International Data Privacy Day: iute offers maximum security to its customers

In a world that is increasingly technology-oriented, one of the most important and talked-about issues is undoubtedly “data”. We read “Data, data, data” everywhere, everything is related to data management. January 28 marks an important day for the world of business and technology: International Data Privacy Day; we often refer to it as International Data Protection and Security Day. Therefore, on this symbolic day, iute would like to emphasize once again the importance of protecting personal data, reminding its customers that it offers maximum security.

iute Albania is part of iute Group, an Estonian digital banking group: technology, without a doubt, is one of its strongest points. Thanks to the extraordinary experience of Estonian specialists, a secure and stable system has been built, which ensures the protection of customers’ personal data. To ensure the confidentiality, integrity and availability of customers’ personal and financial data, iute operates with an ISO/IEC 27001 certified Information Security Management System: the leading international standard for information security management. In this way, information security risks are identified, assessed and systematically addressed in accordance with ISO 27001 requirements.

When asked about the challenges of the fintech industry and technological developments that ensure the protection of customer data, Jonida Çela, CEO of iutePay, stated: “The journey towards transformation from a microfinance institution to a digital bank is long and full of challenges and often it is technology that makes the difference. I can say with conviction that the technology that iute Group possesses is of the highest European standard: a clear example is the ISO/IEC 27001 certification, related to the Information Security Management System. Customer data is protected through defined access controls, secure system architecture, encryption, logging and continuous monitoring, ensuring that information is accessed strictly on a need-to-know basis.”

iute Albania processes personal data in accordance with the GDPR and applicable national legislation, applying data minimization, purpose limitation and retention controls throughout the information lifecycle. All third parties with access to customer data are subject to supplier security controls and contractual obligations, in accordance with ISO 27001 requirements. Information security controls are tested, audited and continuously improved to maintain sustainability, regulatory compliance and customer trust.

“When talking about the protection of customer data, we must definitely mention the extraordinary work done by the National Authority for Cybersecurity as well as by the Commissioner for the Right to Information and Personal Data Protection, whom I take the opportunity to thank for their cooperation” – said Çela.