Privacy Policy

AirState LLC Privacy Policy

Effective Date: May 15, 2025 Last Updated: June 15, 2025 AirState LLC (“AirState”, “we”, “us” or “our”) is a Denver-based company providing a real-time collaboration platform. We are committed to protecting the privacy of our users. This Privacy Policy explains what personal data we collect, how and why we use it, our use of third-party services, and your rights regarding your data. It is designed to comply with the EU General Data Protection Regulation (GDPR) and the UK GDPR, and to be transparent and accessible, even for developers. If you have any questions about this policy or how AirState handles personal data, please contact us at privacy@airstate.com or at our mailing address: AirState LLC, 1500 N Grant St, Ste R, Denver, CO 80203, USA.

Personal Data We Collect

We collect and process several categories of personal data to provide and improve our services:

Account Information: When you sign up for AirState, we collect your name and email address. We use this to create and administer your account, identify you on the platform, and communicate with you (e.g., account confirmations, receipts, or updates).
Contact and Communications: If you contact us (for example, for support), we collect the information you provide in those communications (such as your email inquiries or feedback) and any contact details you provide. This is used to respond to you and resolve issues.
Automatically Collected Data: When you use AirState, we automatically collect certain technical and usage information:
IP Address: Each time you interact with our platform, we log your IP address. This is used for security (e.g., to detect suspicious logins), for analyzing usage by region, and to help diagnose service issues.
Device and Browser Information: We collect information about the device and browser you use to access AirState (such as device type, operating system, browser type and version) and other technical identifiers. This helps ensure compatibility and optimize our platform’s performance.
Usage Data: We track how you use our platform – for example, the features you use, pages or screens you visit, collaborations or projects you work on, and timestamps of activities. This usage data helps us understand user engagement, improve features, and fix bugs. It may be collected via logs and analytics tools.
Cookies and Tracking Data: We use cookies and similar tracking technologies to collect data about your interactions with our website:
Session cookies to keep you logged in and remember settings (these expire when you log out or close your browser).
Analytics cookies (see Google Analytics in Third-Party Services below) to gather information on site traffic and usage patterns. These may collect data like your IP (which we anonymize for EU users) and browsing behavior on our site.
You can control or block cookies through your browser settings. Note that disabling certain cookies (especially session cookies) may affect functionality. We will obtain consent for non-essential cookies (such as analytics cookies) where required by law.
Payment Information: If you choose a paid plan, you will provide payment details (e.g., credit card information). We do not store your full payment card details on our systems; instead, this information is handled by our third-party payment processor (Stripe) as described below. We may retain records of your transactions (e.g., the fact that you purchased a subscription, the amount and date) for billing and financial record-keeping.

We do not intentionally collect any sensitive personal data such as government IDs, health information, or biometric data. We also do not knowingly collect personal data from children under 18; our service is intended for adult users. If we learn that a minor under 18 has provided personal data, we will take steps to delete such data. By using AirState, you confirm that you are at least 18 years old or have the permission of a parent/guardian.

How We Use Personal Data

AirState uses your personal data for the following purposes:

To Provide the Service: We use account data (name, email) to create and maintain your account, allow you to log in, and enable core collaboration features. Usage data is used to deliver content to you in real time and to ensure the service functions as intended (performance, load balancing, etc.). Without this data, we cannot provide the service you expect (this use is necessary for the performance of our contract with you).
To Communicate with You: We use your email to send necessary transactional emails about the service – for example, welcome emails, password reset emails, billing receipts, important announcements about critical platform changes, or service notifications. These are not marketing messages, but essential communications to operate the service. You cannot opt out of these service communications if you maintain an account, since they are needed to fulfill our service obligations.
To Send Marketing Communications (With Consent): If you expressly opt-in (or as allowed by law for existing customers), we may send occasional marketing emails or newsletters to the email address you provided. These may include product updates, promotions, or tips on using AirState. You can unsubscribe at any time by clicking the “unsubscribe” link in any marketing email or by contacting us. We will not send you promotional emails if you have opted out or if you haven’t given consent when required.
Analytics and Product Improvement: We process usage data and technical data to understand how our platform is used and to improve it. For example, we analyze which features are most popular or see how users navigate the interface. This helps us identify what works, fix what doesn’t, and make informed decisions about new features. We primarily use aggregated or anonymized data for analytics. When analytics cookies are used, we obtain consent where required (e.g., for users in the EU). This processing is based on our legitimate interests in improving our product and user experience, but we balance this against your rights and provide opt-outs where appropriate.
Error Monitoring and Debugging: We continually work to make AirState reliable and bug-free. To that end, we use error monitoring tools (described below) to capture error logs and crash reports. When the app encounters an error, our systems record technical information about the issue (such as error messages, the sequence of actions leading to the error, device/browser info, and possibly your user ID or IP) and send it securely to our error tracking service. We use this data to diagnose and fix problems quickly. This is in our legitimate interest to maintain a high-quality service. We minimize any personal data included in error reports, but incidental data may be transmitted (for example, your IP or user identifier might be included in a crash log).
Security and Fraud Prevention: We may process personal data to protect our platform and users. For instance, we use IP addresses and device information to detect suspicious or malicious activity (such as unauthorized access attempts or potential fraud), and to prevent abuse. If we detect potential security issues or fraud, we may use personal data to investigate and mitigate these issues. This processing is based on legitimate interests (to keep our service secure) and in some cases compliance with legal obligations (e.g., obligations to prevent fraud or report illegal activity).
Compliance with Legal Obligations: We will use or disclose personal data where necessary to comply with applicable laws and regulations. For example, keeping transaction records for tax and accounting purposes, or disclosing information in response to valid legal process (such as a court order or subpoena) if required. When we receive government or law enforcement requests for data, we scrutinize them and only comply if legally compelled.

We will not use personal data for new purposes that are incompatible with the above without updating this Privacy Policy or obtaining your consent when required. We do not engage in any automated decision-making or profiling that produces legal or similarly significant effects on you – all personal data processing is as described above and involves human-relevant processes (e.g. providing service features, analytics reviewed in aggregate by humans, etc.).

If you are a user in the European Economic Area (EEA) or United Kingdom (UK), our processing of your personal data is only lawful if we have a valid legal basis under Article 6 of the GDPR (or UK GDPR). Depending on the context, we rely on the following legal bases:

Performance of a Contract (Art. 6(1)(b) GDPR): We process personal data that is necessary to provide our services under our Terms of Service with you. This includes managing your account, providing collaboration features, and sending service communications. For example, we need your email to create your account and send important notices, and we need to process usage data to deliver the functionality you expect. Without this data, we cannot fulfill our contract to provide the service.
Consent (Art. 6(1)(a) GDPR): We rely on your consent in certain cases – notably for optional marketing emails and for the use of analytics cookies or similar technologies for tracking, where required. If we ask for your consent, you have the right to withdraw it at any time. For example, we will only send promotional emails if you have opted in; you can later opt out by unsubscribing. Withdrawing consent will not affect the lawfulness of any processing already carried out based on your consent before withdrawal.
Legitimate Interests (Art. 6(1)(f) GDPR): We process some data for purposes that are not strictly required for the service, but that have clear benefits to our business or users, in a way that does not override your privacy rights. Specifically, our legitimate interests include:
Improving and developing our platform (using analytics and feedback to make the product better).
Ensuring IT security and fraud prevention (monitoring logins, preventing abuse, maintaining backups).
Providing customer support and responding to inquiries.
Note: When relying on legitimate interests, we consider and balance any potential impact on your rights. For example, in analytics we may anonymize data and give users control over cookies to mitigate privacy impact.
Legal Obligation (Art. 6(1)(c) GDPR): In some cases, we must process or retain certain data to comply with a legal obligation. For instance, accounting laws may require us to keep transaction records (including personal data like names on invoices or transaction emails) for a certain period. If we are subject to legal requirements (such as regulatory inquiries or lawful requests), we will process personal data as needed to comply.

We will clearly indicate the legal basis whenever we collect or process personal data from you, if required. If you have questions about the specific legal basis for any processing of your personal data, feel free to contact us.

AirState does not sell your personal data. However, we do share certain personal data with third-party service providers and partners who help us run our platform. These providers process data on our behalf for specific purposes, under strict contracts that protect your information. The key third-party services we use are:

Stripe (Payment Processing): We use Stripe for payment processing, subscription management, and certain analytics related to our business operations. If you upgrade to a paid plan, the payment details you provide (such as credit card number, billing info) are transmitted directly to Stripe. Stripe may collect personal data through its integration on our site, including via cookies or similar tracking technologies. The information Stripe collects can include transactional data (payment amount, date, method) and identifying information about your device (for fraud prevention), such as device identifiers or IP address. Stripe uses this information to process payments for us and to improve its services, including fraud detection, preventing fraudulent charges, authentication of transactions, and analytics on payment performance. AirState does not have access to your full payment card data; Stripe processes it securely in compliance with PCI-DSS standards. Stripe is a global company and may process your data in the US or other jurisdictions as needed to provide their services. For more details, please review Stripe’s Privacy Policy (available at stripe.com/privacy). We have a Data Processing Addendum in place with Stripe to ensure GDPR compliance when Stripe processes EU/UK personal data on our behalf.
Sentry (Error Monitoring): We use Sentry, a service provided by Functional Software, Inc. (USA), to monitor and debug errors in our platform. Sentry automatically captures technical data when our application encounters an error, which helps us diagnose and resolve issues quickly. This data may include error logs, stack traces, device information, browser type/version, and the sequence of user actions leading to the error. In some cases, incidental personal data might be included in these error reports – for example, your IP address, user ID, or email might appear in a log message or in the device info transmitted. We configure Sentry to minimize the personal data collected in error events, and we do not deliberately send content data or sensitive info to Sentry. Sentry stores and processes this data to provide us with error reports and analytics on crashes. Sentry is GDPR-compliant and operates under a Data Processing Agreement with us. They offer data hosting in the EU and other safeguards for European data. (If you are an EU user, Sentry will handle your data under GDPR-compliant terms, and any transfers of personal data are protected by appropriate measures.) For more information, see the Sentry Privacy Policy (Functional Software, Inc.).
Google Analytics (Usage Analytics): We use Google Analytics, a web analytics service provided by Google LLC (USA), to collect information about how visitors use our website. Google Analytics uses cookies and similar technologies to gather usage data such as which pages you visit, how long you stay, how you arrived at our site, and what you click on. Google may collect your IP address and device identifiers as part of providing this service. IP Anonymization: We have enabled Google’s IP anonymization feature for Analytics, so that Google truncates/anonymizes your IP address within the EU/EEA when collecting it, to add an extra layer of privacy. The usage statistics we get from Google Analytics help us understand user behavior and improve our product design and performance. Google Analytics may store collected data on Google servers in the United States or other countries. We have a Data Processing Agreement with Google and have configured Google Analytics in compliance with GDPR guidelines (for example, respecting Do-Not-Track settings where possible and honoring cookie consent choices). Opt-Out: You can opt out of Google Analytics tracking by refusing analytics cookies on our site (when the cookie banner is presented) or by using Google’s opt-out browser add-on. For more details, see Google’s Privacy Policy and Google Analytics’ data practices.
Email Delivery Services: To send emails (both transactional and marketing), we may use reputable third-party email service providers (for example, services like SendGrid, Mailgun, or AWS SES – the provider may change over time). These services handle the actual delivery of emails to your inbox. They will process your email address and the content of the email (which might include your name and any information relevant to the email’s purpose). We only share what is necessary (typically just your email and name and the message content). These providers are contractually obligated to safeguard your data and to use it only for sending emails on our behalf. We ensure any such provider complies with privacy laws (for EU users, we have GDPR-compliant terms in place). You can unsubscribe from marketing emails as noted, and transactional emails are sent as part of our service to you.

We require all our service providers to keep personal data secure and to only use it for the specific service they provide to us. They are not allowed to use your data for their own purposes (such as direct marketing) without your consent. We also limit the personal data shared to only what is necessary. For example, we give Stripe the info needed to charge your card, and we give our email service the info needed to send you an email – nothing more. Aside from the above service providers, we may also share data in a few other circumstances, strictly as needed:

Business Transfers: If AirState is involved in a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity or merged with the data of a successor company as part of that transaction. If such a transfer occurs, we will ensure the new owner continues to respect your personal data in line with this policy, or we will notify you and give you an opportunity to delete your data before transfer if required by law.
Legal Requirements and Protection: We may disclose personal data to courts, law enforcement, regulators, or other authorities if we believe disclosure is required by applicable law or legal process, or if reasonably necessary to protect the rights, property, and safety of AirState, our users, or the public. This includes exchanging information with other companies and organizations for fraud protection or investigating security issues. When we receive government requests for data, we only comply when we are legally obligated to do so, and we will inform affected users where permitted.
With Your Consent: In cases where you have explicitly given consent for us to share your data with a third party, we will do so as per the terms of your consent. For example, if in the future we offer an integration where you ask us to send your data to another service, we will do so only with your direction and consent.

We do not share or sell your personal information to third-party advertisers or social media companies for their independent marketing. We also do not allow third-party advertising networks to track you on our site.

Cookies and Tracking Technologies

We mentioned cookies earlier, but to summarize: cookies are small text files stored on your device to remember information. AirState uses cookies and similar technologies for a few key purposes:

Essential Cookies: These are necessary for our site to function. For example, when you log in, we use a cookie to maintain your session. Without it, you would be logged out every time you navigate to a new page. These cookies do not require consent as they are needed for service.
Analytics Cookies: These help us understand how visitors interact with our site (through services like Google Analytics). They collect information such as page visits, traffic sources, and user interactions. We treat these as non-essential in jurisdictions like the EU/UK, meaning we will ask for your consent (via a cookie banner or similar) before setting these cookies. If you opt out, we will either not load these analytics scripts, or Google Analytics will be disabled from collecting your data. You can also clear or block cookies any time via your browser settings (however, note this might also remove essential cookies and affect your ability to use the platform seamlessly).
Do-Not-Track (DNT): Some browsers offer a DNT signal. While we respect privacy preferences, there is currently no industry standard on how to respond to DNT signals. At this time, we do not respond to DNT signals in any special way (we treat all users the same with regard to cookies and tracking). If a uniform standard for DNT is adopted, we will follow it and update this policy accordingly.
Other Tracking Technologies: In addition to cookies, we may use pixels or web beacons in emails (to tell if an email was opened or a link was clicked, for instance, in our newsletter), or local storage for certain web features. These are used in line with the purposes above. For example, a pixel in a marketing email helps us know if our communications are effective. You can disable images in your email if you don’t want to be tracked in that way.

For more information on our use of cookies, you can contact us or (if available) refer to our Cookie Notice (if we provide a separate detailed cookie policy or banner, its terms are incorporated by reference).

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law. We do not keep your data indefinitely by default; we have retention policies to delete or anonymize data that is no longer needed. Here are some general retention practices:

Account Information: We keep your account data (name, email, account settings, etc.) for as long as your account is active. If you choose to delete your account, we will remove or anonymize your personal data within a reasonable period after your request, except for data we are required to keep for legal reasons. For example, if you delete your account, we will erase or anonymize your profile and content, but we might retain invoice records or support emails if needed for compliance. Backup copies of data might persist for a short time in secure storage before they are automatically overwritten – during that period, your data is isolated and protected.
Collaborative Content: If our platform allows you to create or upload content (documents, messages, files) as part of collaboration, we will retain that content as needed to provide the service. If you delete specific content or your account, we will remove that content from live systems, though residual copies may remain in backups temporarily. We will also respect requests from all collaborators or project owners regarding data removal in shared projects.
Usage Data: Analytics and usage data may be stored in aggregated or anonymized form indefinitely (since it no longer identifies you), which helps us long-term to spot trends. Raw logs that contain personal identifiers (like IP addresses) are typically retained for a shorter period (for example, server logs may be kept for a few weeks to a few months) and then automatically deleted or anonymized. We retain error logs in Sentry for a limited time as well, typically to investigate and fix issues, and then they are deleted or stripped of personal info.
Transactional Records: Purchase and payment records are retained as long as necessary for accounting and compliance (e.g., typically at least 7 years in many jurisdictions for financial records). These records may include personal data (like your name, contact, and transaction history) as required by law.

If we have no ongoing legitimate business need or legal requirement to keep your personal data, we will delete it or anonymize it. For example, if you were a user but have not logged in for a long period, we might contact you and eventually delete inactive accounts to reduce data we hold (we would give notice before doing so). If immediate deletion is not feasible (for instance, the data is stored in backups), then we will securely store the data and isolate it from further use until deletion is possible. Please note that even after you delete information, search engines and other parties may retain cached copies of your information for a time (outside our control), or we may not be able to fully delete data you shared with other users from their systems if they copied or stored it (though data on our systems will be handled as per above).

Data Storage and Security

Your personal data is stored on secure servers and cloud services that we use to operate AirState. We primarily use servers located in the United States for data storage, though some data may be stored in other jurisdictions (for example, if we utilize an EU data center for certain services). Regardless of where data is stored, we apply robust security measures to protect it from unauthorized access or disclosure. Security Measures: We maintain industry-standard administrative, technical, and physical safeguards to protect your personal data. These measures include, for example:

Encryption: We encrypt data in transit over public networks (HTTPS/TLS) to prevent eavesdropping. For sensitive data, we also employ encryption at rest on our databases or servers.
Access Controls: We limit access to personal data to only those employees, contractors, and agents who have a need to know in order to perform their job duties. They are bound by strict confidentiality obligations. All access to the data is logged and monitored.
Security Testing and Updates: We keep our software and infrastructure updated with security patches. We conduct periodic security audits and risk assessments. We also utilize firewall and intrusion detection systems to guard our network.
Organizational Policies: Our team is trained on data protection best practices. We have internal policies for handling personal data safely. Any subcontractors are required to follow equivalent security standards.
Anonymization and Pseudonymization: Where possible, we use anonymized or pseudonymized data in our development and analytics (meaning data that cannot easily be tied back to an individual unless recombined with separate information).

Despite our efforts, no method of transmission or storage is 100% secure. The internet by its nature carries inherent risks. We therefore cannot guarantee absolute security of your information. However, we continuously work to protect your data and to update our security measures in line with best practices. In the unlikely event of a data breach that affects your personal data, we have procedures in place to address it, and we will notify you and the relevant authorities as required by law.

International Data Transfers

AirState is based in the United States and the personal data we collect is generally stored and processed in the United States. If you are accessing our service from the EU, UK, or another region with data protection laws, your personal data will be transferred to the United States (and potentially to other countries where our infrastructure or third-party service providers are located). For example, if you are in the EU and create an account, your account data (including personal information) will be sent to our U.S. servers. Similarly, the third-party tools we use (Stripe, Google, Sentry, etc.) may transfer data to the U.S. or other jurisdictions as part of their services. Data Protection & Safeguards: We understand that data protection laws in other countries may not be as strict as those in your region. When we transfer personal data out of the EEA/UK, we take steps to ensure it remains protected according to GDPR standards. These measures include:

Standard Contractual Clauses (SCCs): We incorporate the European Commission’s approved Standard Contractual Clauses into our contracts with service providers when personal data from the EU/EEA or UK is processed in a country not deemed adequate by the EU. These SCCs obligate the recipient to protect the data to EU privacy standards. For example, our contracts with Stripe, Google, and Sentry include SCCs (or equivalent clauses under UK law) where applicable to cover European data transfers.
Data Privacy Framework: We monitor developments in cross-border data transfer regulations. If our providers (or AirState itself) participate in any approved certification mechanism, such as the EU-U.S. Data Privacy Framework (which replaced the Privacy Shield) or binding corporate rules, we will rely on those as appropriate. For instance, Sentry participates in the EU-U.S. Data Privacy Framework to legitimize EU-to-US transfers, and Google also adheres to similar frameworks or SCCs. We ensure any U.S. providers handling EU data certify or commit to GDPR-level protections.
Encryption and Security: All data in transit is encrypted, which adds protection when data crosses borders. Our security measures (described above) apply globally, so your data receives the same level of protection in the U.S. as it would in the EU.
Assessments: We perform transfer impact assessments as needed to evaluate if the data importing country’s laws might impinge on the effectiveness of our safeguards. If we believe additional measures are needed (like extra encryption or specific storage locales), we will implement them to ensure any government access to data does not violate GDPR standards.

By using AirState’s services, you acknowledge that your personal data may be transferred to and processed in the United States and other countries as explained. We will only transfer data in compliance with applicable privacy laws and with appropriate safeguards in place. If you have questions about international transfers or need more specifics about our safeguards, please contact us.

If you are located in the European Union, the European Economic Area, or the United Kingdom, you have certain rights regarding your personal data under GDPR and applicable local laws. AirState is committed to helping you exercise these rights. Your principal data protection rights are:

Right to Access: You have the right to request a copy of the personal data we hold about you, and to obtain information about how we process it. This is often called a “Data Subject Access Request.” We will provide you with a copy of your data in a common format (unless doing so adversely affects the rights of others). For most users, basic profile and usage data can be accessed through your account dashboard, but you can also contact us for a full export.
Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to ask us to correct it or complete it. For example, if your name or email has changed, you can update it in your account settings or ask us to update our records. We strive to keep your data accurate, but we appreciate your help to ensure everything is up to date.
Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data in certain circumstances. If you no longer want us to have your data, you can delete your account via the platform interface (if available) or by contacting support. We will then erase your personal data, provided we do not have a legal obligation or overriding legitimate interest to retain it. Note: Deleting your data is irreversible – if you request erasure, we may not be able to recover your account or data later. We’ll inform you if any data cannot be fully deleted (for example, data we must keep for legal reasons will be blocked from use and deleted when permissible).
Right to Restrict Processing: You have the right to ask us to limit or suspend the processing of your personal data in certain scenarios. For instance, if you contest the accuracy of your data, you can request that we restrict processing until we verify its accuracy. Or if you object to processing based on our legitimate interests, you can request restriction pending our verification of overriding grounds. When processing is restricted, we will store your data securely and notify you before lifting the restriction.
Right to Data Portability: You have the right to receive your personal data that you provided to us in a structured, commonly used, machine-readable format, and the right to transmit that data to another controller, when the processing is based on consent or contract and done by automated means. In practice, this means you can ask for an export of your account data and we will provide it (for example, as a CSV or JSON file). Where feasible and if you request, we can directly transfer the data to another service at your direction.
Right to Object: You have the right to object to our processing of your personal data when that processing is based on legitimate interests (or performing a task in public interest/exercise of official authority, which we do not do) or for direct marketing purposes. This means if we are processing your data under a legitimate interest basis, you can object, and we must stop unless we have compelling legitimate grounds that override your rights or the processing is for legal claims. If you object to direct marketing, we will stop using your data for that purpose immediately. (As noted, you can always unsubscribe from marketing emails, which is an easy way to object to further marketing.)
Right to Withdraw Consent: If we rely on your consent for any processing, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing before withdrawal, but it means we will stop the processing going forward. For example, if you gave consent for optional analytics cookies or for receiving newsletters, you can withdraw that consent (via cookie settings or unsubscribe links, or by contacting us) and we will cease the related processing.
Rights Related to Automated Decision Making: As mentioned, we do not engage in automated decision-making or profiling that produces legal effects. However, you have rights to not be subject to decisions based solely on automated processing (including profiling) that significantly affect you. If you believe we are doing so, you can request human intervention or an explanation, and contest the decision.
Right to be Informed: You have the right to clear and transparent information about how we use your data – which is the purpose of this Privacy Policy. We aim to provide notice at the time of data collection as well. If anything in this policy is unclear, please let us know, and we will gladly provide further information.

To exercise any of these rights, please contact us at privacy@airstate.com with your request. We may need to verify your identity (to protect your data from unauthorized access) before fulfilling your request. We will respond to your request as soon as possible, and in any event within the timeframe required by law (generally within one month for GDPR, extendable by two further months for complex requests). There is no fee for exercising your rights unless the requests are manifestly unfounded or excessive (in which case we may charge a reasonable fee or refuse the request, but we will explain why). Complaints: If you believe that we have not handled your personal data properly or have infringed your rights, you have the right to lodge a complaint with a data protection supervisory authority. You can do this in the EU member state where you reside, where you work, or where the alleged infringement occurred. For EU supervisory authorities’ contact details, see this list. In the UK, you can contact the Information Commissioner’s Office (ICO). We encourage you to contact us first, so we have the opportunity to address your concerns directly, but you are free to reach out to the authorities at any time.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. If we make material changes, we will notify users by email (sent to the address associated with your account) or by posting a prominent notice on our website prior to the change becoming effective. The “Last Updated” date at the top of this Policy indicates when the latest changes were made. We encourage you to review this Policy periodically for any updates. Continued use of AirState after any changes signifies your acceptance of the revised Policy. If you do not agree with any updates, you should stop using the service and can request that we delete your personal data.

Contact Us

AirState welcomes your questions, concerns, and feedback about privacy. If you:

Have any questions about this Privacy Policy or our data practices,
Want to exercise any of your data subject rights,
Need help understanding or updating your personal data,
Or have any concerns about the security of your data,

please contact us at: Email: privacy@airstate.com

Postal Address: AirState LLC, 1500 N Grant St, Ste R, Denver, CO 80203, USA

Attn: Privacy Team We will respond as promptly as we can. Thank you for trusting AirState with your collaboration projects. We are committed to keeping your personal information safe and respecting your privacy. Your use of AirState is subject to this Privacy Policy and our Terms of Service.