eDreams ODIGEO has obtained certifications in the following IT Standards and regulatory & compliance requirements.

iso 27001 eDreams ODIGEO Certifications

The International Organization for Standardization ISO/IEC 27000 family of standards provides a framework for policies and procedures that include the controls involved in an organization’s information risk management processes.

The ISO/IEC 27001:2013 security standard specifies that an organization has in place an Information Security Management System (ISMS) consisting of the policies, procedures, guidelines, and associated resources and activities, collectively managed by an organization, in the pursuit of protecting its information assets.

As a formal specification, it mandates requirements that define how to implement, monitor, maintain, and continually improve the ISMS.

eDreams ODIGEO is ISO/IEC 27001:2013 certified since September 2022 and recertifies on an annual basis.

PCI DSS Certified

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.

The Payment Card Industry Security Standards Council (PCI SSC), launched in 2006 and driven by the credit card brands, manages the ongoing evolution of the standards.

Compliance validation is performed by an external Qualified Security Assessor (QSA) and certification is revalidated annually.

eDreams ODIGEO has been PCI DSS Certified by the QSA, A2 Secure, since 2016, with the most recent certification achieved in July 2023.