In addition to the security system and standards noted above, here is some verifiable information which should help to reassure you:
(i) In order for users to trust DataCave they need to be confident in the DataCave security features which are protecting their data. We felt that the best way of achieving this was to get a full security review carried out by independent third party experts in the cyber-security and risk mitigation field. We therefore appointed NSS
, a part of the Claranet Group (well known, globally recognised cyber security experts), to review, test and to try to hack the security features of the DataCave app. The resulting security report confirmed DataCave's strong security credentials. We are proud to publish the certification and summary report that was provided. This will hopefully reinforce user's confidence in our commitment to security and in our ability to ensure that your data is protected and secure at all times.
(ii) Tribal Data Limited (trading as DataCave) and Steve Castle are founding members of MyDataGlobal (https://mydata.org)
- an international organisation aimed at standing up for individuals’ personal data rights and internet privacy.
(iii) Tribal Data Limited (trading as DataCave) and Steve Castle are signatories to the My Data Declaration. (https://mydata.org/declaration/)
. This declaration supports the idea that personal data and internet privacy are a human right of the individual.
(iv) Steve Castle is a signatory of The Copenhagen Letter (https//copenhagenletter.org)
. This letter outlines what best practice should be for protecting individuals’ personal data rights and privacy on the internet.
(v) The DataCave App has been built using zero knowledge protocols – this means that the only personal data that DataCave has is your email address, your chosen username and your chosen device name.
(vi) The use of zero knowledge protocols is one of the reasons that DataCave cannot help you to reset your password if you lose it. DataCave does not know enough information about you to even validate who you are and so cannot reset your password for you.
(vii) A number of the more expensive and well known password manager brands store your personal data in their own corporate cloud storage along with everyone else’s data. This creates a data honey pot for Internet hackers who target concentrations of personal data. Indeed, some of these password managers have been hacked. DataCave does not do this. There is no centralised database. All your data resides on your own individual personal devices.
(viii) DataCave runs a private Telegram account (which we encourage all DataCave users to join) to facilitate a discussion forum for all DataCave users to have their say about DataCave.
(ix) DataCave also runs a DataCave Facebook page for Facebook users.