Last Updated: September 29, 2022
Tilia LLC and its affiliates (collectively “Tilia”, “we”, “us”, “our”) respect the privacy of its online visitors and users of its websites, apps, products and services, including the services accessible within third-Party Platforms and Publishers (each term as defined in our Terms of Services) (collectively, the “Services”).
We recognize the importance of protecting information collected from our users and have adopted this Privacy Policy to inform you about how we gather, use, store, disclose, and otherwise process your information, including personal information (also known as personal data), in conjunction with your access and use of our Services. Please read this Privacy Policy carefully to understand our views and practices regarding your personal information and how we will treat it.
We collect two types of information – “personal information” and “anonymous information” – which we may use to create a third type of information, “aggregate information”.
Information You Provide
We collect the information which you provide us which may include:
Information We Collect Automatically
When using our Services, in addition to the information you provide us, there is also some information we may collect automatically that identifies you or the device you are using to access the Service, such as your computer or mobile device. Generally, this information relates to your use of the Services and your preferences, such as the types of Services you view or engage with, the features you use, the actions you take, the people or accounts you interact with, and the time, frequency and duration of your activities. In addition, we may also collect location information when you use the Services, including geolocation information or your internet protocol (IP) address.
For more information on this, please see our Cookies Policy.
Information We Receive From Third Parties
Tilia may use your personal information, subject to and at all times in compliance with applicable laws and your choices and controls, for the following purposes:
We will not share your personal information with any third party except in limited circumstances and where permitted by applicable law, including:
As stated in our Terms of Service, we do not make our Services available to anyone under the age of 18. Therefore, we do not intend to collect or otherwise process personal information of anyone under the age of 18. If you have reason to believe we are processing personal information of anyone under 18, please get in touch with us as soon as possible using the contact details in section “Comments and Questions”.
U.S. GLBA Notice
Personal information relating to U.S. users that we collect in connection with the solicitation and provision of our payment and stored value services is subject to our U.S. GLBA Notice. In the event of conflict or inconsistency between this Privacy Policy and our U.S. GLBA Notice, the U.S. GLBA Notice will apply that information.
Other information we collect from U.S. persons will be subject to the provisions of this Privacy Policy.
CCPA
If you are a California resident in accordance with the California Consumer Privacy Act (CCPA), the following information applies to you.
Personal Information We May Collect
During the past twelve (12) months, we may have collected the following categories of personal information about you:
Categories of personal information
Examples
Personal Identifiers
Full name (including any nickname or alias you have used), date and place of birth, taxpayer or government-issued identification number (such as your Social Security number, driver’s license or identification number, passport number, or other similar identifiers), IP address, device identifier, avatar information if this reflects your identity, unique personal identifier, online identifier, and Services account name.
Personal Information under CA Code §1798.80(e)
Contact details (name, address, email address, telephone number, any information you may provide to us about yourself).
Characteristics of Protected Classes or Groups Under State or Federal Law
Age, gender, national origin, race, national origin, and citizenship.
Financial Information (information described in CA Code §1798.80)
Services obtained, transaction histories, purchasing or consuming histories.
Biometric information
N/A
Internet or Network Activity
Internet or Network Activity
Geolocation Data
Device location, geographic location from which your transaction originates.
Inferences drawn from any of the categories of Personal Information above
We may verify your identity against third-party databases; potential fraudulent activity or behaviour.
Education information
N/A
Professional and employment information
Business; job title.
Audio, electronic, visual, thermal, olfactory, or similar information
N/A
Why We Collect Personal Information and How We Use It
The purposes for which we collect and use your personal information (described in detail above) depends on how you engage with us and our Services. The table below lists the purposes for which we may collect and use your personal information:
Purposes for collection and use
Examples
To collect, process, and retain your personal information where required by law.
To fulfill our obligations under federal and state laws.
To provide you with the information, products, and services that you request from us.
To allow you to transact with Publishers and their users through our Services.
To provide, maintain, personalize, optimize, and improve the Services, including research and analytics regarding use of the Services, or to remember you when you leave and return to the Services.
To provide you with the same preferred settings each time you use our Services.
Provide you with more relevant content in marketing, promotional, or other communications to which you may be subscribed.
To inform you about events and news we think you’ll be interested in.
Detect, investigate, and prevent activities that may violate our policies or may be fraudulent or illegal.
To ensure you are who you’re telling us, and to ensure you are using our Services from where you are telling us.
Sources of Personal Information
We collect or receive your personal information from the following sources:
We may also combine your personal information from the Services with the categories of sources listed above.
Disclosure of Personal Information
The categories of third parties to whom we disclose personal information about you depends on, among other things, our relationship or interaction with you. During the past twelve (12) months, we have disclosed your personal information for our business purposes described above to the following categories of third parties:
Your Rights
The CCPA grants certain rights to California residents, namely:
If you wish to exercise any of these rights, please see section “Your Controls, Rights and Choices” for email and postal details.
Sale of Personal Information
We do not sell personal information.
Other U.S. State Privacy Laws and Requirements
Vermont Residents: We will not share your information with companies outside of Tilia, except for our everyday business purposes, for marketing our products and services to you, or with your consent. We will not disclose credit information about you within or outside Tilia except as required or permitted by law.
In addition to the information provided throughout this Privacy Policy, there are certain other pieces of information we are required by law in the EU and UK to provide you.
Controller
The controller of your personal information is Tilia LLC of 945 Battery Street San Francisco, CA 94111.
Processor
With respect to some of the personal information and processing described above, we will act as a processor of your personal information as opposed to a controller. This is when we are only processing your personal information on behalf of a Publisher; this generally occurs when you access our Services through a Publisher’s Platform and we do not need to process the personal data for our own purposes. An example of processing for our own purposes is performing KYC checks.
When we do act as a processor, certain details in this Privacy Policy will not apply to you; most importantly, if we process your personal information as a processor, you may not be able exercise the rights listed in “Your Controls, Rights and Choices” directly to us. You can, however, exercise them with the controller of your personal data which will most likely be a Publisher whose Platform you use.
If you have any questions regarding our role as a processor, you can get in touch using the contact details in section “Comments and Questions”.
Your Rights
For information on the rights exercisable by EU or UK individuals, and details on how to exercise them, please see section “Your Controls, Rights and Choices”.
In addition to those listed below, EU and UK individuals also have the right, at any time, to submit a complaint to a data protection authority. We would, however, appreciate the opportunity to resolve your issue before you do this.
International Transfers
As an organisation operating globally, we may be required to transfer your personal information to countries other than that from which it was collected. Whenever your personal information is transferred, stored or processed by us, we will take reasonable steps to safeguard the privacy of your personal information in accordance with applicable law. In particular, when transferring personal information from the EU or UK, we will either only transfer your personal information to a country which has been deemed by the European Commission or the UK data protection authority, the Information Commissioner’s Office, to be adequate or we will ensure the following appropriate measures are in place so your personal information is treated by the recipients in a way that is equivalent to, and which respects, the EU and UK laws on data protection and your rights as an EU or UK data subject. These include:
Where necessary, we may also further supplement the EU Clauses and/or UK Clauses with additional measures specific to a relevant transfer, such as increased security. If you require further information about either the EU Clauses or the UK Clauses, or the other protective measures in place, please contact us using the details provided in section “Comments and Questions”.
Lawful Basis for Processing
We will only collect, use, process and store your personal information where we have a valid lawful basis. Our lawful bases include:
Retention
We will only retain your personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. For example, we retain your personal information while each of your accounts is in existence or as needed to provide you with Services.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In certain jurisdictions, we will need your explicit consent to obtain, process and share your personal information. All such processing will be carried out in line with this Privacy Policy. To the extent required, your use of the Services will be deemed your explicit consent to obtain, process and share your personal information. If you do not wish to provide us such consent, you should cease using the Services immediately and contact us using the contact details provided in section “Comments and Questions”.
If you are located in a country outside of the U.S., the EU or the UK and have any questions about how we process your personal information, or regarding whether you have any rights with regards to your information, please contact us using the contact details provided in section “Comments and Questions”.
Right to Access and Control your Personal Information
In certain circumstances, you may have the right to:
To exercise one of the above rights, please contact us at the postal address below or by emailing privacy@tilia.io.
Tilia LLC
Attention: Privacy
8605 Santa Monica Blvd, PMB 59201
West Hollywood, California 90069
You can submit a request on your own behalf or on behalf of someone else. If you are acting on someone else’s behalf, we will need to verify your authority to do so.
We will consider your request in accordance with applicable laws. We may need to request specific information from you to help us confirm your identity and ensure your right to exercise the right. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within the timeframe required by applicable law. Occasionally it could take us longer than this if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Account Closure
You may close your account by contacting us at privacy@tilia.io. If you choose to close your Tilia account, we may retain information for a limited period for the purposes set out in this Privacy Policy, at all times to the extent permitted at law.
Advertising Choices
We participate in ad and/or affiliate networks operated by various third-party companies. We and these third-party companies may collect and use certain information about you and your visits to our Services to help serve advertising that is relevant to your interests. If you would like to learn more about these specialized advertising technologies, the Network Advertising Initiative offers useful information about Internet advertising companies, including information about how to opt-out of certain information collection.
For more information on how to opt-out of receiving internet-based advertising, please visit:
On many mobile devices, you can control interest-based advertising through your device’s settings. These options can include resetting your device’s advertising ID or selecting “Limit Ad Tracking” (for iOS devices) or “Opt out of Ads Personalization” (for Android devices) in your device settings.
Ad choices settings and options will vary depending on your browser and device settings, and this is not an exhaustive list. Please note that your opt-out choices will only apply to the specific browser or device from which you opt out. We encourage you to explore your device and browser settings to better understand your choices.
Precise Location
You can withdraw consent for our collection, use, and transfer of precise location information by adjusting the location settings on your device.
We implement technical, physical and organizational security safeguards designed to protect your personal information, from loss, misuse and unauthorized access and disclosure. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We regularly monitor our systems for possible vulnerabilities and attacks. However, given the nature of electronic communications and information processing technologies, we cannot guarantee the security or safety of any information that is sent to us, transmitted through the Internet or stored on our systems. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach by others of any of our physical, technical, or organizational safeguards. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We operate globally and may transfer your personal information to other Tilia companies or third parties in locations around the world for the purposes described in this Privacy Policy. When we do this, we take reasonable steps to ensure an appropriate level of protection for your information, in compliance with applicable law.
If you are located in the EU or the UK, please see the section above titled “Additional Information for Individuals Located in the EU or the UK”.
Our Services may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Services, we encourage you to read the privacy policy of every website you visit.
We keep our Privacy Policy and practices under review, and this Policy was last updated on the date given above. From time to time, we may change this Privacy Policy to accommodate new technologies, industry practices, regulatory requirements or for other purposes. Any changes to this Policy will be posted online, and we will provide notice to you through our Services if these changes are material and, where required by applicable law, we will obtain your consent. If you object to any changes, you may close your account.
If you have a comment or question about this Privacy Policy or our privacy practices, please send an e-mail to privacy@tilia.io or write to us at:
Tilia LLC
Attention: Privacy
8605 Santa Monica Blvd, PMB 59201
West Hollywood, California 90069