Privacy and Security Policy

Privacy and Security Policy for visitors to aiacontracts.org

(Effective July 6, 2017)

The American Institute of Architect’s (AIA) operates aiacontracts.org website. This Privacy and Security Policy relates only to the aiacontracts.org website and is not meant to apply to any other services provided by AIA such as AIA Discovery, AIA Career Center, AIA Architect Finder, etc. or the AIA.org website.

What information do we collect and how do we use it?

Personally Identifiable Information:  When you visit aiacontracts.org website, personally identifiable information such as your email address, name, phone number, mailing address, etc. may be collected.  Personally Identifiable Information is not shared with any outside vendors, partners, or external services.  We may use your personal information to contact you, in compliance with the CAN SPAM Act, with marketing or promotional materials, important information regarding the ACD Online Service, and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.  

Log Data:  We collect information that your browser sends whenever you access aiacontracts.org (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, and other statistics.  In addition, we may use third party services such as Google Analytics that collect, monitor, and analyze Log Data in order to improve the experience of website users.  If you wish to opt out of Log Data collection, you can utilize the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. AIA provides this information as a courtesy and requires you to perform all due diligence and research to determine if the Google Analytics Opt-out Browser Add-on addresses your individual concerns and meets whatever objectives you are trying to achieve.

Cookies:  We use cookies to improve our service and to maintain your logged in state (if applicable). Cookies are files with a small amount of data, which may include an anonymous unique identifier. We recommend that you allow your browser to accept cookies from aiacontracts.org so that we can issue a session cookie to record encrypted authentication information for the duration of a specific session.  If you do not accept cookies, you may not be able to use some features of our Website or experience a seamless experience.  We may also utilize cookies for the purpose of remarketing services such as Google Adwords and you may receive advertisements if you utilize other AIA services.  Please refer to the Privacy Policy on aia.org for additional information on how AIA.org uses remarketing services.

What else do I need to know?

Third Party Links: aiacontracts.org may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We advise you to review the privacy policy of every site you visit. AIA has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third-party sites or services.

Compliance with Laws:  In the event the AIA is requested or required, by subpoena, oral deposition, interrogatories, request for production of documents, administrative order or otherwise, to disclose data contained in the ACD Online Service, the AIA shall provide you notice of any such request so that you may seek, at your expense, an appropriate protective order. If, in the absence of a protective order, the AIA is compelled by law, in the opinion of its counsel, to disclose any Client Information, the AIA may make such disclosure after notice to you.

Changes to the ACD Online Service Privacy and Security Policy:  We reserve the right to update or change this Privacy and Security Policy at any time.  Your continued visiting of the website after we post any modifications to the policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified policy.

Contact Us:  If you require additional information, contact us at 1-800-942-7732 or Docstechsupport@aia.org.

Last updated: July 6, 2017.

Privacy and Security Policy for AIA Contract Documents Online Service

(Effective July 6, 2017)

The American Institute of Architect’s (AIA) operates AIA Contract Documents® Online Service, including its associated software system, templates, and forms (collectively, the “ACD Online Service” or “Service”).  This Privacy and Security Policy for AIA Contract Documents® Online Service and the related Terms of Service relate only to the ACD Online Service and are not meant to apply to any other services provided by AIA such as AIA Discovery, AIA Career Center, AIA Architect Finder, etc. or the AIA.org website. To view our detailed Terms of Service, please click here.

What information do we collect and how do we use it?

Personally Identifiable Information:  When you register to use the ACD Online Service, personally identifiable information such as your email address, name, phone number, mailing address, etc. is collected.  Personally Identifiable Information is not shared with any outside vendors, partners, or external services.  We may use your personal information to contact you, in compliance with the CAN SPAM Act, with marketing or promotional materials, important information regarding the ACD Online Service, and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.  

Client Information:  When using the ACD Online Service, you, or your Authorized Users, will be able to create contract documents for your design or construction projects that are personalized with various types of Client Information.  Client Information includes all the data you or your Authorized Users submit, upload, store, or send to or through the ACD Online Service.  Client Information does not include data submitted by other users, data obtained from sources other than you, or any publicly available data.  By using the ACD Online Service and uploading, submitting, storing, or sending Client Information to or through the Service, you give AIA a limited, non-exclusive, royalty-free, worldwide license to use aggregated and anonymized data (“Aggregated Data”) from Client Information, excluding information contained in draft contracts; to analyze such aggregated and anonymized data; to create and publish derivative works from such data; and to perform internally all operations necessary for the creation of such works.  This license continues even if you stop using the ACD Online Service.  

AIA considers Aggregated Data to be the result of that information which has been sanitized through encryption or removal of identifying information from data as a means to protect Client Information, that is then combined with several data sets from which observations are made.  Such data is then replaced with summary statistics based on those observations.

For the avoidance of doubt, Aggregated Data shall only include data derived from final ACD documents generated by you, i.e. final agreements and forms.  Further, for the avoidance of doubt, the AIA’s generation of Aggregated Data is an automated process through the ACD Online Service software, and the at no point during the generation of Aggregated Data process will AIA staff or agents read, review, or otherwise directly access such data.

Client Information can be deleted by you or your authorized users at any point during the drafting process or after the contract document has been finalized.  If you do not want to upload or store Client Information to the ACD Online Service, functionality exists within the ACD Online Service to download and draft the documents offline on your local machine.

Log Data:  We collect information that your browser sends whenever you access the ACD Online Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, and other statistics.  In addition, we may use third party services such as Google Analytics that collect, monitor, and analyze Log Data in order to increase our Service’s functionality.  If you wish to opt out of Log Data collection, you can utilize the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptou0074 – for your web browser. ACD Online Service provides this information as a courtesy and requires you to perform all due diligence and research to determine if the Google Analytics Opt-out Browser Add-on addresses your individual concerns and meets whatever objectives you are trying to achieve.

Cookies:  We use cookies to improve our service and to maintain your logged in state.  Cookies are files with a small amount of data, which may include an anonymous unique identifier. We recommend that you allow your browser to accept cookies from contractdocs.aia.org so that ACD Online Service can issue a session cookie to record encrypted authentication information for the duration of a specific session.  If you do not accept cookies, you may not be able to use some features of our Website or experience a seamless experience.  Although ACD Online Services does not utilize cookies for the purpose of remarketing services such as Google Adwords, you may receive advertisements from AIA.org if you utilize other AIA services.  Please refer to the Privacy Policy on aia.org for additional information on how AIA.org uses remarketing services.

How secure is my data?

We strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information that we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.  Unfortunately, there is no method of transmission over the internet, or method of electronic storage that is 100% secure, and we are unable to guarantee the absolute security of the information that we have collected from you.  We have outlined below some of our security and accessibility controls that are currently in place.  We do not publically disclose specific details of our defense in depth security posture in order to avoid compromising these measures.  

Physical Security:  ACD Online Service is hosted in a top-tier data center with multiple layers of physical security and protections from environmental disasters.

Connectivity: ACD Online Service is accessed utilizing fully redundant high speed network connections.  A three-tier architecture exists behind next generation firewalls that provide IDS and IPS capabilities.

How do we protect your data?

Disaster Recovery:  ACD Online Service was designed to be highly available and fault tolerant. Databases are replicated in real-time between geographically diverse top-tier data centers so that the ACD Online Service will continue to be fully functional.

Two Factor Authentication:  ACD Online Service requires a unique username and password that must be entered each time a user logs on and, similar to financial institutions, a secondary method of authentication, such as phone or email, to establish that a trusted computer/browser is being utilized.

Penetration Testing:  ACD Online Service engages an external organization to perform penetration tests at least semi-annually.

Security Best Practices:  Although ACD Online Services provides multiple layers to keep your data safe, we are also dependent on you to ensure that you maintain the security of your account by using sufficiently complicated passwords.  In addition, you and your authorized users need to have sufficient security on your own systems, such as anti-virus, anti-malware, firewalls, etc. If you suspect that your account has been compromised or if you notice anything suspicious, please contact us immediately at 1-800-942-7732 or Docstechsupport@aia.org

What else do I need to know?

International Transfer:  All data associated with ACD Online Service is stored in the United States.  If you are located outside of the United States and choose to provide information to ACD Online Service, you are agreeing to have your information, including personal information, transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ.

Third Party Links: ACD Online Service contains links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We advise you to review the privacy policy of every site you visit. ACD Online Service has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party sites or services.

Deletion of Data:  If you allow your subscription to ACD Online Service to lapse, decide not to renew, or terminate the service, we may destroy any Client Information, finalized contracts, draft contracts, or other materials stored in ACD Online Service.  Prior to the expiration of your ACD Online Service subscription, you should utilize the features within the Service to download and save local copies of any finalized documents you wish to retain.  

No Unique Provisions:  As a non-profit organization, we do not have the internal capabilities to provide or implement organization-specific accommodations, such as entering into individualized non-disclosure agreements or providing individualized security modifications.  If you wish to limit our collection of your information, you may do so by using certain existing features of the ACD Online Service in the manner described in this Privacy and Security Policy.  For example, you have options to download documents to your local machine and work offline so that Client Information is not uploaded to ACD Online Services or utilize a browser add-on to block the collection of Log Data.  

Compliance with Laws: In the event the AIA is requested or required, by subpoena, oral deposition, interrogatories, request for production of documents, administrative order or otherwise, to disclose data contained in the ACD Online Service, the AIA shall provide you notice of any such request so that you may seek, at your expense, an appropriate protective order. If, in the absence of a protective order, the AIA is compelled by law, in the opinion of its counsel, to disclose any Client Information, the AIA may make such disclosure after notice to you.

Changes to the ACD Online Service Privacy and Security Policy:  We reserve the right to update or change this Privacy and Security Policy at any time.  Your continued use of the Service after we post any modifications to the policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified policy.

Agreement to the ACD Online Service Privacy and Security Policy:  You represent that you have the legal authority to accept the Terms of Use and the ACD Online Service Privacy and Security Policy on behalf of yourself, or any party you represent, and that you are 18 years of age or older. If you do not agree to these terms, you must discontinue use of ACD Online Services.

This privacy policy is effective as of July 6, 2017 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

Contact Us:  If you require additional information, contact us at 1-800-942-7732 or Docstechsupport@aia.org.

Last updated: July 6, 2017.