At Air Partner, we are committed to maintaining the highest standards of cybersecurity, privacy, and data protection across all our operations. We comply with applicable global data protection laws, including the EU & UK GDPR, CCPA, and other international frameworks, and go beyond minimum requirements to embed security and privacy by design.
We implement a wide range of best practices to protect the data entrusted to us. These include robust encryption, role-based access controls, regular penetration testing, and comprehensive employee training. We are PCI DSS compliant, ensuring the secure handling of payment and financial information in line with industry standards. Our business continuity and disaster recovery strategy helps us maintain resilience and service availability during unexpected events.
A dedicated Data Protection Officer (“DPO”) oversees our data governance and compliance activities. Our incident response plan enables swift detection, containment, and recovery from potential security incidents, and we perform rigorous vendor due diligence to ensure our third-party partners meet our security and privacy expectations.
We also align our approach with the UK’s National Cyber Security Centre (“NCSC”) Cyber Assessment Framework (“CAF”) and are actively working towards ISO/IEC 27001 certification to further strengthen our information security management system.
Through these efforts, we aim not only to meet but to exceed regulatory expectations, building a foundation of trust, transparency, and accountability for our customers, partners, and stakeholders around the world.
Further information about our approach to cyber security and privacy is available on request, please email: [email protected]
