The future will be built on the union of technology and people
As the travel industry deepens its dependence on digital infrastructure, the vulnerabilities that come with that dependence have grown impossible to ignore. Spain's National Union of Travel Agencies, UNAV, has responded by assembling the first integrated protection package of its kind — weaving together legal compliance, cybersecurity auditing, and specialized insurance into a single offering for member agencies. The initiative, unveiled in Málaga in May 2026, reflects a broader reckoning: that digital transformation is not merely an opportunity but an obligation, and that the agencies best positioned to survive are those that pair technological readiness with the irreplaceable human qualities no platform can replicate.
- Data breaches, ransomware, and payment fraud are no longer distant threats for travel agencies — they are daily realities striking operations of every size across Spain.
- Most agencies have digitized rapidly without the legal or technical expertise to keep pace with multiplying regulatory requirements and evolving attack vectors.
- UNAV has partnered with UNAV Legal Deiurem, BOTECH, and global risk broker Aon to deliver a three-part shield: legal compliance review, tailored cybersecurity audits, and preferential insurance policies covering the full spectrum of digital risk.
- The package was launched at UNAV's Tecno Travel Agency conference, where speakers from Amadeus and other platforms warned that security culture — not just tools — must become every employee's responsibility.
- The initiative is landing as a sector-wide signal: agencies that combine digital resilience with personalized, human-centered service are the ones most likely to compete with major online travel platforms.
Travel agencies in Spain have become targets. Data breaches, ransomware, and payment fraud are no longer hypothetical — they are unfolding daily, at agencies large and small. In May 2026, UNAV, the National Union of Travel Agencies, responded with the first comprehensive digital protection package built specifically for its members.
The offering brings together three interlocking services developed with partners UNAV Legal Deiurem, BOTECH, and Aon. The legal component reviews and updates privacy policies, cookie disclosures, terms of service, and data protection language across every digital channel an agency uses — from websites and social media to WhatsApp communications. The cybersecurity audit maps each agency's specific vulnerabilities and delivers a customized action plan, not as a one-time checkup but as a foundation for continuous improvement. The insurance layer, structured by Aon at preferential rates for UNAV members, covers data breaches, ransomware, service interruptions, and liability arising from customer data handling. Optional add-ons include specialized legal support, regulatory updates, incident assistance, and staff training.
UNAV unveiled the package at its second annual technology conference in Málaga, an event that drew some twenty speakers and painted a portrait of a sector in transition. The consensus was clear: technology is no longer optional — it is the price of remaining competitive. Yet technology alone is insufficient. New president César Gutiérrez put it directly: the future of travel agencies will be built on the union of technology and people. Speakers demonstrated how AI is already reshaping every phase of the travel journey, while cybersecurity experts showed that phishing, ransomware, and fraud are already embedded in the industry's daily reality. The response, they argued, must be continuous and cultural — and UNAV's new package is designed to make that response accessible for agencies of every size.
Travel agencies have become targets. Data breaches, ransomware attacks, payment fraud—these are no longer hypothetical threats for the industry. They're happening now, every day, to agencies large and small. The National Union of Travel Agencies in Spain, known as UNAV, has decided to do something about it.
In May 2026, UNAV unveiled the first comprehensive digital protection package built specifically for its member agencies. The offering combines three interlocking services: legal compliance across all digital channels, a thorough cybersecurity audit tailored to each agency's operations, and preferential access to specialized insurance policies covering the full spectrum of digital risks. The package was developed in partnership with UNAV Legal Deiurem, BOTECH, and Aon, one of the world's largest risk management brokers. Member agencies receive discounts and special terms as part of the deal.
The legal component addresses a gap many agencies have overlooked. It reviews and updates privacy policies, terms of service, cookie disclosures, and data protection language across websites, blogs, social media accounts, online forms, and customer communication channels like WhatsApp. Regulatory requirements have multiplied as the travel sector has digitized, and most agencies lack the in-house expertise to keep pace. The audit identifies what's missing or outdated, then brings everything into compliance with current law.
The cybersecurity audit goes deeper. It maps vulnerabilities in each agency's digital environment, identifies specific risks based on how that agency actually operates, and produces a customized action plan with concrete mitigation measures. The goal is not a one-time checkup but a foundation for ongoing improvement. Agencies get recommendations for strengthening their defenses, protecting against known attack vectors, and building a culture of security awareness among staff.
The insurance piece covers what prevention cannot. Aon has structured policies designed for digital businesses, protecting against data breaches, service interruptions, ransomware attacks, and liability claims arising from how the agency handles customer information. These are not generic business policies; they address the specific exposures travel agencies face in an online-dependent world.
The package also includes optional add-ons: specialized legal support, periodic updates to legal content as regulations change, assistance when privacy incidents occur, and practical training for agency staff.
UNAV introduced the package at Tecno Travel Agency UNAV, its second annual technology conference, held in Málaga in May 2026. The event drew roughly twenty speakers and revealed a sector in transition. The message was consistent across sessions: technology is no longer optional. It is the price of staying competitive. But technology alone is not enough. The future belongs to agencies that combine digital tools with the human touch—the personal relationships, local knowledge, and emotional intelligence that no algorithm can fully replicate.
César Gutiérrez, UNAV's new president, framed it plainly: the future of travel agencies will be built on the union of technology and people. Speakers from Amadeus, Conecta Turismo, and other platforms demonstrated how artificial intelligence is already reshaping every phase of the travel journey, from initial inspiration through post-trip follow-up. One presenter noted that democratized technology and AI now allow any agency to compete with major online travel platforms—provided they understand what they do better than any platform can: deliver genuine, personalized service. But the conference also sounded alarms. Cybersecurity experts showed how phishing, ransomware, and payment fraud are already part of the daily reality for many agencies. The threat is not theoretical. It is here. The response, speakers emphasized, must be continuous: prevention, authentication protocols, and a company culture that treats security as everyone's responsibility. UNAV's new package is an attempt to make that response accessible and affordable for agencies of all sizes.
Notable Quotes
The future of the agencies will be constructed with the union of technology and people— César Gutiérrez, UNAV president
Machines do not have emotion. In the travel experience, emotion must always remain— Maite Añorga, TDCS Travelport
The Hearth Conversation Another angle on the story
Why did UNAV decide to build this package now, rather than leaving it to individual agencies to figure out?
Because most agencies don't have the resources to figure it out alone. A small travel agency doesn't have a legal team or a cybersecurity department. They're running on thin margins, focused on selling trips. When a regulation changes or a new threat emerges, they're left scrambling or ignoring it.
So this is partly about liability—protecting UNAV's members from lawsuits and fines?
That's part of it, yes. But it's also about survival. An agency that gets hit by ransomware and loses customer data doesn't just face legal consequences. It loses trust. It might not recover.
The conference seemed to emphasize that AI and automation are coming whether agencies like it or not. Does the security package address that?
Not directly. The security package is about protecting what agencies already have. But the conference made clear that the real challenge is managing the transition—adopting new tools without losing the human relationships that differentiate a good agency from a platform.
One speaker said any agency can now be an OTA. What did he mean?
That technology has democratized. A small agency with the right tools and AI assistance can now offer the breadth and personalization that used to require a massive platform. The playing field has leveled. But that also means the threats have leveled too. Bigger targets attract bigger attacks.
So the insurance piece is really about acknowledging that prevention will never be perfect?
Exactly. You can do everything right and still get breached. Insurance is the safety net. It's saying: we know you're taking this seriously, and if something happens anyway, you're not alone.