks based on the MAGERIT methodology adapted to the organization.
Treatment plans are aligned with ISO 27001:2022 controls. 

8. Security controls

The organization implements controls focused on: 

  • Security governance and strategy. 
  • Personnel protection and access control. 
  • Information classification, encryption, backup, and protection. 
  • Identity and access management. 
  • Security throughout the software development lifecycle. 
  • Supplier and supply chain management. 
  • Business continuity and resilience. 

9. Roles and responsibilities

  • General Management: Approve the policy and allocate resources. 
  • Security Committee: Oversee the ISMS and its compliance. 
  • Asset Owners: Classify information and authorize access. 
  • IT and Development Teams: Implement technical controls. 
  • Users: Comply with the policy and report incidents. 

10. Training and awareness

All personnel receive initial and annual information security training.
Records are maintained as evidence of compliance. 

11. Communication

This policy is communicated internally and made available to customers and interested parties when appropriate. 

12. Documentation and control

ISMS documentation is managed with version control in corporate repositories.
Changes are approved in accordance with established procedures. 

13. Monitoring and audit

Performance indicators are established, and periodic internal audits are conducted to evaluate ISMS effectiveness and promote improvements. 

14. Incident management

A formal procedure exists for the detection, reporting, response, and notification of security incidents, including applicable legal obligations. 

15. Continuous improvement

Nonconformities are analyzed, and corrective actions are implemented.
The ISMS is continuously improved through reviews and the PDCA cycle. 

16. Non-compliance

Failure to comply with this policy may result in disciplinary measures or legal action.
In the case of third parties, it may lead to contract termination. 

17. Validity and review

This policy enters into force upon approval and is reviewed at least annually or in the event of significant changes. 

18. Regulatory compliance

The organization maintains its ISMS aligned with standards and regulations such as: 

 
Version: 1.0 / Date: September 10th, 2025

Try the demo
for Cruises lines

[formulario_pardot_demo_cruises_home_EN]

Try the demo
for Airlines

[formulario_pardot_demo_airlines_home_EN]

Try our demo
for Bed Banks

[formulario_pardot_demo_bed_banks_home_EN]

Try the demo
for OTAs

[formulario_pardot_demo_ota_home_EN]

Try the demo
for DMCs

[formulario_pardot_demo_dmc_home_EN]

Try the free demo
for TTOO

[formulario_pardot_demo_ttoo_home_EN]

Try the demo

[formulario_pardot_demo_home_EN]