TPMA Policy

Website Privacy Policy

Effective as of: July 10, 2026

This policy explains how the Toronto Product Management Association ("TPMA," "we," "us") collects, uses, and protects personal information when you visit tpma.ca, become a member, register for events, join our community, or subscribe to our communications.

TPMA is a not-for-profit professional association based in Toronto, Ontario, Canada. We handle personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information we collect

We collect the following categories of personal information:

  • Account and membership data: Name, email, password, job title, company, membership tier, and billing records. We use this to create and manage your membership, process payments, and give you access to member benefits.
  • Event data: Registration details, attendance, and check-in status. We use this to run events, confirm registrations, and manage capacity.
  • Community data: Your Slack profile, messages, and activity in our workspace. We use this to operate our member community and moderate the space.
  • Communications data: Email address, subscription preferences, and open and click activity. We use this to send our newsletter and event announcements, and to measure engagement.
  • Usage and analytics data: Pages viewed, referral source, approximate location, and device and browser type. We use this to understand how our website is used and improve it.

We collect this information directly from you when you fill out a form, create an account, register for an event, or subscribe, and automatically through cookies and analytics when you use our website.

2. How we use your information

We use personal information to:

  • Provide and administer memberships, events, and community access
  • Process payments and maintain billing records
  • Send you transactional messages, our newsletter, and event announcements
  • Respond to your questions and requests
  • Understand and improve how our website and programs are used
  • Meet our legal, accounting, and governance obligations

We do not sell your personal information. We do not use advertising or remarketing features in Google Analytics, and we do not share your data with advertising platforms.

3. Service providers

We rely on third-party providers to operate our services. These providers process personal information on our behalf and are bound to protect it:

  • Wild Apricot handles membership management, login, payment processing, and mailing lists. It processes your account, membership, billing, and communications data.
  • Luma handles event registration and check-in. It processes your name, email, and event registration details.
  • Slack hosts our member community workspace. It processes your profile information and anything you post in the workspace.
  • Google Analytics measures website traffic. It processes usage and analytics data, including a random identifier and truncated IP address.

Some of these providers store or process data on servers located in the United States or other countries. Where information is processed outside Canada, it may be subject to the laws of that jurisdiction, including lawful access by government authorities. We take reasonable steps to ensure our providers protect your information to a standard comparable to this policy.

4. Cookies and analytics

Our website uses cookies to keep you logged in, remember preferences, and measure site usage. Google Analytics sets cookies that record how visitors use the site, using a random identifier and a truncated IP address. This data is aggregated and does not identify you personally.

You can disable cookies in your browser settings, and you can opt out of Google Analytics using Google's browser add-on at tools.google.com/dlpage/gaoptout. Disabling cookies may affect some site features, including login.

5. How long we keep your information

We keep personal information only as long as needed for the purposes described here, or as required by law. Membership and billing records are retained for the period required for tax and accounting purposes. If you cancel your membership or unsubscribe, we retain limited records as needed to meet our legal obligations and then delete or anonymize the rest.

6. Your rights

Under PIPEDA, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Withdraw consent to our use of your information, subject to legal and contractual limits
  • Unsubscribe from our newsletter at any time using the link in each email

To exercise any of these rights, contact us using the details in Section 9. We will respond within the timeframe required by law.

7. Security

We use reasonable administrative, technical, and physical safeguards to protect personal information against loss, theft, and unauthorized access. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

8. Changes to this policy

We may update this policy from time to time. The effective date at the top reflects the most recent version. Material changes will be posted on this page, and where appropriate, communicated to members directly.

9. Contact us

For questions about this policy or to make a privacy request, contact our Privacy Officer:

Privacy Officer, Toronto Product Management Association
Email: president@tpma.ca

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.