Privacy and security have always been the foundation of Airtable's approach to product development and business, and we continuously evaluate all our practices in an effort to safeguard your information as effectively as possible. In that vein, we're glad to comply with the General Data Protection Regulation ("GDPR") and to help Airtable customers comply with the GDPR.
To view our most up to date privacy policies, please visit: https://airtable.com/privacy.
What is GDPR?
On May 25, 2018, the General Data Protection Regulation (GDPR) will officially take effect. For European individuals, the GDPR expands their data privacy rights and gives them more power to control their data. For companies that process the personal data of these European individuals, the GDPR requires compliance with a new set of regulations.
The GDPR outlines specific requirements that these companies must satisfy, as well as specific rights that European individuals can exercise with these companies. Further information on the GDPR is available on the European Union’s official website: https://ec.europa.eu/info/law/law-topic/data-protection_en.
Data processing agreement
Airtable offers Data Processing Agreements (DPAs) to users upon request. This DPA includes standard contractual clauses ("Model Clauses") that are the mechanism for GDPR-compliant data transfer. To request a DPA, please email email@example.com from the email address associated with your Airtable account.
Please note that our DPA has been tailored to the way Airtable provides its service, and as a result, changes to DPA language are only available for enterprise accounts.
Airtable is located in the US and is hosted using US-based AWS servers (US-East-1). We don't have plans to host Airtable on any other servers outside the US at this time. If you'd like a deeper understanding of how Airtable approaches security, you can read more here.
Features to support GDPR requirements
Airtable can help you meet your data portability requirements for the GDPR. You can easily export data from your bases and permanently delete data.
Data protection officer
We have appointed a Data Protection Officer. For more information, contact firstname.lastname@example.org.
If you have further questions, please reach out to email@example.com.