Image by Unsplash.com

Information Security, Webstorage and Safe Harbor

27/10/2015

How secure is our database management system? How private is our webstorage? Hacker attacks or secret eavesdroppers: my guess is you sometimes worry about the information security of your personal data on the internet.

Rest assured. Your privacy is protected and your personal data are safe with us. Why? First and foremost because we keep our servers in Switzerland. The most secure country in the whole wide web… ahem, world.

Safe Harbor, US-EU Safe Harbor or International Safe Harbor Privacy Principles: You might have heard one of these terms. They have been in the news lately because the Safe Harbor has been declared invalid. Which is a good thing if you are for protecting your personal data on webstorage: Despite its misleading name, the Safe Harbor is not very safe. Rather, it has been created to enable transfer of personal data without you even knowing it. Why? Good question.

The story of Safe Harbor

The privacy legislations of the European Union as well as Switzerland are more formalized than most other countries. Their legislations forbid the transfer of personal data into countries with less rigorous privacy protection such as the US. Fifteen years ago, in the year 0 of our new millennium, the people in charge decided to build a workaround to enable data transfer across the Atlantic: They created the International Safe Harbor Privacy Principles. Any US firm working in concordance with those principles could get all the data they needed from European or Swiss Servers. This was all well and good for a few years, until the amount of personal data on the internet increased.

Information Security and the NSA

The US Patriot Act allows US security agencies to access personal information stored on the cloud – without asking for permission or even notifying the owner. Think about it: All those assumingly ‘private’ posts on Facebook you made, all the information about yourself you gave them believing no-one but you and maybe your friends would see: All of this is available to the US government. Even if you thought you deleted it. One brave Austrian citizen called Maximilian Schrems believed that this is against the fundamental rights to privacy accoring to the Charter of Fundamental Rights of the European Union. He filed a complaint against Facebook in 2008 which eventually led to the declaration of invalidity of the Safe Harbor by the European Court of Justice on October 6, 2015.

Your privacy on our webstorage

Since October 6, no company from the US is allowed access to data from European Servers – and Switzerland will follow very soon. Since the Swiss are mystery mongers by nature, this won’t change the Information security on our servers, though: they have been secure all along. No eavesdropping allowed in Switzerland – especially not by foreigners. Just think about Swiss banking secrecy or the formula of Swiss chocolate: Swiss rules for data exchange are even stricter than those of the EU and include an obligation to inform: Whoever collects data in Switzerland is obliged to inform the data’s owners about it.

Our Information Security Policy

Everyone has a right to privacy. This is what we believe in, and this is what we make true. No-one has access to your data without your permission. We will never ask you for any information we do not need. Gender, age, whatever: We don’t want to know if we don’t need to. Our business is to help you to work smarter. Not to sell your data.
We will not pass your information on – with three exceptions: If it is legally required, if we can’t develop our product otherwise or if we have to do it to protect our own rights. We do not want to make use of these exceptions. But better safe than sorry.
We don’t store personal information on our servers – except if we can’t keep our service running otherwise. We make it as easy as possible to get control over your digital data. You decide who can see what. And if you want to delete something permanently, it will be deleted. Permanently.

What about the hackers?

We do everything we can to keep the hackers away. Our software security and information security management is topnotch, using the very same database encryption standards Swiss banks use – where even the secret service is rumored to hide their money. That’s how secure your digital data are. I’d have to lie if I told you that it is entirely impossible that hackers would want to attack MoneyPenny. Just as I can’t promise you’ll never be hit by a meteorite. We have thought all scenarios through, even the most improbable. Unlike you – or do you know how to handle that meteorite? Ha. There you go.

But we prefer looking at nice scenarios.

Like being able to work with you for years and years to come. To be your safe harbor. To see how you grow, how you succeed and how your passion and hard work is being rewarded. We don’t have access to your data, so we don’t know how you’re doing – unless you tell us. Maybe drop us a line now and then? No pressure. But we’d love to hear from you. Strictly confidential, of course.

Sincerely,

MoneyPenny


Also interesting: