Duve Amongst the First SaaS Companies in Hospitality to Achieve ISO 27001 & ISO 27701 Certifications

Duve Achieves this Certification Ensuring the Highest Level of Security and Privacy for its Customers’ Data

Company logo

Duve, awarded best guest experience platform for hotels, becomes one of the first SaaS companies in hospitality to achieve the ISO 27001 & 27701 certifications. Achieved after thorough penetration tests, employee training, internal audits and implementation of security tools, these certifications demonstrate Duve's commitment to maintaining the highest levels of security and data protection for their customers and partners. The ISO 27001 & 27701 certifications guarantee peace of mind for Duve's hoteliers and apartment hosts, assuring that sensitive information is protected.

Data protection is a crucial aspect of hotel management that can cause significant reputation damage and financial losses for hotels. IBM’s Cost of a Data Breach Report noted the average cost of a data breach in hospitality reached $2.94 million in 2022. Jeremy Atlan, Chief Business Development Officer and Co-Founder at Duve shares, “We saw data breaches affecting many major hotel chains. In 2018, for example, one of the largest global hotel chains announced that personal data of 500 million guests was compromised in a data breach. This breach had significant consequences for the company and its customers, including severe financial losses and reputation damages. With sensitive information flowing between multiple systems in a hotel’s tech-stack, overlooking the need for strong security controls is not an option for hoteliers looking to grow their business, as the impact of a data breach can take a company several years to fully recover from the damage to its reputation and customer trust.”

Shai Bar, Chief Technology Officer and Co-Founder at Duve adds, “In recent years, the hospitality industry has been increasingly targeted by cybercriminals who seek to gain unauthorized access to sensitive information. These breaches have affected not only small hotels, but also large hotel chains, highlighting the need for robust security controls to protect guest data. As technology continues to play a critical role in hospitality, sensitive information such as guest personal details, identification documents, credit card information and more are being stored electronically. It's crucial that hotels implement comprehensive data protection measures to safeguard this information. Achieving both ISO 27001 and ISO 27701 certifications is a significant milestone for us at Duve, demonstrating our commitment to maintaining the highest levels of security and data protection for our customers and integration partners. As a technology provider, it is crucial to have proper controls in place to protect sensitive information and guarantee peace of mind for our hoteliers or hosts and their guests personal information. This is an ongoing commitment and Duve will continue to invest in data protection through yearly external audits, to maintain the highest level of data protection for our customers.”

About Duve

Duve is revolutionizing guest experience by offering a truly personalized guest experience suite. Duve helps hoteliers create a tailored and digital journey for each and every guest - from online check-in flows that meet the exact needs of each guest, to a web-based guest app with relevant content in the guests' native language, to personalized upsells that increase revenue potential and satisfaction of each guest. By partnering with more than 150 integration partners, across all major PMS’s, OTA’s, PSP’s, Digital Key providers and 3rd-party vendors, Duve helps transform the way guest experience is provided at thousands of hotels and vacation rentals around the world.