Interview: Privacy and security

Interview: Privacy and security

Privacy and security – two important issues when it comes to business mobility. Your data and your employees’ data are in good hands with XXImo, which provides a sense of confidence and security. The person responsible for this area at XXImo is Mark van Engelen. We asked him a few questions about it.

How important are privacy & security for XXImo?

In providing our services to customers, we process a lot of different data. We receive personal data, travel data, customer data and payment data. So it is very important that we have good arrangements in place for everything connected with privacy and security. We follow important principles of privacy and security, adhere closely to legislation and regulations and also work with highly specialised partners on all aspects.

Can you tell us some more about that?

We always observe the principle of data minimisation. That means we never store the data for longer than we need it. As soon as we no longer need it, it is deleted from our systems.

We also take account of the type of customer. Some companies and roles are particularly privacy-sensitive. In such cases, we use minimal data, make clear agreements about how they are processed and permit access to the data strictly on a ‘need to know’ basis. Finally, because we are connected to the Visa network, we have to comply with strict requirements for data security for payment traffic. To this end we have PCI-DSS certification; it imposes more specific requirements than the ISO standards.

Do privacy and security play a big role for employers?

Absolutely. Employers always ask us how we handle and guarantee privacy and security. This is a really important point for the big corporates. In many cases we first explain how we work in detail, after which they follow up with a security assessment. That provides them with the confirmation they are looking for. We are happy to cooperate – the results show us what is going well and where there is room for improvement. We learn from that, make new undertakings and constantly give feedback. When it comes to smaller businesses, we often provide advice and support – for example about how they can securely exchange data.

Security is never ‘done’; we continue to implement new developments in our systems and processes, with a view to maintaining the highest possible level of security. Indeed, a number of members of the XXImo team are engaged in this full-time. We also make extensive use of the knowledge and expertise of external partners and we are constantly undergoing training in the field of security.

- Mark van Engelen, Manager IT Security
So XXImo can take care of everything for its customers in the areas of mobility and security?

Absolutely! The mobility market is constantly in flux and employers can respond to this flexibly by making use of XXImo. So it's good for them to know that everything is in order in terms of privacy and security and, thanks to all the work we are doing, will remain so. Our customers can count on that!