Privacy Policy


Last updated February 2023


The Technology Business Management Council, Ltd. ("TBM Council" or "we") respects data privacy and is committed to protecting your Personal Information as described in this privacy policy ("Policy").

This Policy describes: (1) the types of Personal Information we may collect; (2) the purposes for which we collect Personal Information; (3) the parties with whom we may share this information; (4) your rights and choices; (5) how to contact us with your questions or concerns; (6) and the measures we take to protect Personal Information.



In this Policy, we provide information about the processing of Personal Information on our publicly available websites, including and (collectively, our "Website") or otherwise by TBM Council in connection with interacting with personnel of its affiliates, partners, sponsors, and vendors, including its founding sponsor and technical advisor, Apptio, Inc. (“Apptio”). If you are located in the European Economic Area (“EEA”) please also refer to the “GDPR” and “Cross-Border Data Transfers” sections below.
For the purpose of this Policy, “Personal Information” means “any information relating to an identified or identifiable natural person.”
This Policy does not apply to information collected from our employees, which are governed by other policies, or any information collected on any third-party site or by any third-party application that may link to or be accessible from the Website or other services.
By accessing and continuing to use the Website, or otherwise submitting your Personal Information to the TBM Council where this Policy is referenced, you signify your consent to the terms and conditions of our Policy. We may change or update this Policy from time to time as described in the “Changes to our Policy” section below, and your continued use of the Website is deemed to be acceptance of such changes. Please periodically check the Policy for updates and changes.


Personal Information We Collect or Receive

Website Visitor Information. We receive information from and about visitors to our Website, including:


  • When you submit requests or inquiries on our Website. Examples of activities include viewing content (e.g. whitepapers, publications, knowledge articles, best practices and other digital content), completing surveys, and requesting additional information, services, or support from us.
  • When you post materials on our Website. Examples of activities include uploading information about generally used custom reports, sharing models, and discussion about taxonomy standards that you’ve had experience with.
  • In connection with these activities, we may collect various information, such as your name, job title/level, company name, address, phone number, e-mail address, country, and certain company information.
  • When you correspond with us via email, we may collect the Personal Information included in your email.
  • If you use a bulletin board or chat room on our Website, please be aware that any Personal Information you submit there can be read, collected, or used by other users of these forums. We are not responsible for third party use of the Personal Information you choose to submit in these forums.
  • When you visit our Website we collect certain information automatically. This includes device information such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, and browser type, and information about the actions you take on our Website, such as access times, pages viewed, links clicked, and the page you visited before navigating to our Website. We also use session replay technologies to visualize how visitors interact with our Website.
  • Like many websites, we use "cookies" to collect visitor information. Cookies are alphanumeric identifiers that we transfer to your computer's hard drive through your Web browser. They make it possible for us to recognize your browser when you visit and to tell us whether customers and visitors have visited the Website previously. If you have provided your name or other contact information to us via a web form, we are able to link that information back to the cookie. This information may be used to provide you with information that we believe to be relevant to you based on your actions on our Website. Please review the “Cookies and Web Beacons” section below to learn more.
  • We may also infer or derive information about you from the other information we collect. For example, we may infer your approximate location from your IP address.


Member and Partner Relationship Information. We collect information from our members and prospective members, vendors and prospective vendors, partners and prospective partners including:


  • We require members who register to become members of the TBM Council to provide contact information, such as their name, company name, phone number, and e-mail address, and we may also ask for additional information such as title, department name, fax number, and additional company information, such as mailing address, annual revenues, number of employees, or industry (“Account Information”). Registered users can update or remove their account information at any time by logging into Website and editing their account information. Registered users are responsible for maintaining the confidentiality and security of their user registration and password.
  • When prospective members volunteer contact information to us so that we may continue to provide them with information about the TBM Council. 
  • When vendors and partners provide Personal Information about their employees in the form of contact information or other such information to us for purposes of the vendor’s services to TBM Council or in furtherance of the relevant partner relationship.
  • When members who interact on forums and portal pages share with their peers information about their usage of technology, knowledge of best practice, advocate processes, and champion methodology. The information shared may be in the form of questions, answers, documents, blog posts, videos, podcasts votes and comments.


We also receive information from other sources, including the contact details of prospects and sale leads from business partners or vendors.

You can choose not to provide us with your Personal Information, but if you do not provide us with your Personal Information when we request it, we may not be able to provide you with our full range of services, or provide a service appropriately tailored to you. 


How We May Use Personal Information

We may use and disclose the information governed by this Privacy Policy that we collect about you or that you provide to us, including any Personal Information, in the following ways:

  • To provide you with information about the TBM Council and our events, services and partners. We may email you information regarding TBM Council events and affairs, and may send a newsletter type of communication via email. You can opt out of receiving such communications by using the "unsubscribe" link at the bottom of such email and/or by changing the notifications settings for your account on the Website
  • To diagnose and resolve issues with and otherwise improve our Website or services.
  • To carry out our obligations and enforce our rights arising from any agreements between you and us.
  • To monitor and track usage patterns on the Website and optimize performance.
  • To send administrative information to you, for example, information regarding the services and changes to our terms, conditions, and policies of our Website.
  • To target advertisements to you on third-party platforms and websites.
  • To generate de-identified data that we will not attempt to re-identify unless permitted by law.
  • We may post testimonials on our Website which may contain Personal Information such as the member’s name. We do obtain the member’s consent prior to posting the testimonial to post their name along with their testimonial. If you want to remove your Personal Information that is being displayed on our Website under public pages please send your request to


How We May Share Personal Information

We may disclose Personal Information that you provide in furtherance of the purpose for which they were disclosed, providing the services that you have requested, when we otherwise have your permission, or under the following circumstances:

  • To our employees, affiliates, or subsidiaries. Our employees, affiliates and subsidiaries are located in North America, Europe, and parts of Asia, including the US, Canada, UK, Germany, Denmark, the Netherlands, and Australia.  
  • To our founding sponsor and technical advisor, Apptio, Inc., in connection with its efforts to manage the operations of the TBM Council, as well as in connection with Apptio’s own business affairs, including with respect to its efforts to market and deliver technology business management products and services, such as sending email communications and newsletters. If you would like additional information regarding Apptio’s involvement with the TBM Council, please contact
  • To our service providers, vendors, contractors, and consultants (“Service Providers”) in support of TBM Council’s affairs. These Service Providers support TBM Council affairs, and are most likely in the hospitality industry such as hotel and facility operators and transportation providers. We disclosure information only to the extent they have a legitimate need to have information and only to facilitate TBM Council affairs.  We also may share attendee information with strategic sponsors of a particular event unless the attendee specifies otherwise.
  • To other third parties for marketing and advertising purposes.
  • To our professional advisors such as lawyers and accountants in connection with obtaining guidance.
  • To an acquirer, successor, or assignee in connection with or during negotiations of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

We may also disclose your Personal Information to third parties if:

  • We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of TBM Council's Terms of Use, or as otherwise required by law.
  • We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
  • Note that TBM Council may be required to release EU individual’s personal data in response to lawful requests from public authorities including to meet national security and law enforcement requirements.

Your Rights and Choices

We seek to provide you with choices regarding the Personal Information you provide to us. The following describes the choices you have:

  • Cookies. If you do not want us to collect cookies on the Website, you may set your browser to refuse cookies, or to alert you when cookies are being sent. If you do so, please note that some parts of our Website may then be unavailable or not function properly.
  • Marketing Communications from TBM Council or Apptio. If you do not wish to have your e-mail address used for marketing purposes by the TBM Council or Apptio, you can opt-out by sending an email to and, respectively. If we have sent you a promotional e-mail, you may send us a return e-mail asking to be omitted from future e-mail distributions. We do reserve the right to send you certain communications relating to the Website, such as service announcements and administrative messages, that are considered part of your account membership, and we do not offer you the opportunity to opt-out of receiving those messages.
  • Notifications from TBM Connect: If you do not wish to be notified via email any messages that are sent from TBM Connect to inform you of updates to discussion threads that you follow, comments on your posts, a weekly roundup of activity on the portal, etc., you may change the notification settings of your account defined under general preferences on the Website.
  • Right of access, deletion, correction of your Personal Information. You have the right and ability to edit your account information, at any time. Registered users can update or remove their account information at any time by logging into the Website and editing their account information. Subject to applicable law, you may have the right to request access to, correct or delete Personal Information that you have provided to us in connection with the Website. To exercise these rights, you may send us an email at We will respond to any request for access to, correction or update of Personal Information within 30 days of the date of such request.


This section applies to individuals in the European Economic Area (“EEA”), the United Kingdom, and Switzerland.

Where we process Personal Information as a data controller, we do so in reliance on the following lawful bases:

  • To perform our responsibilities under our contract with you (e.g., granting you access to and providing the products and services you requested).
  • When we have a legitimate interest in processing your personal data to operate our business or protect our interests (e.g., to provide, maintain, and improve our products and services, conduct data analytics, and communicate with you).
  • To comply with our legal obligations (e.g., to maintain a record of your consents and track those who have opted out of marketing communications).
  • When we have your consent to do so (e.g., to send you marketing communications). When consent is the legal basis for our processing your personal data, you may withdraw such consent at any time.

Please see the “Your Rights and Choices” section above for information about your privacy rights and how to exercise them. In addition, you can object to certain processing or request that we restrict certain processing by contacting us as described in the “How to Contact Us” section below. You can also lodge a complaint with the data protection authority as follows:

We retain Personal Information as long as necessary to carry out the purposes for which we originally collected it and for other business purposes explained in this Policy.

California Privacy Rights

This section provides additional details about the Personal Information we may collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA”.

Additional Disclosures.

The categories of information we collect include identifiers, internet activity information, professional information, and inferences. The categories of sources from which we collect such information are from you and from third party business partners. For more details about the Personal Information we have collected over the last 12 months, including the categories of sources, please see the “Personal Information We Collect or Receive” section above.

We collect this information for the following business and commercial purposes (described in more detail in the “How We May Use Personal Information” section of this Policy): providing the Website; performing marketing and advertising; conducting analytics and Website improvement; and for security/compliance. We share this information with the categories of third parties described in the “How We May Disclose Personal Information” section above. In particular, we have shared information as follows:

Category of Personal Information Categories of Recipients
Identifiers Affiliates; Service Providers; Professional Advisors; Advertising Partners.
Internet Activity Information Affiliates; Service Providers; Advertising Partners.
Professional Information Affiliates; Service Providers; Professional Advisors; Advertising Partners.
Inferences Affiliates; Service Providers; Professional Advisors; Advertising Partners.

TBM Council does not knowingly sell or share (as those terms are defined in the CCPA) the Personal Information of individuals younger than 16.

Privacy Rights.

Subject to certain limitations, the CCPA provides California consumers a number of rights, specifically:

  1. the right to request to know more details about the categories of Personal Information we collect (including how we use and disclose this information) or access specific pieces of Personal Information we have about them;
  2. the right to delete their Personal Information;
  3. the right to correct inaccurate Personal Information;
  4. the right to opt out of any “sales” or “sharing” that may be occurring through our use of third-party cookies for advertising as described in the “Cookies and Web Beacons” section below by disabling targeting and social media cookies through the cookie settings portal [(you can also opt out by visiting our Website while using a legally-recognized universal choice signal (such as the Global Privacy Control) enabled but please note that our processing of the signal may be limited to the specific browser or device you are using)]; and
  5. the right to not be discriminated for exercising these rights.

California consumers may make a request to know, access, correct, or delete pursuant to their rights under the CCPA by contacting us as set out in the “How to Contact Us” section below. We will verify your request using the information we currently hold about you, including email address. Further information may be required in order to identify you. Consumers can also designate an authorized agent to exercise these rights on their behalf. Authorized agents can submit requests in the same manner as consumers but must include proof of authorization to make the request.

We retain Personal Information as long as necessary to carry out the purposes for which we originally collected it and for other business purposes explained in this Policy.

Data Security

We take reasonable steps given the context of the engagement in which data is provided to protect your Personal Information from loss, misuse, interference, unauthorized access, disclosure, alteration, and destruction. However, the security of information transmitted through the Internet can never be guaranteed and is not entirely within our control.

Where you receive (or have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.


Cross-Border Data Transfers 

Your Personal Information may be stored and processed in countries where we have employees or facilities, including the U.S., Canada, UK, Germany, Denmark, France, the Netherlands, and Australia, or countries where we engage Service Providers, such as in the Netherlands, Germany, Australia, and UK and India. Those countries may not have the same data protection laws as the country in which you initially provided that information. When we transfer your Personal Information to other countries, we will protect it as described in this Policy. By using the Website or otherwise providing Personal Information to us, you acknowledge that we will transfer your Personal Information to countries outside of your country of residence, including the U.S.

We recognize that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR transfer personal data to jurisdictions outside the EEA. We also recognize Switzerland’s announcement that the Swiss-US Privacy Shield Framework does not provide an adequate level of protection to transfer personal data from Switzerland to the U.S. We now rely on Standard Contractual Clauses or other lawful transfer mechanisms approved by the European Commission (or other relevant governmental authority) to transfer personal data from the EEA, the UK, and Switzerland.

TBM Council is subject to the investigatory and enforcement authority of the United States Federal Trade Commission (U.S. FTC).


Links to Other Websites

Our Website may contain links to websites of third parties who: (1) are not affiliated with us; (2) are outside our control; or (3) are not covered by this Policy (“Third-Party Websites”).  Links provided to Third-Party Websites on our Website, if any, are provided only as a convenience to you.  The inclusion of any link does not imply its reliability or an endorsement by us of the content or security.  We are not responsible for the privacy practices of Third-Party Websites, which may collect and use information from you in a manner different than how we do so.  Accordingly, the use of such Third-Party Websites is entirely at your own risk.  For relevant information, you should review the privacy statements or policies of any Third-Party Websites before using them.  Other parties may collect information about your online activities over time and across different websites when you use our Website.


Changes to our Policy

We reserve the right to modify this Policy at any time, so please review it frequently. If we make material changes to this Policy, we will immediately post it to this Website, which will serve as your notification of these changes. Any changes to this Policy will become effective when we post the revised Policy on our Website. Your continued use of the Website is deemed to be acceptance of such changes, to the extent permitted under applicable law.



Neither this Website, nor the TBM Council, are designed to collect Personal Information from children who are under 13 years of age.  We do not intend to or knowingly collect such information.


Do Not Track Disclosures

Do Not Track (“DNT”) is a privacy preference that users can set in their web browsers.  When a user turns on DNT, the browser sends a message to website operators requesting them not to track the user’s website activities.  At this time, we do not respond to DNT signals.  We do not change our practices, described elsewhere in this Policy, in response to DNT settings or signals.  In particular, even if you have turned on a DNT signal, we and others will continue to collect information about you and your website activities through the use of cookies, tracking pixels, and other Tools.  For more information about DNT, visit

Cookies and Web Beacons

This section applies to the Website and describes the information we collect by automated means using information-gathering tools, such as cookies and web beacons. Cookies are small pieces of information or text that are issued to your computer when you visit a website and are used to store or track information about your use of the site.

TBM Council uses cookies for several reasons. 

Some cookies are strictly necessary to enable core site functionality. We refer to these as “required” cookies. For example, we may use required cookies to authenticate your access to various secure areas of our Website that may contain content for registered users.

Other cookies allow us to enhance your browsing experience, tailor content to your preferences, and make your interactions with our Website more meaningful. We refer to these as “performance” cookies. For example, performance cookies may be used to determine whether you have visited our Website before and inform us about site features in which you have interest, thereby permitting us to better tailor the site to our users.  

In addition to required and performance cookies, some third parties issue cookies through our Website to serve ads that are relevant to your interests based on your browsing activities. Targeting cookies also allow us to analyze Website traffic so we can measure and improve performance. These third parties may also collect your browser history or other information to determine how you reached our Website and the pages you visit when you leave our Website. Information gathered through these automated means may be associated with the Personal Information you previously submitted on our Website.

“Social Media” cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests.

How to Control Cookies.

TBM Council complies with privacy laws that control cookies for users throughout the world, including the EU & California. Those users can modify their cookie settings when they first visit our website, or by accessing their cookie settings.  For all other users, by using this Website, you agree that we can place cookies on your computer or device as explained above. However, you can stop cookies being downloaded to your computer by selecting the appropriate settings on your browser. Most browsers will allow you to see what cookies you have and delete them on an individual basis or block cookies from particular or all websites. Be aware that any preference you have set will be lost if you delete all cookies, including your preference to opt-out from cookies as this itself requires an opt-out cookie to have been set. For more information on how to modify your browser settings to block or filter cookies, see or Please bear in mind that removing or blocking cookies can affect your user experience and without cookies, you may not be able to take full advantage of our Website features. We may modify or amend this Cookies and Web Beacons information from time to time at our discretion. When we make changes to this Policy, we will amend the revision date at the top of this page, and such modified or amended information shall be effective as to you and your information as of that revision date. We encourage you to periodically review this “Cookies and Web Beacons” section to be informed about how we are using cookies.

How to Contact Us

If you have questions about this Policy or the Website, would like to opt out from certain services, or to exercise your rights, contact us at:

  • Via email at; or
  • Via mail at TBM Council, 11100 NE 8th Street, #600 Bellevue, WA 98004