News

Luxembourg, 28 January 2021 – For us at Moventum, data protection is not just an empty phrase. We take the protection of personal data very seriously indeed, for our clients as well as for our employees, partners and everyone else – and, of course, we do so every day, not just on European Data Protection Day. We always go to great lengths to ensure the highest possible degree of privacy. “Data protection is a top priority for us, which is why we treat clients' personal data as conscientiously and cautiously as if they were our own”, says Dr. Michał Waga, Data Protection Officer at Moventum.

Today, the “Council of Europe's Data Protection Convention 108” celebrates its 40th birthday. It was the first binding international agreement on data protection and served as a reference for many data protection provisions which are still in effect today. Within the Moventum Group, it is in particular Dr Michal Waga, Data Protection Officer (DPO), who is ensuring the sound implementation of these and more recent data protection requirements, such as the famous General Data Protection Regulation (GDPR). On the occasion of today's anniversary, we invited him to explain how Moventum, its employees and partners work to guarantee the highest possible level of data protection.

What are your responsibilities as data DPO at Moventum, Mr Waga?

In my role as DPO, I am particularly concerned with supervision, consultation and communication regarding data protection. This means that I continuously monitor the compliance of data processing with the law and conduct periodic checks on security and personal data processing mechanisms. With my colleagues, I am also in ongoing consultations in these matters with various departments. As Moventum also strives to ensure that its employees receive regular training on data protection, I instruct them and point out potential risks. Here, I also work closely with Moventum's Chief Information Security Officer (CISO). In addition, I am at all times the point of contact for any questions related to data protection from clients and partners, as well as for supervisory bodies.

How important is data protection at Moventum and how do you achieve it?

Moventum's primary goal is to provide its clients with high-quality and secure services. Security has always been a central issue in the development of financial services. Currently, technological progress has driven the need for high data security to new dimensions. Therefore, data security clearly remains at the forefront of the ongoing technological race for all financial companies and thus also remains a top priority for Moventum. Here, of course, the effective application of the GDPR should be mentioned as an important milestone.

However, successful data protection within a company still depends very largely on the quality of employees, deployed IT solutions and proper management of process-related data flows. In my opinion, the close cooperation of a DPO with an experienced CISO lays the crucial foundation for an effective data protection framework.

As a matter of principle, Moventum focuses on treating the personal data of clients, partners and others as if they were our own, in other words with caution, care and a good helping of prudence.

How can you ensure clients' data security beyond your operations?

On the one hand, we require our business partners to be GDPR compliant and thus to ensure proper data protection standards at all times. Initial and ongoing due diligence is also a key factor in the area of data protection.

On the other hand, it is the custodian banks that are the last line of security for our clients and they are among the most secure institutions in the financial market, directly supervised by the authorities in many ways. Therefore, we can be confident that our clients and our data are secured at all times and we all comply with European standards on data protection.

How does the company protect itself against cyber-attacks?

There is a technical standard of industry requirements which we meet and which we believe is the foundation for securing us from the cyber-threats. This includes constant monitoring, security policies and ethical hacking activities which we carry out to reduce the risk of attacks, identify vulnerabilities and improve our resilience to these types of attacks. Also, we focus on risk accumulation areas in the first instance. We are always open to and looking for further security measures. With a view to system stability, Moventum makes an extra effort to guarantee proper support and control levels of our systems and applications. Access to the company’s systems is tightly controlled; users have access only to those functions needed to perform their tasks.

It sounds as if data protection at Moventum is built on several pillars, correct?

Moventum’s data protection framework has indeed been built on different pillars. Moventum has short reporting lines, highly qualified IT staff and a robust system, which is particularly evident when the business environment changes rapidly, e.g., through increased digitalisation. Open and transparent discussion on the topic is also very helpful to us. It is important, too, that all employees treat each other with compassion and respect. In my observation and experience, this attitude moves Moventum forward in the most complex tasks and situations – such as data protection, which is, as everyone knows, a complex undertaking. As a consequence, every employee receives a high level of training and has access to the DPO and CISO at all times. This partnership aspect is definitely a part of Moventum’s corporate culture.

Is Moventum's high standard of data protection an obstacle during times of pandemic and home office?

On the contrary, it is an advantage. The company can only eliminate additional risk related to remote work with secure infrastructural solutions and knowledgeable, loyal employees with high ethical standards. In this regard, Moventum has proven to be well prepared, and has accordingly guaranteed the highest possible data protection level, which we want to maintain for the future.

Moventum takes the protection of your personal data very seriously. If you have any questions or feedback on the subject of data protection at Moventum, please feel free to contact our DPO at any time at DPO@Moventum.lu.