EU Compliance & Security
Feature
Date
Feb 3, 2025
Operating successfully in European Wealth Management demands an unwavering focus on data security and regulatory compliance. Luminary is architected from the ground up with these principles at its core. We provide a powerful intelligence platform built on a foundation of trust, ensuring you can leverage advanced AI with confidence and meet stringent EU requirements.
Sovereign Foundation
Guaranteed EU Data Residency & Control
Luminary is built exclusively on sovereign EU cloud infrastructure, hosted via EuroStack/Scaleway in Luxembourg. This fundamental design choice ensures that your sensitive client data, and all associated processing, remains physically and logically within the borders and jurisdiction of the European Union. This commitment to data sovereignty provides maximum control, directly addresses critical data residency requirements under regulations like the General Data Protection Regulation (GDPR), and builds essential client trust. Our infrastructure partner adheres to the highest physical, environmental, and operational security standards.
Regulatory Alignment by Design
Meeting Key EU Mandates
Our platform is developed with a deep understanding of the European regulatory landscape impacting wealth management technology:
GDPR Compliance: We adhere strictly to GDPR principles. Our platform supports data minimisation, purpose limitation, robust data processing agreements, and features designed to help you meet your obligations regarding client data rights and consent.
DORA Readiness: Luminary's resilient architecture, security monitoring protocols, and incident response planning align with the principles of the Digital Operational Resilience Act (DORA), supporting your firm's requirements for ICT risk management and third-party provider resilience.
MiFID II Support: Our Deep Communication Analysis aids Markets in Financial Instruments Directive II (MiFID II) suitability record-keeping by providing context and summaries of client discussions around goals, risk tolerance, and investment rationale, streamlining compliance review processes.
EU AI Act Alignment: We are committed to aligning with the principles of the EU AI Act, focusing on developing trustworthy AI through transparency, robustness, human oversight considerations, and incorporating Explainable AI (XAI) techniques where applicable.
Multi-Layered Security Architecture
Protecting Your Data
Security is integral to every aspect of the Luminary platform. We employ a comprehensive, multi-layered security strategy:
Encryption: Data is protected both in transit (using protocols like TLS) and at rest (using strong encryption standards).
Access Controls: Strict Role-Based Access Controls (RBAC) ensure users only access data necessary for their roles.
Secure Development: We follow secure software development lifecycle (SSDLC) practices to minimise vulnerabilities.
Monitoring & Auditing: Continuous security monitoring and logging are in place. We plan for regular independent security audits and penetration testing.
Certifications: We are actively working towards industry-standard certifications like ISO 27001 and SOC 2 readiness to formally validate our security controls and processes.
Data Privacy & Control
Your Data, Your Terms
We operate strictly as a data processor under clear agreements, meaning client data ownership remains firmly with you. Our AI models are trained initially using anonymised public and synthetic data. Any subsequent fine-tuning involving client data requires explicit opt-in and employs privacy-preserving techniques like anonymisation within secure, isolated environments. We maintain transparent data retention and deletion policies aligned with regulatory requirements and your specific instructions.
Conclusion
Intelligence Built on Trust
Luminary's commitment to EU compliance and robust security is unwavering. We provide a powerful relationship intelligence platform designed not only to drive revenue growth and optimise workflows but also to operate securely within the complex European regulatory framework. Partner with Luminary to innovate responsibly and build client relationships on a foundation of trust.
Operating successfully in European Wealth Management demands an unwavering focus on data security and regulatory compliance. Luminary is architected from the ground up with these principles at its core. We provide a powerful intelligence platform built on a foundation of trust, ensuring you can leverage advanced AI with confidence and meet stringent EU requirements.
Sovereign Foundation
Guaranteed EU Data Residency & Control
Luminary is built exclusively on sovereign EU cloud infrastructure, hosted via EuroStack/Scaleway in Luxembourg. This fundamental design choice ensures that your sensitive client data, and all associated processing, remains physically and logically within the borders and jurisdiction of the European Union. This commitment to data sovereignty provides maximum control, directly addresses critical data residency requirements under regulations like the General Data Protection Regulation (GDPR), and builds essential client trust. Our infrastructure partner adheres to the highest physical, environmental, and operational security standards.
Regulatory Alignment by Design
Meeting Key EU Mandates
Our platform is developed with a deep understanding of the European regulatory landscape impacting wealth management technology:
GDPR Compliance: We adhere strictly to GDPR principles. Our platform supports data minimisation, purpose limitation, robust data processing agreements, and features designed to help you meet your obligations regarding client data rights and consent.
DORA Readiness: Luminary's resilient architecture, security monitoring protocols, and incident response planning align with the principles of the Digital Operational Resilience Act (DORA), supporting your firm's requirements for ICT risk management and third-party provider resilience.
MiFID II Support: Our Deep Communication Analysis aids Markets in Financial Instruments Directive II (MiFID II) suitability record-keeping by providing context and summaries of client discussions around goals, risk tolerance, and investment rationale, streamlining compliance review processes.
EU AI Act Alignment: We are committed to aligning with the principles of the EU AI Act, focusing on developing trustworthy AI through transparency, robustness, human oversight considerations, and incorporating Explainable AI (XAI) techniques where applicable.
Multi-Layered Security Architecture
Protecting Your Data
Security is integral to every aspect of the Luminary platform. We employ a comprehensive, multi-layered security strategy:
Encryption: Data is protected both in transit (using protocols like TLS) and at rest (using strong encryption standards).
Access Controls: Strict Role-Based Access Controls (RBAC) ensure users only access data necessary for their roles.
Secure Development: We follow secure software development lifecycle (SSDLC) practices to minimise vulnerabilities.
Monitoring & Auditing: Continuous security monitoring and logging are in place. We plan for regular independent security audits and penetration testing.
Certifications: We are actively working towards industry-standard certifications like ISO 27001 and SOC 2 readiness to formally validate our security controls and processes.
Data Privacy & Control
Your Data, Your Terms
We operate strictly as a data processor under clear agreements, meaning client data ownership remains firmly with you. Our AI models are trained initially using anonymised public and synthetic data. Any subsequent fine-tuning involving client data requires explicit opt-in and employs privacy-preserving techniques like anonymisation within secure, isolated environments. We maintain transparent data retention and deletion policies aligned with regulatory requirements and your specific instructions.
Conclusion
Intelligence Built on Trust
Luminary's commitment to EU compliance and robust security is unwavering. We provide a powerful relationship intelligence platform designed not only to drive revenue growth and optimise workflows but also to operate securely within the complex European regulatory framework. Partner with Luminary to innovate responsibly and build client relationships on a foundation of trust.
