AIA Simplified

Terms of Service

Effective Date: March 8, 2026 · Last Updated: March 8, 2026

Welcome to AIA Simplified. These Terms of Service, or Terms, are a legal agreement between you and AIA Simplified, also referred to as we, us, or our. They govern your access to and use of the AIA Simplified platform available at aia-simplified.com and app.aia-simplified.com, including related features, tools, APIs, and documentation.

By accessing or using the Service, you agree to be bound by these Terms. If you do not agree, do not use the Service.

1. Definitions

For these Terms:

  • Service means the AIA Simplified platform, including related features, tools, APIs, and documentation.
  • Customer means the organization that subscribes to the Service.
  • Authorized User means an individual the Customer authorizes to access the Service.
  • Customer Data means information submitted to the Service by the Customer or its Authorized Users, including assessment responses, tool registry entries, evidence uploads, audit logs, and exported reports.
  • Account Data means administrative account information such as names, email addresses, and role assignments.
  • Usage Data means aggregated or de-identified information about use of the Service that does not identify an individual or Customer.
  • Order means any order form, subscription, proposal, or other commercial document that sets out pricing, term, or service details.

2. About the Service

AIA Simplified helps organizations complete Algorithmic Impact Assessments under Canada's Directive on Automated Decision Making.

The Service is a compliance support tool. It does not provide legal advice, regulatory advice, or professional advice. Outputs generated by the Service, including impact scores, reports, and recommendations, support internal decision making but do not replace professional judgment. The Customer remains responsible for its own compliance decisions and for the accuracy of the information entered into the Service.

3. Eligibility and Organizational Use

The Service is intended for organizational use. An individual who creates an account or accepts these Terms on behalf of a Customer represents that they have authority to bind that Customer.

The Customer is responsible for all activity carried out through its Authorized User accounts.

4. Accounts and Security

Each Authorized User must have a unique account. Shared logins are not permitted.

The Customer and its Authorized Users are responsible for:

  • maintaining the confidentiality of login credentials
  • assigning roles appropriately
  • promptly removing access for individuals who no longer require access
  • notifying us promptly of suspected unauthorized access or credential compromise

We may offer authentication features such as single sign-on. Customers should enable any security controls available through their identity provider where appropriate.

5. User Roles and Separation of Duties

The Service supports role-based access controls. Access rights vary by role.

Typical roles include:

  • Owner. Full administrative control, including billing and organization settings.
  • Admin. User management, approval actions, and AI tool registry management.
  • Member. Create and edit assessments and upload evidence.
  • Viewer. Read-only access.

The Service is designed to enforce separation of duties for approval workflows. A user who submits an assessment cannot approve that same assessment. The Customer is responsible for assigning roles within its organization in a manner that matches its internal governance requirements.

6. Customer Data

6.1 Ownership

The Customer retains all rights, title, and interest in Customer Data. We do not claim ownership of Customer Data.

6.2 Limited Rights to Process Data

The Customer grants us a limited, non-exclusive right to host, store, transmit, display, back up, and otherwise process Customer Data only as necessary to provide, secure, maintain, support, and improve the Service.

6.3 What We Do Not Do With Customer Data

We do not:

  • sell Customer Data
  • use Customer Data for advertising
  • share Customer Data with other customers
  • use Customer Data to train general purpose AI or machine learning models

6.4 Support and Maintenance Access

We may access Customer Data only where reasonably necessary to provide support, investigate issues, maintain the Service, comply with law, or protect the security of the Service. Such access is limited to authorized personnel and is subject to access controls and logging.

6.5 Usage Data

We may collect Usage Data to operate, secure, improve, and understand use of the Service. Usage Data does not include Customer Data in identifiable form.

6.6 Audit Logs

The Service maintains audit records of significant actions within the platform. Audit logs form part of Customer Data.

7. Privacy and Data Processing

Our handling of personal information is described in our Privacy Policy. To the extent we process personal information contained in Customer Data on behalf of a Customer, we do so as a service provider or processor to that Customer, and the Customer remains responsible for its instructions and legal basis for that processing.

8. Data Security

We maintain administrative, technical, and organizational safeguards designed to protect Customer Data. For more detail, see our Security Practices page.

9. Data Residency

Customer Data is hosted in Canada during normal operations. Transactional email providers may process limited Account Data, such as name and email address, outside Canada for delivery of password resets, invitations, and similar operational messages.

10. Service Availability and Support

We work to maintain reliable availability of the Service. Any uptime targets, service commitments, support scope, or response times that apply to a Customer will be set out in the applicable Order, support terms, or service level document, if any.

Unless otherwise agreed in writing, support is provided by email during normal business hours in Eastern Time on business days, excluding Canadian statutory holidays.

11. Fees and Payment

Fees, billing frequency, payment terms, and subscription term are set out in the applicable Order.

Unless otherwise stated in the Order:

  • fees are stated in Canadian dollars
  • invoices are due within 30 days of invoice date
  • overdue undisputed amounts may accrue interest at the lesser of 1.5 percent per month and the maximum amount permitted by law

We may change pricing at renewal by giving reasonable prior notice.

12. Acceptable Use Restrictions

The Customer and its Authorized Users must not:

  • reverse engineer, decompile, or disassemble the Service except where applicable law prohibits that restriction
  • attempt to gain unauthorized access to the Service or to data belonging to another customer
  • interfere with or disrupt the integrity or performance of the Service
  • upload malicious code
  • scrape or extract data except through permitted features or with our written approval
  • use the Service in violation of applicable law
  • bypass role-based access controls, workflow controls, or security features
  • resell or sublicense the Service unless expressly authorized in writing

13. Intellectual Property

We own all right, title, and interest in and to the Service, including software, design, documentation, branding, and related intellectual property, other than Customer Data. If you provide feedback, suggestions, or ideas about the Service, we may use them without restriction and without obligation to you.

14. Confidentiality

Each party may receive confidential information from the other. Each party agrees to protect the other party's confidential information using reasonable care and to use it only as needed to perform under these Terms.

Confidential information does not include information that:

  • becomes public through no fault of the receiving party
  • was already known to the receiving party without restriction
  • is independently developed without use of the confidential information
  • is lawfully received from another source without restriction

15. Data Loss, Backups, and Recovery

We maintain backup and recovery procedures for the Service. If data loss occurs because of a failure on our side, we will use commercially reasonable efforts to restore Customer Data from the most recent available backup. We do not guarantee zero data loss. Customers should export important data periodically.

16. Security Incident Notification

If we confirm unauthorized access to Customer Data caused by a security incident affecting the Service, we will notify the affected Customer without undue delay and provide available details about the nature of the incident, the categories of data affected, and the remediation steps taken.

17. Warranties and Disclaimers

We warrant that we will provide the Service in a professional and workmanlike manner. Except as expressly stated in these Terms or an applicable Order, the Service is provided on an as-available basis. To the maximum extent permitted by law, we disclaim all implied warranties.

18. Limitation of Liability

To the maximum extent permitted by law, our aggregate liability arising out of or related to the Service or these Terms will not exceed the fees paid by the Customer for the Service in the 12 months before the event giving rise to the claim. Neither party is liable for indirect, incidental, special, consequential, exemplary, or punitive damages.

19. Indemnities

We will defend the Customer against a third-party claim that the Service infringes that third party's intellectual property rights, subject to the conditions described in these Terms. The Customer will defend us against third-party claims arising from Customer Data, the Customer's unlawful use of the Service, or the Customer's breach of these Terms.

20. Term and Termination

These Terms remain in effect while the Customer uses the Service. Either party may terminate for material breach if the other party fails to cure that breach within 30 days after written notice.

21. Changes to the Service or Terms

We may update the Service and these Terms from time to time. If we make a material change to these Terms, we will provide reasonable notice. Continued use of the Service after the effective date of the updated Terms constitutes acceptance of the revised Terms.

22. Governing Law

These Terms are governed by the laws of Ontario and the federal laws of Canada applicable in Ontario, excluding conflict of laws rules. The parties submit to the exclusive jurisdiction of the courts of Ontario.

23. General

These Terms, together with any applicable Order and any incorporated policies or data processing terms, form the entire agreement between the parties regarding the Service. If any provision is unenforceable, the remainder remains in effect.

24. Contact

For legal questions about these Terms:
AIA Simplified
Email: support@aia-simplified.com
Website: aia-simplified.com