Last updated: January 25, 2021
This Privacy Policy outlines how Glass Canvas Media Inc. (“we” or “us”) collects and uses our user’s (“you” or “your”) personal information, which we gather from our websites, services, and desktop and mobile applications (collectively referred to as “Tilma” or “Tilma Platform”). Terms used in this Privacy Policy have the same meanings as in our Terms of Use.
We strive to ensure that any personal data we collect about you will be held and processed strictly in accordance with applicable data protection legislation, as set out in this notice. This Privacy Policy also describes the choices you have regarding personal data we’ve collected about you. “Personal information” or “personal data” is any information that can be used to contact or identify a single individual. Data processed by Tilma can be classified in two ways:
This policy specifically covers data that is collected by us. We are not responsible for, nor do we have control over, the use of data that is collected by customers and users of Tilma.
We collect several different types of personal data, which we use as described in this Privacy Policy (See “How We Use Personal Information,” below). For instance, we collect data:
When you sign up for Tilma, we ask you to provide us with personal data, including but not limited to the following:
We use this information for creating and administering your account. We also may use this information to contact you and send you newsletters, or other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by clicking on the unsubscribe link in the emails, by contacting the Tilma customer you are associated with (e.g. your parish), or by contacting our support team at 2.2 Automatically while you are using Tilma
We also automatically collect information on how Tilma is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages that you use/visit, the time and date of your visit or use, the time spent on those pages or features of Tilma, unique device identifiers and other diagnostic data. We use this data to analyze Tilma’s performance in order to make our services more effective.
We use cookies and similar tracking technologies to track the activity on Tilma and we retain this information to provide and improve Tilma.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze Tilma.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of Tilma. Examples of Cookies we use:
These cookies are essential to provide you with Tilma. For example, they allow you to log in.
These cookies allow us to remember choices you make, or to provide certain features, such as enabling videos from third parties.
These cookies are used to collect information about traffic to our Services and how users use our Services. For example, these cookies are used to determine if you viewed a page or opened an email. This helps to provide you with information that you find interesting.
We use Google Analytics only to improve the functionality and experience of our services. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Please refer to Google’s Privacy Policy for more information. You may also choose to download the Google Analytics opt-out browser add-on.
These cookies are used to deliver advertisements more relevant to you and your interests. They remember that you have visited a website and this information is shared with other organizations such as advertisers.
We also may use Google Ads to deliver tailored advertising on our Sites and other websites that you may visit.
There are a number ways to limit the cookies that your browser accepts or limit the way in which they’re used.
One way to limit cookies is by opting out of third party cookies/advertising networks, Google Analytics and the Digital Advertising Alliance. If you are in Canada or the EU you can use the DAAC’s youradchoices.ca, or EDAA’s youronlinechoices.eu respectively. Some people use what are called “Ad Blockers” to limit advertising/tracking.
Another way of limiting cookies is by controlling cookies in your web browser’s settings. Opting out of cookies using this method will limit your ability to use our Services and may make the ads you see less relevant to your interests.
You may choose to provide us with personal information while interacting with us in various ways. For example, when you fill out a form to register for an event, submit a request for help or process a donation.
We do not sell your personal data to others. We use collected information for the following general purposes:
We share information with third parties who provide services on our behalf to help with our business activities and to provide Tilma. These companies are authorized to use your personal information only for the sole purpose of providing services to us. These services include, but are not limited to the following:
We use third-parties to monitor and analyze the use of Tilma. However, these services are configured in such a way that the third parties are not allowed to use your activity for their own purposes, such as personalizing ads on other websites. A list of these service providers is available here.
Tilma websites are scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
A variety of security measures have been implemented when a user makes a donation, enters, submits, or accesses their information to maintain the safety of your personal information. All credit card transactions are processed through a gateway provider and card data/information is not stored or processed on Tilma servers.
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. More information about this can be found in our Security Policy. If you have any questions about the security of your personal information, you can contact us at [email protected].
If a breach of data occurs within Tilma, we will inform you via a notification posted within Tilma and via email at your last listed email address within 30 business days of discovering the breach. By using Tilma, you acknowledge and agree that we may send you electronic notifications via email instead of notifications by mail.
We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. We will also retain Usage Data for internal analysis purposes.
Certain data acquired by our customers, such as sacramental records, may need to be retained indefinitely in order to comply with certain information lifetime management (ILM) regulations.
If we are involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different Privacy Policy.
Under certain circumstances, we may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
We may disclose your personal data if such action is necessary to:
Upon request, we will provide you with information about your personal data (such as the categories of personal information that we have collected about you, the specific pieces of personal data that we have collected about you, and the categories of sources from which your personal information is collected). You may request access, correct, request the deletion of, or object to our use of your personal information by contacting us at 8.2 Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete or limit the use of your personal data. If you wish to be informed about what personal data we hold about you and if you want it to be removed from our systems, please contact us at 8.4 Your Data Protection Rights under the California Consumer Privacy Act (CCPA)
If you are a California consumer, you have the following rights under the CCPA:
Request for Information and Deletion (CCPA). California consumers have the right to request, up to twice in a 12-month period, that a business that collects personal information about the consumer disclose to the consumer the information listed below for the preceding 12 months. We have the right to request verification of your identity for all requests for information.
To make such a request, please contact us at [email protected] or by calling +1 (236) 301-8165. If you email us, please include “Personal Data Inquiry” as the subject line.
Do Not Sell My Personal Information (CCPA). California consumers have the right to opt out of the sale of the consumer’s personal information. We do not sell your personal information to third parties.
If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it. We may process your personal data because:
Your information, including personal data, may be transferred to - and maintained on - computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States or Canada and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and Canada.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
We will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.
We do not support Do Not Track ("DNT"). Do Not Track is a preference you can set in some web browsers to inform websites that you do not want to be tracked.
Tilma contains links to other sites that are not operated by us. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
In order to use Tilma, you must be old enough to consent to the collection of your personal data in your country. Tilma is not intended for children under 13 years of age (or 16 years of age for those who reside in the EU), and we do not knowingly collect information from anyone under these ages. If you are under these ages, do not use or provide any information about yourself on Tilma or through any of its features.
While we do not specifically market to children under the age of 13 years old, data may still be transferred into the system from our customers, such as a parish, diocese or school. In some cases, the parish, parents, or legal guardians may choose to enter information into the system in order to complete family and/or sacramental records.
We may periodically revise and update this Policy at our sole discretion. All changes are effective immediately when we post them, and apply to all access to and use of Tilma thereafter. Your continued use of Tilma, following the posting of the revised Privacy Policy, means that you accept and agree to the changes. You are expected to check this page from time to time so you are aware of any changes.
Any questions about this Privacy Policy should be addressed to our support team at [email protected] or by calling +1 (236) 301-8165.