All visitors who want to see research content, tables, comparisons, or technical commentary

People who send in corrections, references, or technical clarifications

Users downloading materials related to specifications (if they are available)

Messages sent through email or web forms

This policy doesn’t apply to any of the third-party websites, manufacturer portals, certification bodies, or standards organisations that are linked to from this site. Those groups have their own rules about privacy.

Information that can be used to identify someone or that can be reasonably linked to them, such as their email address, IP address, or device identifiers.

Data about the project context

AEC information that is not personal but is sensitive to business that may come up in communications, such as:

References for Division 22 Plumbing

Schedules for fixtures

Stories about the basis of design

Comments on submission

Notes on how to coordinate BIM

Documents that show compliance with water use

Telemetry

Operational and security data that is created when you visit a website, such as request headers, timestamps, IP routing data, and browser metadata.

Definitions (AEC-Contextual)

Personal Information

Information that can be used to identify someone or that can be reasonably linked to them, such as their email address, IP address, or device identifiers.

Data about the project context

AEC information that is not personal but is sensitive to business that may come up in communications, such as:

References for Division 22 Plumbing

Schedules for fixtures

Stories about the basis of design

Comments on submission

Notes on how to coordinate BIM

Documents that show compliance with water use

Telemetry

Operational and security data that is created when you visit a website, such as request headers, timestamps, IP routing data, and browser metadata.

We might gather:

Name (optional)

Optional: professional affiliation

Address for email

Questions about technology or comments on research

Uploaded files (if the submission feature is available)

Users should not send in private project documents unless they have permission.

Technical Data That Is Collected Automatically

When you visit the site, the following information may be gathered:

IP address (for routing, limiting rates, and stopping abuse)

Identifiers for browsers and devices (user agent string, OS family, viewport class)

Logs of page access and response codes

URLs that point to

Indicators of security events, like finding unusual traffic

This data helps with analysis of system integrity and performance.

Cookies and Local Storage

The site might use cookies or something like them for:

Continuity of the session

Storage of preferences, like consent settings

Research analytics that combine different types of data

We want to keep persistent identifiers to a minimum and not track behaviour across sites. You can turn off non-essential cookies in your browser if you want to.

We process information for the following reasons:

Keeping the website’s technical availability and security up to date

Stopping abuse, bots, and denial-of-service attacks

Making research materials clearer and better

Answering questions that are specific to AEC

Keeping citations correct and revisions honest

Following the law when it applies

We don’t sell your personal information.

Legal Basis for Processing (If Applicable)

Depending on the law, processing may depend on:

Real interest (site security, improving research)

Consent (if needed for optional analytics or communication subscriptions)

Legal duty (following rules set by the government or the courts)

References to rules:

GDPR stands for General Data Protection Regulation.

Portal for the California Consumer Privacy Act (CCPA/CPRA)

Things to think about when it comes to AEC confidentiality

Architectural and engineering workflows often contain confidential business information. For example:

Identifying the owner or project

Budgets for construction or other options

Choices made in value engineering

Sustainability records

Stories about replacing products

Interpretations of how to follow LEED, WELL, or local plumbing codes

Users are asked to remove any personal or private information before sending it in. If you accidentally send sensitive information, please contact us to have it deleted.

Sharing Data: Technical and Infrastructure Providers

We might use companies that host websites, deliver emails, or provide analytics. These organisations may only use technical data to provide infrastructure services.

Following the Law

When the law, a court order, or the need to protect system integrity requires it, information may be shared.

Transfer of Organization

If the structure of site ownership changes, information may be shared as long as the same privacy protections are in place.

Moving Data Between Countries

Data may be processed in places other than where you live. Safeguards that are appropriate are put in place in accordance with the rules that apply.

Keeping Data

Minimisation principles guide retention practices:

Keeping security logs only as long as needed for monitoring and responding to incidents

Technical correspondence kept for research purposes

Backup data is rotated based on operational cycles.

Data is only kept as long as is necessary for research integrity or legal compliance.

You may have rights depending on where you live:

Ask to see your personal information

Fix mistakes

Request deletion (as long as security or legal issues don’t get in the way)

Object to or limit some processing

If you want to, you can choose not to sell or share.

GPC, or Global Privacy Control

Browser-based Global Privacy Control signals may be recognised when it is technically possible.

Reference for the specification:

W3C Global Privacy Control Specification

Site for the project:

Control of Privacy Around the World

Kids’ Privacy

This site is meant for people who work in the AEC field. It is not meant for kids, and we don’t knowingly collect personal information from kids.

Content that is built in and links to other sites

Articles might talk about or link to:

Groups that set standards

Organisations that give out certifications

Technical documents from the manufacturer

Standards for BIM and specifications

Their privacy policies apply when you use those outside resources.

Controls for Administration

Access to administration with the least amount of privilege

Controls for managing credentials

How to manage patches

Technical Controls

TLS encryption while in transit

Server configuration that is more secure

Detecting traffic anomalies and limiting rates

Handling secure authentication (no storing credentials in plain text)

Checking and Making Sure the Framework Fits

Widely accepted frameworks help shape security posture, such as:

The NIST Privacy Framework

OWASP Application Security Verification Standard (ASVS)

A short look at ISO/IEC 27001

Reference alignment does not mean that you are certified.

Sharing Data: Technical and Infrastructure Providers

We might use companies that host websites, deliver emails, or provide analytics. These organisations may only use technical data to provide infrastructure services.

Following the Law

When the law, a court order, or the need to protect system integrity requires it, information may be shared.

Transfer of Organization

If the structure of site ownership changes, information may be shared as long as the same privacy protections are in place.

Moving Data Between Countries

Data may be processed in places other than where you live. Safeguards that are appropriate are put in place in accordance with the rules that apply.

The terms and compliance context used on this site come from:

AEC Standards and BIM

buildingSMART Industry Foundation Classes (IFC)

buildingSMART server for standards

NIBS COBie (NBIMS)

CSI MasterFormat

Water Efficiency and Performance Setting

Specifications for EPA WaterSense products

LEED Indoor Water Use by the U.S. Green Building Council

These references are given for context and do not mean that they are connected.

Get in touch You can send questions about privacy to:

info@archdaily.blog

You can send questions about privacy to:

info@archdaily.blog