Frequently asked questions
Cufflink.io is a UK Limited company #11618179 developing personal information management software and is based at the Menai Science Park in North Wales.
The Cufflink App and Service let’s individuals and companies securely store and share personal information.
We are a team of passionate data protection and consumer rights advocates who are fed up with large multinational organisations riding roughshod over our personal information and data privacy rights.
Currently we’re developing the Cufflink app to enable Individuals to be wiser, safer, and more informed when it comes to storing and sharing their personal information.
We’re also developing a complementary SaaS for Companies to store and manage their personal information more effectively. This will allow companies to mitigate data breach and regulatory compliance (CCPA, GDPR) risks and ultimately save money.
Personal Information (also known as Personal Data or PI for short) is the term used to identify any information personally relating to you.
This can include things like your name, address, or phone number. However, it can also include less obvious things like your hair colour, favourite pop band or IP Address.
The Cufflink app is somewhere safe to store your personal information. Think of it as a digital filing cabinet on your phone.
It’s free and easy to use, but most importantly it’s secure with all the information you enter into the App encrypted and stored locally on your device.
There is virtually no limit to the information that you can store in the App.
We’re continuously adding to the types of information you can store with regular updates to ensure everyone can store all their information and benefit from the application.
Currently, we let you store information relating to the following areas:
- Logins and password management
- Basic (Date of birth, Sex, Gender, Nationality etc)
- Communication (Email, social media, personal mobile number, work mobile etc)
- Home and property (House, land, commercial property etc)
- Government (passport, NI, Driving licence etc)
- Financial institution (Bank accounts, Bank cards etc)
- Body (Height, weight allergies etc)
If we’ve missed anything, then get in touch and tell us!
You can use it in lots of ways!
As a stand-alone private data store
Once you’ve downloaded the App you’re free to use it as your own private and secure data store. Consolidate all your personal information into a single secure place that’s always with you and always available.
Share your info with Friends and Family
When you’re ready, you might want to start sharing some of your personal information with your friends and family or other Cufflink users. Cufflink lets you control what information you share with each person individually meaning you can pick and choose what you share with who, and for how long.
Stay in touch
If you change any of your personal information in the Cufflink App, your linked contacts will automatically receive the updated information meaning you’ll always stay connected and in touch. However, you’re always in control and you can always change, update or stop sharing information at the touch of a button.
Share your info with Companies
Future releases will let you share your personal information with selected companies. By linking with Companies from within the app you can sign up to new, or link up with existing, companies in the same way as you do with your friends and family.
You’re always in control of what information you share, helping both reassure and restore trust between you and the companies you know and love.
Cufflink lets companies outsource the management of their historical and future customer information back to the Individuals themselves through the provision of a Personal Information Management System (or PIMS).
This service can be accessed on site or via our Software as a Service offering (SaaS) allowing for Organisations to improve on data accuracy, mitigate data compliance and data breach risks whilst streamlining future customer relationships and account management processes.
Personas are different versions of you.
When you share your personal information in the real world, you automatically “filter” or adjust that information to suit your needs or circumstances.
At Cufflink we’d like you to be able to do the same.
Personas let you quickly share different bits of your information for different purposes making it safer and quicker to decide how and what you’d like to share with someone else.
We’re continuously developing the App to include new features and functionality and, as such, we’re always on the lookout for people to help us continue to develop and improve the App, or just to provide your feedback or thoughts on how we can improve it.
The App is currently available on both ios and android through our beta program. You can sign up for access here.
We have designed the Cufflink app with your data privacy in mind from the outset.
Cufflink encrypts your information, both on your device and when it’s shared, using the latest encryption techniques and standards ensuring your information stays safe.
We perform regular security testing and use the signal™ data transfer protocol (the same that’s used by WhatsApp™) to ensure the data is private and secure during data transfer.
We also plan to Open-Source most of our code to ensure an open, fair and independent level of governance and scrutiny.
Cufflink does not and cannot access your information, either when stored on your device or when it is being transferred.
Should we require any information from you, we would (like any other company on the Cufflink network) request you link with us and as part of that process ask you directly for access to your information.
As part of our link request, we would highlight to you the information being requested, the reason for the request and the length of time we would require access to that information.
Cufflink charges companies a small commission for maintaining and securing access to the personal information shared with them.
No personal information is stored on the Cufflink servers with all personal information being encrypted both whilst at rest and in transit.
Our distributed architecture ensures there is no single “Honey Pot” of personal information for hackers to steal with secure access controls, key management and access constraints also in place.
Personal Identifiable Information (or PII) is any information directly related to an Individual. So, whilst your hair colour is personal information, the colour “brown” is not personally identifiable to you.
On the other hand, your name, phone number or IP address is unique to you and therefore classified as personally identifiable information (PII)
It’s all to do with the law.
Without getting too legal, GDPR (The General Data Protection Regulation) and similar regulations (CCPA, LGPD) are all new laws specifically created to help protect you and your personal information.
Each of these laws (Regulations) define “personal Information” ever so slightly differently.
However, generally speaking:
- If it’s Personal Information (PI) then it’s not likely to be protected by law.
- Whereas, if it’s Personal Identifiable Information (PII) then it is.
You can find out more on the different data classifications under GDPR here.
The General Data Protection Regulation (GDPR) came into force in May 2018 and was enacted by the European Union.
The Regulation (or Law) essentially aims to protect the rights and freedoms of EU and wider EEA Citizens (Currently this also includes UK residents).
It aims to protect individuals regarding the processing of personal data and on the free movement of that data.
It also aims to simplify the regulatory environment for Organisations into a single EU Wide regulation to enhance data governance and data privacy.
The regulation places limits on what Organisations can do with personal information with hefty fines being applicable for those that are found to be non-compliant.
More information on the GDPR can be found here.
The California Consumer Privacy Act (CPPA) is a state statute that became effective on January 1st ,2020.
The Regulation (or Law) essentially aims to protect a natural person who is a California resident.
The California Code of Regulations defines a resident as “(1) every individual who is in the State for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the State who is outside the State for a temporary or transitory purpose.
All other individuals are nonresidents.
Whilst being very similar to the GDPR, in terms of its ultimate objectives, there are slight amendments and rights afforded within the CCPA that are not covered under the GDPR.
These differences and nuances within the various regulations have caused some to call for a global data privacy law thus ensuring the rights and freedoms of all.
More information on the CCPA can be found here.
These regulations have been put in place to protect you.
They encourage companies to review their data privacy practices and encourage the more privacy centric focus on data processing within Organisations.
They also provide you with several rights and privileges on which you can act and thus enforce your own personal data rights.
Both GDPR and the CCPA are in force now and you should be aware, and have documented, what personal information you process within your organisation.
GDPR applies to any organisation operating within the EU, as well as any organisation outside of the EU which offer goods or services to customers or businesses in the EU.
This ultimately means that almost every global major corporation needs to assess and document their current data privacy policies and processing alongside a GDPR / CCPA / Data Privacy compliance strategy and programme.
There are primarily two different types of data-handlers under GDPR.
A controller is a “person, public authority, agency or other body which, alone or jointly with others, determines the purpose and means of the processing of personal data”.
A processor is a “persona, public authority, agency or other body which processes personal data on behalf of the controller.
Data handler types need to be defined such that your legal obligations and compliance actions can be identified.
Further information on this can be found here