Last Updated October 16, 2023
TM Forum takes privacy and data protection seriously and seeks to comply with all applicable data protection requirements, including the European Union’s General Data Protection Regulation (GDPR).
This Privacy Statement describes who we are, how we collect and use your personal data and how we share that data. It also sets out your rights under data protection law in relation to our processing of your personal data.
If you want more information, or if you have any questions about this Privacy Statement, please get in touch with us using the contact details set out below or by email at [email protected]
Who we are
TM Forum has 800+ member companies and we provide these companies and their employees with a number of different services which are designed to support our members in exploiting new business opportunities and resolving business challenges.
Our activities also include organising conferences and events; providing training and certification; facilitating collaboration programs
Our headquarters and principal place of business is at 181 New Road, Suite 304, Parsippany, New Jersey 07504 United States of America
We are registered in England and Wales as TM Forum Ltd under registration number 11121779, and our registered office is at 6th Floor 25 Farringdon Street, London, United Kingdom, EC4A 4AB
TM Forum is a non-profit organisation dedicated to improving business effectiveness for service providers and their suppliers in the communications and media industries. TM Forum is headquartered in the USA and has a registered office in the United Kingdom.
Information we collect
We collect your biographical data
We collect the following biographical data: name, address, phone number, email address, and profile pictures. When you participate in our training courses, we will collect data about your educational qualifications and the results you obtain when doing the course. We will also collect information that you post for publication on our websites
We collect your payment data
if you purchase products from TM Forum, we will need to collect your card details from you to process your payment.
We collect data from your interactions with us
If you interact with us we will record details of those interactions. For example, we will collect details of phone calls, email correspondence and hard copy correspondence.
When you interact with us online we will automatically collect data about your use of our services, including data on the type of device you’re using, its IP address, your browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. For further information see our cookies policies below.
TM Forum collects personal information about you so that we can provide you with our services and products. This includes your biographical data, your payment data, and data from your interactions with us.
Where we get your personal data
We will collect personal data from you when you interact with us, for example if you register for an event, request information or support, use our services (including our websites) or purchase our products.
Sometimes we will obtain your personal data from others, including in particular your employer. For example, your employer may provide us with your personal data when organising training for staff; registering you for an event; participating in a workshop; adding you to a CurateFx project team or nominating you to participate in a Smart City or Digital Maturity benchmark survey.
In addition our servers, logs and other technologies automatically collect certain information to help us administer, protect and improve our services, analyse usage and improve users’ experiences.
We collect the personal data that you give us and personal data that we obtain from others, for example your employers.
Why we use your personal data
We will process your personal data on the basis of your consent
If you consent to us sending you marketing messages about our products and services we will process your personal data in order to send you marketing messages and to make sure that any marketing messages that we send you are relevant to you.
You can use the privacy controls on our websites to specify whether you would like to receive a direct marketing communication and limit the publication of your information. You can withdraw your consent to the processing of your personal data at any time. You can access the privacy controls at www.tmforum.org/my-account.
When you visit our website you will be asked to consent to the placement of cookies on your device. You do not have to accept our cookies but if you don’t your experience may not be as fulfilling as it would otherwise be.
We will process your personal data where the processing is necessary for the performance of our contract with you or in order to take steps at your request before entering a contract
We will collect and process biographical personal data from you, namely your name, telephone number, address, email address and IP address in order to provide our products and services to you and perform our contract with you. Where the contract is one for paid products or services we will also collect your credit or debit card details. Where the contract relates to training or research we may also collect data regarding your educational qualifications and/or experience.
We will use this data to ensure that we know who you are and that we comply with our obligations under the contract. More specifically we will use this data to:
We will process your personal data when we have a legitimate interest in doing so
At times we will need to process your data to pursue our legitimate business interests, for example for administrative purposes, to provide information to you, to operate, evaluate, maintain, develop and improve our websites and services or to maintain their security. We will not process your data on a legitimate interest basis where the impact of the processing on your interests and rights outweigh our legitimate interests.
We will process the following personal data on the basis of our legitimate interests:
If do not want us to process your personal data on the basis of our legitimate interests, let us know and we will double check to make sure that our interests in processing your personal data don’t outweigh your interests and rights.
We will process your personal data to comply with our legal and regulatory obligations
We may need to use your information to comply with legal and regulatory obligations, including complying with your information rights, with reporting obligations and with court orders. We may also need to process your personal data to protect your vital interests or those of another person.
We use your personal data to provide you with our services and to assist us in the operation of our business. Under data protection law, we must ensure that there is an appropriate basis for the processing of your personal data and let you know what that basis is.
We process your personal data on the basis that a) you have consented to the processing; b) the processing is necessary for the performance of our contracts with you or in order to take steps at your request before entering a contract; c) the processing is necessary in order for us to pursue our legitimate interests; and/or d) the processing is required by law.
What you can do with your information
You can ask for access to the information we hold on you
You have the right to ask for all the information we have about you and the services you receive from us. When we receive a request from you in writing, we must give you access to everything we’ve recorded about you as well as details of the processing, the categories of personal data concerned and the recipients of the personal data.
We will provide the first copy of your personal data free of charge but we may charge you a reasonable fee for any additional copies.
We cannot give your access to a copy of your data if this would adversely affect the rights and freedoms of other. For security reasons we will not give your access to credit/debit card details but will delete these from our systems at your request.
You can ask to change information you think is inaccurate
You should let us know if you disagree with something included in your personal data.
We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask to delete information (right to be forgotten)
In some circumstances you can ask for your personal information to be deleted, for example, where:
Where your personal information has been shared with others, we’ll do what we can to make sure those using your personal information comply with your request for erasure.
Please note that we can’t delete your information where:
You can ask us to limit what we use your personal data for
You have the right to ask us to restrict what we use your personal data for where:
When personal data is restricted it can’t be used other than to securely store the data and with your consent to handle legal claims and protect others, or where it’s for important public interests.
Where restriction of use has been granted, we’ll inform you before we carry on using your personal data.
You have the right to ask us to stop using your personal data for any of our services. Where possible we’ll seek to comply with your request, but we may need to hold or use data because we are required to by law. You should also be aware that If your request is approved this may cause delays or prevent us delivering that service.
You can ask to have your personal data moved to another provider (data portability)
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.
This right only applies if we’re using your personal information with consent and if decisions were made by a computer and not a human being. It does not apply where it would adversely affect the rights and freedoms of others.
You can make a complaint
You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.
You have a number of rights to control the personal data we use and how we use it. This includes the right to access your personal data, rectify inaccuracies, request that your data be deleted, restrict and/or object to the processing of your data and transfer your personal data to other entities. You may exercise these rights by contacting us via email at [email protected], or by sending a letter to the following address: TM Forum, 181 New Road Suite 304, Parsippany, NJ 07054 USA
How long do we keep your personal data
We will retain data about your use of our websites, products and services and data about your account for three years following the date of last processing of that data. At the end of this three year period, we will remove this data from our systems.
In some circumstances it is not possible for us to specify in advance the period for which we will retain your personal data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate business interests.
We will always retain your personal data where this is necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or those of another person.
We only keep your data as long as it is necessary for the purposes of processing it or to comply with legal or regulatory requirements.
We update and test our security technology on an ongoing basis. We restrict access to your personal data to staff who need to have access to it to provide services or benefits to you. We also train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
We are committed to protecting the security of your personal information and have implemented appropriate physical, technical and administrative safeguards.
Transfers outside the EEA
When we transfer personal data to the US, we rely on the Standard Contractual Clauses under Article 46.2 of the GDPR
We may transfer your personal data to our Headquarters . Where necessary, we ensure the safety of your personal data through the adoption of Standard Contractual Clauses
Amendments to this Privacy Statement
We will post any changes on the website and when doing so will change the updated date at the top of this privacy notice. Please make sure to check the date when you use our services to see if there have been any changes since you last used those services. If you are not happy with any changes that we have made you should cease using our services.
In some cases we may provide you with additional notice of changes to this privacy statement, such as via email. We will always provide you with such additional notice well in advance of the changes taking effect where we consider the changes to be material.
We may change this Privacy Statement from time to time.
Who receives your Personal Data
We share personal data with members of our group
We may share your personal data with any member of our group of companies (including our subsidiaries, our ultimate holding companies and all its subsidiaries) in so far as reasonably necessary for the purposes set out in this policy.
We share personal data with our agents, consultants, service providers, and representatives of member organizations.
We may share your personal data with our agents, consultants and service providers who process personal data on our behalf to perform functions related to the products and services that we provide. These organisations include our event organisers and registration provider (Stova, US and FieldDrive, EU), database service providers (Pagely, US and Microsoft Azure, US), backup and disaster recovery service providers, email service providers (Microsoft Office 365, US), payment service providers (PayPal, US and Stripe, US), learning management system providers (LearnUpon, Ireland), online Community provider (Higher Logic, US), CRM system providers (Salesforce), Marketing Automation provider (Marketo), survey provider (SurveyMonkey, US), accounting system provider (Sage Intacct, US), collaboration platform providers (Clearvision, US), data analytics and Business Intelligence providers (Google Analytics, US; Microsoft, US; Hotjar US, Feathr, US), and webinar service providers (GotoWebinar, US and ON24, US), Digital Maturity Model and Smart City Maturity Model Apps (Kumulos, US and Auth0, EU). Digital advertising platform provider (LinkedIn). When we engage another organisation to perform functions for us, we may provide them with information including personal data, in connection with their performance of those functions. We may display on our membership website your entry in our membership directory. We do not allow third parties to use personal data except for the purpose of providing these services.
We share personal data with our insurers and/or professional advisers
We may disclose your personal data to [our insurers and/or professional advisers] insofar as reasonably necessary for the purposes of [obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes].
We share data between users of Smart City and Digital Maturity Model benchmark surveys
We share data between users of the App based on the data sharing permission set by the respective leaders or their assignees. This data comprises social media profile data and benchmark survey data.
Anonymised benchmarking data is also supplied in aggregate form to sponsors for research purposes. There is no link to any personal data.
We share personal data with sponsors of our Executive Connect Program
When you participate in our Executive Connect Program, we will collect certain data from you. We will use this data to ensure you qualify to participate in our Executive Connect Program, inform you of related activities/events and help our sponsors know more about you when they select their meetings. More specifically:
We share personal data for legal and regulatory purposes
We will also disclose your personal data if required to do so by law, in order to respond to a court order or request from law enforcement or other public authority and in order to meet national security or law enforcement requirements. We will disclose your personal data if this is necessary to comply with:
We may share personal data with your employer.
We may share your personal information along with information on your use of our websites and services with your employer if they are a member of TM Forum.
We share your information with a range of organisations for the purpose of providing our products and services to you. We may also share your personal data where this is necessary because of legal or regulatory .
Cookies may be either “persistent” cookies or “session” cookies:
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies help us improve the products and services that we offer you. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
|Cookies help us improve the products and services that we offer you.
We use Google Analytics to analyze the use of our web properties. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website.
Details of Cookies:
We may publish Google AdSense advertisements on our websites. To determine your interests, Google will track your behavior on our websites and on other websites across the web using cookies. This behavior tracking allows Google to tailor the advertisements that you see on other websites to reflect your interests. We do not publish interest-based advertisements on our websites.
You can view, delete or add interest categories associated with your browser by visiting: https://adssettings.google.com.
You can also opt out of the AdSense partner network cookie using those settings or using the Network Advertising Initiative’s multi-cookie opt-out mechanism at: http://optout.networkadvertising.org.
To ensure that an opt-out is maintained in respect of a particular browser, you may wish to consider using the Google browser plug-ins available at: https://support.google.com/ads/answer/7395996.
We use Hotjar to analyze the use of our web properties. Hotjar gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Hotjar’s cookie information is available at: https://www.hotjar.com/legal/policies/cookie-information
Details of cookies:
We use authentication cookies to identify a website user and facilitate single sign on between our web properties.
We use authentication cookies to identify a website user and facilitate single sign on between our web properties.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our websites, products and services.
Most browsers allow you to refuse to accept cookies and to delete cookies.
Our Contact Details
Your privacy is important to us. If you have any comments or questions regarding this Privacy Statement, you can contact us at: