What Personal Information We Collect
- Contact information such as name, job title, firm, mailing address, email address, and phone number. When relevant to events, we also collect and process payment details.
- Records about your participation in events and committees.
- Internet protocol (IP) addresses, the username you use to log in to restricted areas of our website, the names of all sections of our website that you view or download, and the dates and times of access.
- Profile data including your username.
- Usage data including information about how you use our website and services.
- Marketing and communications data including your preferences.
- Aggregated data such as statistical or demographic data.
When We Collect Personal Information
We collect information when we interact with you by email, phone, mail, or in person regarding events, as well as when you create an account, participate in membership activities, subscribe to communications, respond to one of our emails, or when you register for or attend our events or otherwise directly interact with us. We may also collect information from your firm. The IAA website includes a list of member firms that is publicly accessible.
What We Do With Your Personal Information
Personal information is collected primarily to help better serve IAA members, to perform a contract with you, to comply with a legal obligation, or because it is necessary for our legitimate operational needs and mission: to operate the IAA, keep our records updated, study how our services are used, receive payment for our services, provide administration and IT services, network security, prevent fraud, keep our website and services updated and relevant, develop our services and grow the IAA, and inform our marketing strategy.
The IAA collects basic contact information from you when you request access to the members-only area of the IAA website. That information is collected in order to confirm your association with a member firm and to allow the IAA to notify you of changes in the content or operation of our website.
The IAA uses collected information to maintain security and to evaluate traffic patterns on our website (but we do not monitor the behavior of specific individuals on our website). The IAA employs the use of encryption and other technologies to help protect all information gathered via our website. The IAA provides our members with access to restricted areas of our website. Your login information should never be shared with anyone.
We use your information in order to provide you with information about developments and events that may interest you. On our website, we keep track of your information so that it is easier for you to register. Other information is gathered so that we can bill you, but we do not retain financial information once the transaction is complete.
Unless we are prohibited by the laws in your jurisdiction that apply to us, we will send you electronic mailings about our future events. You can opt out of all such emails and ask us to stop sending you marketing messages at any time by following the unsubscribe link on any marketing message sent to you or by contacting us.
We may also use your data to perform the contract we are about to enter into or have entered into with you, or to comply with a legal or regulatory obligation.
We use your data to manage our relationship with members, including communicating with you and responding to your requests, to register you as a user through our website or your firm as a new member, to process payments associated with our events, to administer and protect our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data), to use data analytics to improve our website, services, marketing, member relationships, and experiences, and to make suggestions about services and events that may be of interest to you.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.
Disclosure and Transfer of Personal Information
The IAA shares or discloses personal data when necessary for the purposes described above. When we share personal data, we do so in accordance with applicable law. We may share your personal information with:
- Third parties in the context of the management of the IAA or its operations, such as to manage our databases; assist us in distributing emails; provide us storage and analysis; provide fraud prevention; and provide other services designed to assist us in providing our services;
- Sponsors, exhibitors, and other businesses that attend our events; the IAA also typically includes business contact information for attendees, exhibitors, and speakers in our conference or event materials;
- Third-party service providers that provide various services including IT, banking, legal, insurance, and accounting services; and
- Third parties when it is legally required, such as to respond to requests from government agencies, including law enforcement and regulatory authorities, or to protect our rights, privacy, safety, or property, or those of other persons.
We require third parties to keep confidential all information we share with them and to use the information only to perform their obligations in our agreements with them, and not for any other use except with your consent.
We do not disclose any personal information to third parties except in limited circumstances. Such circumstances include disclosures of your business contact information to third-party sponsors or exhibitors of IAA events. In addition, your business contact information may be used to send you information about the IAA or its events. You can choose to unsubscribe from any electronic mailings for future events, although we may need to contact you regarding membership issues.
If you are accessing the website from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. The data protection laws of the United States may not be equivalent or as comprehensive as the data protection laws as those in your country.
The IAA uses Google analytics. You may turn off Google analytics tracking and disable cookies in your browser settings. Google Analytics does not share actual IP address information with Google Analytics customers.
We may also track users by IP address and by Cookies (cookies can be disabled in your browser settings) for broad demographic data, as well as to help make sure that we are delivering the information you want.
“Do Not Track” signals are options available on your browser to tell operators of websites that you do not wish to have your online activity tracked. Our websites operate no differently if these “Do Not Track” signals are enabled or disabled. Our website does not allow any third parties to collect personal information about your online activities over time or across websites for their own purposes.
We have put in place security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and third parties that have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Our security policies and procedures include:
- measures to protect against accidental loss and unauthorized access, use, destruction, or disclosure of personal data;
- appropriate measures and controls, including monitoring and physical measures, to store and transfer personal data securely;
- privacy and data security information to our staff as well as making them aware of our protocols and procedures regarding the protection of personal data to ensure that they are informed about our information security policies and procedures and aware of their responsibilities; and
- requiring any third-party service providers with whom we share personal data to protect such personal data in accordance with our security policies and procedures.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How Long We Retain Personal Information
We store personal data for different periods of time consistent with the purposes for which they were originally collected, as subsequently further authorized, or when required or allowed under applicable law. The IAA will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. When we no longer need personal data, we seek to ensure that it is securely deleted or destroyed. If third parties use information about you that we have shared with them with your consent, we are not responsible for monitoring their storage and use of that information.
The IAA does not knowingly collect, maintain or process personal information submitted online by anyone under the age of 18.
California Privacy Rights
Under California Civil Code Section 1798.83, California customers are entitled to request information relating to whether a business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with which it was shared, along with their names and addresses. If you are a California resident and would like to make such a request, please submit your request in writing at the address below.
Nevada Privacy Rights
If you are a resident of Nevada, you may opt out of the sale of certain kinds of personal information. A sale under Nevada law is the transfer of this personal information to third parties for monetary consideration so these third parties can then re-sell or license the sold information. We do not sell your personal information to third parties as defined in Nevada law. If you are a Nevada resident and wish to obtain information about our compliance with Nevada law, please contact us as provided below.
How to Contact Us About Privacy
818 Connecticut Ave. NW, Suite 600
Washington, DC 20006