Wildcard ID

Privacy Policy

Wildcard.id Operated by Cognitive Creations Ltd Innovation Centre Medway, Maidstone Road, Chatham, Kent, ME5 9FD, United Kingdom Company Number: 12015800

Effective Date: 5 November 2025 Last Updated: 5 November 2025

Our Approach to Privacy

We built Wildcard.id to help you log in to apps and websites without creating dozens of accounts or trusting companies with more data than they need. Privacy isn’t just a legal obligation for us—it’s the whole point of what we’re building.

This policy explains what information we collect, what we do with it, and what rights you have. We’ve written it in plain English because we believe you deserve to understand what happens to your data without needing a law degree.

I. What Information We Collect (and What We Don’t)

Information You Give Us Directly

Your display name – Whatever name you want to show to apps you log in to. It doesn’t have to be your real name.

Your passkey credentials – These are cryptographic keys stored on your device (like your phone or laptop) that let you log in securely. We only store the public part of the key. The private part never leaves your device, so even if our servers were compromised, nobody could use your credentials.

Your subscription information (if you support us financially):

  • The amount you choose to contribute each month
  • Your tier level (supporter, friend, or patron)
  • Whether you want to appear on our public leaderboard
  • An optional message to display on the leaderboard (if you opt in)

What We Absolutely Don’t Collect

✗ We don’t collect your email address ✗ We don’t collect your phone number ✗ We don’t collect your real name (unless you choose to use it as your display name) ✗ We don’t collect your postal address ✗ We don’t track your browsing history ✗ We don’t use advertising cookies or analytics trackers ✗ We don’t collect demographic information like gender, race, or political views

Information Created by Our System

Pairwise subject identifiers – Every time you log in to a different app through Wildcard.id, we generate a unique identifier for you that’s specific to that app. This means App A sees you as user “abc123” while App B sees you as user “xyz789”. They can’t connect these identities together, which prevents apps from tracking you across the web. This is privacy by design, not an afterthought.

Authentication tokens – Temporary codes that let apps verify you’ve logged in. These expire automatically and can be revoked if you disconnect an app.

OAuth consent records – When you give an app permission to access your display name, we remember your decision so you don’t have to approve it every single time you log in.

Technical & Security Information

Session cookies – We use encrypted cookies to keep you logged in as you move between pages. These are essential for the service to work.

Failed login attempts (for OAuth apps only) – If someone tries to use an app configuration incorrectly (like specifying an unauthorized redirect URL), we log the IP address, timestamp, and attempted URL for security auditing. We keep only the 50 most recent failed attempts per app and automatically delete older ones.

Server logs – We keep standard server logs that record authentication events, errors, and performance metrics. These help us fix bugs and keep the service running smoothly. We don’t log your passwords (we don’t use passwords) or payment details.

II. How We Use Your Information

We use your information only for these purposes:

To provide the authentication service – Logging you in to apps and websites that support OpenID Connect / OAuth 2.0

To generate privacy-preserving identifiers – Creating unique pairwise subject IDs so apps can’t track you across services

To process your financial support (if you subscribe) – Handling payments through Stripe and calculating your supporter tier

To display you on the leaderboard (only if you opt in) – Showing your contribution tier and optional message publicly

To improve security – Detecting and preventing abuse, unauthorized access, and configuration errors

To communicate with you – Responding to your support requests, account inquiries, or privacy requests

To comply with legal obligations – Responding to lawful government or law enforcement requests as required by UK law

We do NOT:

  • Sell your data to third parties
  • Use your data for advertising
  • Share your data with apps unless you explicitly authorize it
  • Track your behavior across websites
  • Build marketing profiles about you

III. Who We Share Your Data With

Apps You Log In To (OAuth Clients)

When you use Wildcard.id to log in to an app or website:

We always share: Your pairwise subject identifier (the unique ID we create specifically for that app)

We share if you grant permission: Your display name (when the app requests the “profile” scope and you approve it)

We never share: Your internal user ID, billing information, subscription status, or any data from other apps you’ve logged in to

The app only sees the information necessary for authentication. They can’t correlate your identity across different apps because each app gets a completely different identifier for you.

Payment Processor (Stripe)

If you subscribe to support Wildcard.id financially:

✓ We send Stripe your subscription amount, tier, and leaderboard preferences ✓ Stripe processes your payment details (card number, billing address, etc.) directly—we never see or store them ✓ Stripe sends us back confirmation of your payment status and subscription state ✓ Stripe is a data processor acting on our behalf, subject to their own privacy policy at https://stripe.com/privacy

Infrastructure & Service Providers

To run the service, we use:

DigitalOcean – Server hosting (stores our database) ✓ Cloudflare – DNS, DDoS protection, and content delivery ✓ United Kingdom servers – Our production database runs in the UK where possible

These providers may have access to your data as part of providing infrastructure, but they are contractually obligated to protect it and not use it for their own purposes.

Legal Obligations

We may disclose your information if required by:

✓ Valid legal process (court orders, subpoenas) ✓ Law enforcement requests under UK law ✓ Protection of our rights, property, or safety ✓ Prevention of fraud or illegal activity

We will assess each request individually and provide only the minimum information legally required. Where permitted by law, we will notify you before disclosing your information.

Nobody Else

We do not:

  • Sell data to data brokers
  • Share data with advertisers
  • Provide data to analytics companies
  • Transfer data to other third parties without your explicit consent

IV. Privacy-Preserving Technology

We’ve designed Wildcard.id from the ground up to minimize data collection and maximize your privacy:

Pairwise Subject Identifiers

Every app sees you as a different user. We generate these identifiers using a one-way cryptographic function (HMAC-SHA256) that combines your account with the app’s “sector.”

What this means for you: Even if two apps you use are owned by the same company, they can’t automatically link your accounts together unless they’re explicitly part of the same “sector” (which developers must configure upfront and cannot change later).

Sectors & Data Isolation

App developers can group their apps into “sectors” to share user identities across their own products, or keep them isolated. For example:

  • Developer A creates Apps 1, 2, and 3 in the same sector → You have the same ID across all three
  • Developer A creates App 4 in a different sector → You have a completely different ID in App 4

Sectors cannot be changed after creation, preventing developers from retroactively linking user identities.

WebAuthn Passkeys

Instead of passwords that can be stolen or leaked, we use WebAuthn passkeys:

  • Private keys never leave your device
  • Resistant to phishing attacks
  • Protected by your device’s biometrics or PIN
  • Cannot be used even if our servers are compromised

Minimal Data Collection

We deliberately don’t collect email addresses, real names, or demographic data. We can’t leak what we don’t have.

No Tracking Cookies

We use only essential session cookies for authentication. No advertising cookies, no analytics cookies, no tracking pixels.

V. Your Rights & Choices

Under UK GDPR, EU GDPR, and similar privacy laws (like California’s CCPA), you have these rights:

Right to Access

✓ You can request a copy of all personal data we hold about you ✓ We’ll provide it in a readable format within 30 days

Right to Correction

✓ You can update your display name anytime through your account settings ✓ You can contact us to correct other inaccurate information

Right to Deletion

✓ You can request deletion of your account and all associated data ✓ Contact [email protected] to request deletion (self-service deletion is coming soon) ✓ When we delete your account, we also delete your OAuth consent records and subscription history ✓ Some data may be retained if required by law (e.g., financial records for tax compliance)

Right to Data Portability

✓ You can request a machine-readable export of your data ✓ Currently available upon request—contact [email protected]

Right to Restrict Processing

✓ You can ask us to stop processing your data while we resolve a dispute or verify accuracy

Right to Object

✓ You can object to our processing of your data for specific purposes ✓ We’ll stop unless we have compelling legitimate grounds to continue

Right to Withdraw Consent

✓ Where we process data based on consent (like leaderboard display), you can withdraw it anytime ✓ You can disconnect apps through your account settings to revoke their access

Right to Complain

✓ If you believe we’ve mishandled your data, you can complain to:

  • UK: Information Commissioner’s Office (ICO) – https://ico.org.uk/
  • EU: Your local data protection authority
  • California: California Attorney General

How to Exercise Your Rights

Email us at [email protected] with your request. We’ll respond within 30 days.

We may ask you to verify your identity before fulfilling certain requests (e.g., data deletion) to prevent unauthorized access.

VI. Data Retention

How Long We Keep Your Data

Account data – We keep your display name, passkeys, and account information indefinitely until you delete your account

OAuth tokens – Access tokens expire after a set time (typically hours to days); refresh tokens remain valid until you disconnect the app or revoke access

Subscription data – We retain subscription history as long as you maintain your subscription, plus any legally required retention period for financial records (typically 6-7 years for UK tax compliance)

Security logs – Failed redirect URI attempts are kept for the 50 most recent per app, then automatically deleted

Server logs – Standard logs are rotated according to our server retention policy (typically 30-90 days)

Inactive Accounts

We currently retain accounts indefinitely, even if unused. If we implement automatic deletion of inactive accounts in the future, we’ll notify you via this policy update (see changelog below).

After Account Deletion

When you request account deletion:

✓ We delete your display name, passkeys, and account data ✓ We delete OAuth consent records and active tokens ✓ We delete subscription records (subject to tax retention requirements) ✓ Your pairwise subject IDs become orphaned—apps may still have records associated with those IDs, but we can no longer link them back to you ✓ Some anonymized or aggregated data may remain (e.g., “50 users subscribed this month”) where individual identification is impossible

VII. Data Security

We take security seriously:

Encryption in transit – All connections use HTTPS/TLS ✓ Encryption at rest – Session cookies are encrypted and cryptographically signed ✓ Database security – Production databases run on secured servers with restricted access ✓ WebAuthn passkeys – Private keys never leave your device; we store only public keys ✓ Token security – OAuth tokens include expiration, revocation, and refresh rotation ✓ Pairwise secrets – The secret key used to generate pairwise IDs is stored securely and never exposed

What Happens in a Breach

Despite our precautions, no system is perfectly secure. If we experience a data breach:

✓ We’ll investigate and contain the breach immediately ✓ We’ll notify affected users within 72 hours (as required by GDPR) by posting prominent notices on wildcard.id—since we don’t collect email addresses, this is our primary notification method ✓ We’ll report the breach to the UK Information Commissioner’s Office if legally required ✓ We’ll be transparent about what happened and what data was affected

Note: Because we use WebAuthn passkeys, even a complete database breach wouldn’t expose your credentials—the private keys are on your devices, not our servers.

VIII. International Data Transfers

Where Your Data Lives

✓ Our production servers are located in the United Kingdom ✓ Our hosting provider (DigitalOcean) operates data centers in UK and EU regions where possible ✓ Cloudflare operates globally but is configured to prioritize UK/EU edge locations

Transfers Outside UK/EU

Some of our service providers operate in countries outside the UK/EU:

Stripe (payment processing) – US-based company, transfers data to the United States ✓ Stripe participates in relevant data transfer frameworks and provides contractual safeguards

When we transfer data internationally:

✓ We use providers that participate in approved transfer mechanisms (Standard Contractual Clauses, adequacy decisions, etc.) ✓ We ensure appropriate safeguards are in place to protect your data ✓ We transfer only the minimum data necessary for the service

By using Wildcard.id, you consent to these international transfers as described.

IX. Legal Basis for Processing (GDPR)

Under UK/EU GDPR, we must have a legal basis to process your data. Here’s what we rely on:

Purpose Legal Basis
Providing authentication service Contractual necessity – We need your data to perform the service you’ve requested
Processing subscriptions Contractual necessity – Required to fulfill your subscription
Generating pairwise IDs Legitimate interests – Privacy-preserving identifiers protect both you and our users
Security logging Legitimate interests – Preventing fraud and unauthorized access
Leaderboard display Consent – You explicitly opt in
Law enforcement requests Legal obligation – Required by law

You can object to processing based on legitimate interests, and we’ll assess whether we have overriding grounds to continue.

X. California Privacy Rights (CCPA)

If you’re a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Categories of Personal Information We Collect

  • Identifiers: Display names, pairwise subject IDs, user IDs
  • Financial information: Subscription amounts, tiers (not payment card details—those go directly to Stripe)
  • Internet activity: OAuth authorization events, failed redirect logs
  • Device information: User agents (in security logs only)

Your California Rights

Right to Know – Request details about what personal information we’ve collected and how we use it ✓ Right to Delete – Request deletion of your personal information (subject to legal exceptions) ✓ Right to Opt-Out of Sale – We don’t sell personal information, so there’s nothing to opt out of ✓ Right to Non-Discrimination – We won’t discriminate against you for exercising your privacy rights

How to Exercise California Rights

Email [email protected] with “California Privacy Request” in the subject line. We’ll verify your identity and respond within 45 days.

XI. Cookies & Tracking

Essential Cookies We Use

_wildcard_id_key – Session cookie that keeps you logged in

  • Encrypted and cryptographically signed
  • Set to SameSite=Lax to prevent CSRF attacks
  • Expires when you close your browser or log out

What We Don’t Use

✗ Advertising cookies ✗ Analytics cookies (no Google Analytics, Plausible, etc.) ✗ Social media tracking pixels ✗ Third-party tracking scripts ✗ Cross-site tracking

Browser Settings

You can disable cookies in your browser settings, but this will prevent you from logging in to Wildcard.id since session cookies are essential for authentication.

XII. Changes to This Policy

How We Update This Policy

We may update this privacy policy from time to time to reflect:

  • Changes in our practices
  • New features or services
  • Legal or regulatory requirements
  • User feedback and requests

How You’ll Know

✓ We’ll update the “Last Updated” date at the top of this policy ✓ We’ll maintain a changelog below showing what changed and when ✓ For significant changes that affect your rights, we’ll make reasonable efforts to notify you (though since we don’t collect email addresses, this means prominent notices on our website)

Your Responsibility

Because we don’t collect contact information, we encourage you to check back periodically to review any changes. Continued use of Wildcard.id after changes take effect means you accept the updated policy.

XIII. Contact Us

For any questions, concerns, or requests about your privacy:

Email: [email protected]

Postal Address: Cognitive Creations Ltd Innovation Centre Medway Maidstone Road Chatham, Kent ME5 9FD United Kingdom

Company Number: 12015800

We’ll respond to privacy inquiries within 30 days.

XIV. Privacy Policy Changelog

This section tracks significant changes to our privacy policy:

Version 1.0 – 5 November 2025

  • Initial privacy policy published
  • Covers authentication service, pairwise identifiers, subscription system
  • Implements GDPR and CCPA compliance

XV. Third-Party Services & Links

Services We Use

This policy covers only Wildcard.id. When you interact with third parties, their privacy policies apply:

Stripe – Payment processing: https://stripe.com/privacyDigitalOcean – Hosting infrastructure: https://www.digitalocean.com/legal/privacy-policyCloudflare – DNS and CDN: https://www.cloudflare.com/privacypolicy/

Apps You Log In To

When you use Wildcard.id to authenticate with other apps and websites:

✓ Those apps have their own privacy policies governing how they use your data ✓ We share only what you explicitly authorize (pairwise ID and optionally display name) ✓ We’re not responsible for how those apps handle your information ✓ You should review each app’s privacy policy before connecting it

XVI. Developer Privacy

If you’re a developer creating apps that use Wildcard.id for authentication:

✓ You agree to protect the pairwise subject IDs and user data we provide ✓ You must not attempt to correlate user identities across sectors ✓ You must have your own privacy policy covering how you use user data ✓ You must honor user deletion requests and delete data tied to their pairwise ID

Developer misconduct or privacy violations may result in account suspension or termination.

Thank you for trusting Wildcard.id with your authentication. We’re committed to earning that trust every day by putting your privacy first.