Skip to content

Tuum Est Administration ˆ

TUUM EST Privacy Policy

Effective Date:  January 1, 2019


Tuum Est has 3 cookies: all relate to the universal, broad statistics program called Google Analytics. Our Cookie Policy Page has details plus an illustrated Cookie Audit. Cookie Policy x

Transparency Statement

Tuum Est is a scholarly, not a commercial, website. We do not contain advertising. We are neither affiliated with nor beholden to marketers.

Tuum Est has no connection with the pharmaceutical industry. We do not accept funding, donations, perks, or other support from pharmacy manufacturers, nor have we done so in the past. This statement of autonomy, a new requirement, arises from a U.S. Senator's work to expose 28 patient-advocacy sites which were receiving hidden industry support.

Privacy in Correspondence

When you contact us, your email address, your name, and other identifying details will remain private with the Tuum Est site.

If you share your personal experience, or if you write to request material from our archives, we will not publish your information, nor allude to it, without a prior written arrangement. Readers deserve confidentiality for legal and medical matters, which are personal and sensitive.

Tuum Est does not have Forum capability for general reader opinions. We do give space to readers who respond to an article that directly affects them. Such readers should submit their assent or dissent by email. If you send material for potential publication, split your email into two segments with clear headings saying ‘Material for Publication’ and ‘Material Not for Publication.’

Tuum Est is an advocacy site for people aware of injustice wrought by the medical or legal systems, or for people who experience injustice themselves. Consider Tuum Est a safe harbor where you may chronicle events or request resources (privately by email), or read our webpages – and leave no tracking footprints.

The Tuum Est Privacy Policy is designed to assist and encourage the average reader. We had to call upon a legal public safety exception only once in our history, when we worked with law enforcement during a sustained DDoS attack.

In light of that experience, we created an adjunct policy page which covers Privilege: Exceptions and Exclusions. Our position: The Tuum Est Privacy Policy does not shield cyber-criminals. When communication occurs for the purpose of DDoS, fraud or other crime, expect investigative journalism.

Re email etiquette and cyber safety, Tuum Est follows the policies recommended by Cyber-Safe Canada.

Tuum Est Secure Drop

Encryption today is within reach of the average person. Edward Snowden led a public awareness campaign which sped up the spread of encryption by 7 years. We are no longer faced with complex protocols that taxed even the tech savvy.

Tuum Est uses the email service ProtonMail which allows small websites a measure of secure communication. Based in Switzerland, the service is run by ex-CERN physicists. Significant features: (1) ProtonMail does not read the emails on its servers nor acquire personal data from the emails (making it the polar opposite of Google GMail); and (2) ProtonMail was designed with encryption in mind. The technical specs say:

Open Source Cryptography

As ProtonMail uses open source encryption libraries, we can guarantee that our encryption algorithms do not have clandestine back doors. This software is thoroughly vetted by security experts around the world.

Zero Access to User Data

ProtonMail privacy isn't just a promise; it is mathematically ensured. We encrypt emails on the client side, using an encryption key which only the client knows. ProtonMail cannot access this key. We don't possess the technical capacity to decrypt your messages; in result, we are unable to hand your data to third parties.

End-to-End Encryption

Emails are stored in encrypted form on the ProtonMail servers. Emails also travel encrypted between our servers and the client's computer. Within our server network, emails also travel encrypted provided they are exchanged between ProtonMail clients. Because data is encrypted at all steps, the risk of message interception is largely eliminated.

Tuum Est correspondents who discuss sensitive health or legal topics in their emails may use ProtonMail as a Secure Drop, as may visitors who simply want to experiment with the new deft encryption. Follow these steps:

  • Note the qualifier between ProtonMail clients above. To achieve full encryption, both parties must work within the same email program.
  • Sign up for a free basic account at ProtonMail.
  • Employ the encryption setting on your account (one click of a button). The body of the email plus any attachments get fully encrypted, but the subject line does not due to limits of the HTTP header. Thus choose a generic subject line such as Advocacy.

Tuum Est Data Management

Data We Do Collect

When a visitor contacts us, the email address and content of the correspondence are provided at the visitor's own discretion. This information is carefully guarded.

Tuum Est uses Google Analytics to collect broad statistical data. The purpose is site optimization by: (1) Pointing up which topics are most relevant to readers; and (2) Identifying what percent of visitors use mobile devices, and their screen size (so we may design for the increasingly small screens on the market).

Tuum Est is stored on a server owned by web host GreenGeeks which operates in the USA. We access only the standard logs offered on a CPanel (Apache) web host.

Google Analytics and GreenGeeks collect broad statistics. Their logs do not acquire personally identifying information (such as name, address, biometrics, or financial data). The logs do not identify any individual, but they do record the IP address of visitors, which has practical use only in event of a DDoS attack or other malicious activity. Tuum Est record: We needed to track an IP only once in our history since Tuum Est was founded in 2008.

Statistics gathered by Tuum Est are the proprietary property of Tuum Est.

Data We Do Not Collect

Tuum Est has structured its website so that individuals may visit the site without revealing personally identifiable information. Visitors are not required to register in order to read our pages. We do not profile visitors.

Tuum Est does not perform financial transactions (though we may in future). At this time, we do not collect financial data from visitors.

Tuum Est does not carry advertisements. We have no relationship with third-party marketers or data brokers. We shun and have expressed strong opinions against targeted advertising (personalized advertising). Articles on Tuum Est aim for breadth and depth, thus we often cite external sources: we never pass data to sites we link to. We take no responsibility for the operation of such external sites.

GDPR Compliance:  Special Rights of European Citizens

In May 2018 the European Union enacted the General Data Protection Regulation (GDPR). This law replaces a throng of separate, divergent privacy laws previously passed by each nation in the European Union (EU). What counts as progress:

  • The acquisition, processing, and storage of personal data online is now governed by one uniform law for all EU nations.
  • Transparent Privacy Policies: plain language replaces legalese.
  • EU citizens win some control over their personal data online.

The GDPR grants all citizens of the European Union the rights cited below. At Tuum Est, each visitor already has possession of the data we hold on that individual (your correspondence). The statistics we collect do not identify people individually. On our site, many points are opt-out by default (maximum protection). To exercise any rights that do apply, contact our Data Protection OfficerData Controller & Data Protection Officer
Georgena S. Sil
P.O. Box 1491, Saskatoon SK
Canada S7K 3P7

These GDPR rights are not absolute, and exceptions or limits apply in certain cases. Refer also to the Tuum Est adjunct page Privilege Exceptions and Exclusions.

Data Storage

When visitors write to Tuum Est, the email address plus content in the email body are used to answer the inquiry. As soon as a correspondence-series is finished, or amidst it, we download the email to our computer in text or PDF format, then transfer it to an offline device for secure storage. At that point we delete your email from the email server and from our computer.

Data Retention

We preserve your correspondence on our offline device, in case of re-engagement, and to guide us in developing our site: For every person who contacts us, there may be a dozen who have the same question and aspire to the same answers. Recurring topics often lead to a new web series.

Our web host is the GDPR-compliant GreenGeeks, whose logs hold traffic data for one calendar year. In addition, Google Analytics yields broad statistical data which does not automatically expire: we select this retention period in order to measure site growth.

Data Security

All visitor information is restricted to the Tuum Est Webmaster, and is never shared with third parties, sold, or redistributed. In the case of a data breach we will notify all individuals whose rights have been placed at risk. Tuum Est will release the forensic evidence (as distinct from the personal data) to law enforcement as well as the FBI IC3 Unit in the United States.

Age Groups

Tuum Est does not address the pediatric field of medicine. We do not trace the age of visitors, therefore parents are responsible for usage of our site by their minor children. A minor is an individuals under the age of majority in a given geographic region (usually assigned as age 18). Minors: show wisdom; involve a parent or guardian when consulting medical or legal topics online.

Changes to the Tuum Est Privacy Policy

We periodically review the Tuum Est Privacy Policy. If it changes, we will post the new version on this page. Our adjunct pages – Privilege Exceptions and Exclusions and Cookie Policy – will post changes at their original locations. Advance notice of changes will be given when possible: check the Effective Date in the headline.

Georgena S. Sil
Saskatoon, Canada
Physicist & Technical Writer
Alumnus: University of British Columbia
Twitter Facebook Linked In Google+
European Parliament Building, Brussels, Belgium

European Parliament / Brussels

Building (above) and Hemicycle Debating Chamber (below)

European Parliament, Brussels, Belgium: Hemicycle (Debating Chamber)

There will still be attempts to breach systems, and data breach reporting will not miraculously halt criminal activity. Fines can be avoided if organizations are open and honest and report without undue delay.

Elizabeth Denham

GDPR Information Commissioner

If data has been accessed, then shared or sold, deleting the initial data-set will not stop its use further along the chain. This highlights the need for regulation to prevent breaches from occurring in the first place.

Lorna McGregor

Human Rights Director, Essex University


The Good, The Bad, The Future

Good: The goal of the GDPR is to foster a culture of transparency and accountability with regard to personal data on the web.

Bad: When a data breach occurs, the GDPR does not penalize banks, social media sites, email clients, or retailers for the actual breach — no matter how massive. The only penalty is for failing to report or disclose a data breach.

Future: A survey of websites around the world shows that many Privacy Policies are still too lengthy to read, even with common language replacing legalese.

Tuum Est suggests:

  • The GDPR could write a standard Policy Statement covering the basic rules. Each website would be required to post this as the foundation of their Privacy Policy.
  • Each site then writes a customized list stating how their rules differ from the standard, what data is held, and how it is processed. This list should appear in a separate section at the top of the site's Data Policy page.
  • An approach of this type would simplify profoundly what visitors must read and digest. It would also give visitors a time-saving op-out: Does a website list too many differences? Hit the back button.

Copyright © 2008-2019 Georgena Sil. All Rights Reserved.