Tuum Est is a scholarly, not a commercial, website. We do not contain advertising. We are neither affiliated with nor beholden to marketers.
Tuum Est has no connection with the pharmaceutical industry. We do not accept funding, donations, perks, or other support from pharmacy manufacturers, nor have we done so in the past. This statement of autonomy, a new requirement, arises from a U.S. Senator's work to expose 28 patient-advocacy sites which were receiving hidden industry support.
When you contact us, your email address, your name, and other identifying details will remain private with the Tuum Est site.
If you share your personal experience, or if you write to request material from our archives, we will not publish your information, nor allude to it, without a prior written arrangement. Readers deserve confidentiality for legal and medical matters, which are personal and sensitive.
Tuum Est does not have Forum capability for general reader opinions. We do give space to readers who respond to an article that directly affects them. Such readers should submit their assent or dissent by email. If you send material for potential publication, split your email into two segments with clear headings saying ‘Material for Publication’ and ‘Material Not for Publication.’
Tuum Est is an advocacy site for people aware of injustice wrought by the medical or legal systems, or for people who experience injustice themselves. Consider Tuum Est a safe harbor where you may chronicle events or request resources (privately by email), or read our webpages – and leave no tracking footprints.
Re email etiquette and cyber safety, Tuum Est follows the policies recommended by Cyber-Safe Canada.
Encryption today is within reach of the average person. Edward Snowden led a public awareness campaign which sped up the spread of encryption by 7 years. We are no longer faced with complex protocols that taxed even the tech savvy.
Tuum Est uses the email service ProtonMail which allows small websites a measure of secure communication. Based in Switzerland, the service is run by ex-CERN physicists. Significant features: (1) ProtonMail does not read the emails on its servers nor acquire personal data from the emails (making it the polar opposite of Google GMail); and (2) ProtonMail was designed with encryption in mind. The technical specs say:
“As ProtonMail uses open source encryption libraries, we can guarantee that our encryption algorithms do not have clandestine back doors. This software is thoroughly vetted by security experts around the world.
“ProtonMail privacy isn't just a promise; it is mathematically ensured. We encrypt emails on the client side, using an encryption key which only the client knows. ProtonMail cannot access this key. We don't possess the technical capacity to decrypt your messages; in result, we are unable to hand your data to third parties.
“Emails are stored in encrypted form on the ProtonMail servers. Emails also travel encrypted between our servers and the client's computer. Within our server network, emails also travel encrypted provided they are exchanged between ProtonMail clients. Because data is encrypted at all steps, the risk of message interception is largely eliminated.
Tuum Est correspondents who discuss sensitive health or legal topics in their emails may use ProtonMail as a Secure Drop, as may visitors who simply want to experiment with the new deft encryption. Follow these steps:
When a visitor contacts us, the email address and content of the correspondence are provided at the visitor's own discretion. This information is carefully guarded.
Tuum Est uses Google Analytics to collect broad statistical data. The purpose is site optimization by: (1) Pointing up which topics are most relevant to readers; and (2) Identifying what percent of visitors use mobile devices, and their screen size (so we may design for the increasingly small screens on the market).
Tuum Est is stored on a server owned by web host GreenGeeks which operates in the USA. We access only the standard logs offered on a CPanel (Apache) web host.
Google Analytics and GreenGeeks collect broad statistics. Their logs do not acquire personally identifying information (such as name, address, biometrics, or financial data). The logs do not identify any individual, but they do record the IP address of visitors, which has practical use only in event of a DDoS attack or other malicious activity. Tuum Est record: We needed to track an IP only once in our history since Tuum Est was founded in 2008.
Statistics gathered by Tuum Est are the proprietary property of Tuum Est.
Tuum Est has structured its website so that individuals may visit the site without revealing personally identifiable information. Visitors are not required to register in order to read our pages. We do not profile visitors.
Tuum Est does not perform financial transactions (though we may in future). At this time, we do not collect financial data from visitors.
Tuum Est does not carry advertisements. We have no relationship with third-party marketers or data brokers. We shun and have expressed strong opinions against targeted advertising (personalized advertising). Articles on Tuum Est aim for breadth and depth, thus we often cite external sources: we never pass data to sites we link to. We take no responsibility for the operation of such external sites.
In May 2018 the European Union enacted the General Data Protection Regulation (GDPR). This law replaces a throng of separate, divergent privacy laws previously passed by each nation in the European Union (EU). What counts as progress:
The GDPR grants all citizens of the European Union the rights cited below. At Tuum Est, each visitor already has possession of the data we hold on that individual (your correspondence). The statistics we collect do not identify people individually. On our site, many points are opt-out by default (maximum protection). To exercise any rights that do apply, contact our Data Protection OfficerData Controller & Data Protection Officer
Georgena S. Sil
P.O. Box 1491, Saskatoon SK
Canada S7K 3P7
These GDPR rights are not absolute, and exceptions or limits apply in certain cases. Refer also to the Tuum Est adjunct page Privilege Exceptions and Exclusions.
When visitors write to Tuum Est, the email address plus content in the email body are used to answer the inquiry. As soon as a correspondence-series is finished, or amidst it, we download the email to our computer in text or PDF format, then transfer it to an offline device for secure storage. At that point we delete your email from the email server and from our computer.
We preserve your correspondence on our offline device, in case of re-engagement, and to guide us in developing our site: For every person who contacts us, there may be a dozen who have the same question and aspire to the same answers. Recurring topics often lead to a new web series.
Our web host is the GDPR-compliant GreenGeeks, whose logs hold traffic data for one calendar year. In addition, Google Analytics yields broad statistical data which does not automatically expire: we select this retention period in order to measure site growth.
All visitor information is restricted to the Tuum Est Webmaster, and is never shared with third parties, sold, or redistributed. In the case of a data breach we will notify all individuals whose rights have been placed at risk. Tuum Est will release the forensic evidence (as distinct from the personal data) to law enforcement as well as the FBI IC3 Unit in the United States.
Tuum Est does not address the pediatric field of medicine. We do not trace the age of visitors, therefore parents are responsible for usage of our site by their minor children. A minor is an individuals under the age of majority in a given geographic region (usually assigned as age 18). Minors: show wisdom; involve a parent or guardian when consulting medical or legal topics online.
Tuum Est - It Is Up To You
Building (above) and Hemicycle Debating Chamber (below)
There will still be attempts to breach systems, and data breach reporting will not miraculously halt criminal activity. Fines can be avoided if organizations are open and honest and report without undue delay.
If data has been accessed, then shared or sold, deleting the initial data-set will not stop its use further along the chain. This highlights the need for regulation to prevent breaches from occurring in the first place.
Good: The goal of the GDPR is to foster a culture of transparency and accountability with regard to personal data on the web.
Bad: When a data breach occurs, the GDPR does not penalize banks, social media sites, email clients, or retailers for the actual breach — no matter how massive. The only penalty is for failing to report or disclose a data breach.
Future: A survey of websites around the world shows that many Privacy Policies are still too lengthy to read, even with common language replacing legalese.
Tuum Est suggests:
Copyright © 2008-2018 Georgena Sil. All Rights Reserved.