Information Security Policy
Last Updated: June 29, 2026
1. Purpose
Smart Travel One™ is committed to maintaining the highest standards of information security, confidentiality, integrity, and availability across all its international operations.
As The Silent Infrastructure™, Smart Travel One™ coordinates trusted international services while protecting the information entrusted to us by our clients, members, partners, institutions, and employees.
This Information Security Policy establishes the principles governing the collection, storage, processing, transmission, and protection of information throughout our global operations.
2. Scope
This policy applies to:
Smart Travel One LLC (Delaware, USA)
Smart Travel One Regional Office (Bujumbura, Burundi)
Directors
Employees
Consultants
Independent service providers
Strategic partners
Contractors
Authorized representatives
All individuals working with Smart Travel One™ are expected to comply with this policy.
3. Security Principles
Smart Travel One™ operates according to the following principles:
Confidentiality
Integrity
Availability
Accountability
Professional Ethics
Privacy by Design
Least Privilege Access
Continuous Risk Management
These principles guide every operational and technological decision within our organization.
4. Information We Protect
Smart Travel One™ may process information including:
Client identification information
Passport and travel documentation
Consultation records
Membership information
Payment confirmation records
Business correspondence
Partner documentation
Corporate governance records
Internal operational procedures
Strategic planning documents
Information is collected only where necessary for the delivery of requested services.
5. Confidentiality
Confidentiality is a core value of Smart Travel One™.
Employees, contractors, consultants, and authorized partners shall not disclose confidential information obtained during the course of their duties except where:
authorized by the client;
required by law;
necessary to deliver contracted services through approved partners.
Unauthorized disclosure of confidential information may result in disciplinary action, termination of contractual relationships, and legal proceedings where applicable.
6. Access Control
Access to information is granted strictly on a need-to-know basis.
Smart Travel One™ applies the principle of least privilege, ensuring that users receive only the minimum level of access required to perform their responsibilities.
Administrative access is restricted to authorized personnel.
7. Data Protection
Smart Travel One™ implements administrative, organizational, and technical safeguards designed to protect information against:
Unauthorized access
Accidental disclosure
Data loss
Cyber attacks
Malware
Fraud
Identity theft
Unauthorized modification
Service disruption
Security measures are continuously reviewed and improved as technology evolves.
8. Password and Authentication
Authorized users are required to:
Use strong passwords.
Maintain password confidentiality.
Enable Multi-Fulti-Factor Authentication (MFA) where available.
Never share login credentials.
Immediately report suspected unauthorized access.
9. Third-Party Partners
Smart Travel One™ coordinates services through carefully selected international partners.
Partners receive only the information necessary to perform contracted services.
Partners are expected to maintain security and confidentiality standards appropriate to the services they provide.
10. Payment Security
Smart Travel One™ does not store complete payment card information on its own servers.
Payments are processed through authorized and secure third-party payment providers selected according to regional operational requirements.
All payment processing follows applicable security standards established by the respective payment providers.
11. Incident Reporting
Any suspected security incident, including:
unauthorized access,
phishing attempts,
malware,
data leakage,
fraudulent activity,
system compromise,
must be reported immediately to Smart Travel One™ management.
Security incidents are investigated promptly, and appropriate corrective actions are implemented.
12. Business Continuity
Smart Travel One™ maintains business continuity and disaster recovery procedures designed to minimize operational disruption.
Critical systems are protected through secure hosting infrastructure, encrypted communications, routine backups, and operational recovery procedures.
13. Employee Responsibilities
Every employee and authorized representative is responsible for:
Protecting confidential information.
Following internal security procedures.
Reporting suspicious activities.Maintaining professional confidentiality.Respecting client privacy.
Protecting organizational assets.
Information security is a shared responsibility across the organization.
14. Continuous Improvement
Smart Travel One™ regularly reviews its security controls, operational procedures, governance framework, and technology to address emerging threats and continuously strengthen the protection of client and organizational information.
15. Contact
Questions regarding this Information Security Policy may be directed to:
Smart Travel One™
Global Information Security Office
Email: security@smarttravelone.com
Website: https://smarttravelone.com
Smart Travel One™
The Silent Infrastructure™
Innovation Without Borders™
The Bridge Between Africa and the World™