How would you design a secure architecture for a web application that handles sensitive customer information at Banco Santander?