AIA Simplified

Privacy Policy

Effective Date: March 8, 2026 · Last Updated: March 8, 2026

AIA Simplified respects your privacy. This Privacy Policy explains what personal information we collect, how we use it, how we share it, and the choices available to you. It applies to aia-simplified.com and app.aia-simplified.com.

1. Who We Are

AIA Simplified provides software that helps organizations complete Algorithmic Impact Assessments under Canada's Directive on Automated Decision Making.

For Account Data and operational Usage Data, we act as the organization responsible for the processing described in this Policy. For personal information contained in Customer Data submitted by a Customer, we generally process that information on behalf of the Customer.

2. Information We Collect

2.1 Account Data

This may include:

  • full name
  • work email address
  • organization and role
  • account status and access permissions
  • login timestamps and related security records

2.2 Customer Data

Customer Data includes information entered into the Service by Customers and Authorized Users, such as assessment responses, AI tool registry information, evidence uploads, audit records, and generated exports and reports. Customers are responsible for deciding what they submit to the Service.

2.3 Usage Data

We collect limited technical and operational information about use of the Service, such as browser and device information, pages or screens accessed, timestamps and session activity, performance and error logs, and feature usage metrics.

2.4 Communications

If you contact us, we collect the information you provide in your message and related correspondence.

3. How We Collect Information

We collect information:

  • directly from you
  • from the Customer organization that creates or administers your account
  • automatically through the operation of the Service and essential cookies
  • from service providers that support authentication, infrastructure, email delivery, and operational monitoring

4. How We Use Information

We use personal information to:

  • provide and operate the Service
  • authenticate users and manage access
  • maintain security and investigate incidents
  • communicate about accounts, support, product updates, and service notices
  • process payments and manage subscriptions where applicable
  • troubleshoot, improve performance, and develop product improvements
  • comply with legal obligations and enforce our terms

We do not use Customer Data to train general purpose AI or machine learning models. We do not sell personal information.

5. Legal Bases

Where applicable law requires a legal basis, we rely on one or more of the following:

  • performance of a contract
  • legitimate interests in operating, securing, and improving the Service
  • compliance with legal obligations
  • consent, where consent is required

6. How We Share Information

6.1 Service Providers

We use service providers for hosting, storage, authentication, email delivery, security monitoring, and error diagnostics. These providers are permitted to use information only to provide services to us and are subject to contractual restrictions.

6.2 Within the Customer Organization

Authorized Users within the same Customer organization may see names, roles, and activity records where needed for workflow, audit, and governance features.

6.3 Legal and Safety Reasons

We may disclose information where required by law, legal process, or to protect the rights, security, or property of AIA Simplified, our users, or others.

6.4 Corporate Transactions

If we are involved in a merger, acquisition, financing, or sale of assets, information may be disclosed as part of that transaction, subject to appropriate safeguards.

7. Data Storage and Residency

Customer Data is stored in Canada during normal operations. Certain limited Account Data involved in transactional email delivery may be processed outside Canada. If we introduce a feature that would require Customer Data to be processed outside Canada, we will provide notice in advance.

8. Cookies and Similar Technologies

We use only cookies and similar technologies that are necessary for the Service to function, such as cookies used for authentication, session continuity, security, and load balancing. We do not use third-party advertising cookies or cross-site tracking cookies. Because we use only strictly necessary cookies, we do not currently present a marketing cookie consent banner.

9. Retention

We retain information for as long as needed to provide the Service, meet legal obligations, resolve disputes, and enforce agreements. Customer Data is retained while the subscription is active. After termination, Customer Data is retained for a limited export period and then deleted from active systems under our standard deletion process.

10. Security

We use safeguards designed to protect personal information, including encryption in transit, access controls, logging, backup procedures, and security monitoring. No method of transmission or storage is perfectly secure. See our Security Practices page for more information.

11. Your Rights

Depending on your jurisdiction and relationship to the Service, you may have rights to request access to, correction of, or deletion of your personal information, and to object to certain processing. To exercise these rights, contact privacy@aia-simplified.com.

12. Canadian Privacy Compliance

We aim to handle personal information in line with Canada's Personal Information Protection and Electronic Documents Act, or PIPEDA, and other applicable privacy laws. Where required by law, we will notify affected persons and regulators of reportable breaches.

13. Children

The Service is intended for business and organizational use and is not directed to children.

14. Third Party Sites

Our websites or Service may contain links to third-party websites. We are not responsible for their privacy practices.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If a change is material, we will provide reasonable notice.

16. Contact

For privacy questions, requests, or complaints:
AIA Simplified — Privacy
Email: privacy@aia-simplified.com
Website: aia-simplified.com

You may also have the right to complain to the Office of the Privacy Commissioner of Canada or another applicable regulator.