1. What we collect
Airheart Inc. ("Airheart", "we", "our") collects personal information in three ways: information you give us directly, information we collect automatically as you use the Service, and information we receive from third parties you authorize.
1.1 Information you provide
1.1.1Account details — name, email, and a password hash; if you sign in through an identity provider, the OIDC subject identifier and the subset of profile fields you consented to share.
1.1.2Voyage drafts, catalogue content, saved preferences, and any messages you send through the Service, including conversations with the Airheart agent.
1.1.3Billing details for paid tiers — a payment method token issued by our payment processor. We never see or store your full card number.
1.1.4Traveler records you add to a Voyage — names, dates of birth, and document numbers where required by the reservation.
1.2 Information we collect automatically
1.2.1Device and connection metadata — IP address, user-agent, approximate location derived from IP (city-level), referring URL, and the pages you viewed.
1.2.2Product interaction telemetry — what you clicked, how long a view took to render, which features you used, scoped to your account ID.
1.2.3Error and crash data — stack traces and environment metadata routed through our error-tracking provider, with scrubbing behavior controlled by the active implementation.
1.3 Information we receive from third parties
1.3.1If you use single sign-on, the identity provider (Google, Apple, or your organization's SSO) sends us the OIDC claims you approved.
1.3.2When you complete a purchase, our payment processor returns a token, the last four digits of the card, and success / failure status — not the full card number.
1.3.3If your organization provisioned your account through our Organization tier, your organization controls the attributes synced into Airheart (role, team, cost center).
2. Why we collect it
We collect what we need to run the Service, protect the Service, meet legal obligations, and improve what we ship. Processing purposes, lawful bases, and jurisdiction-specific rights must match the maintained privacy/legal source.
2.1Contract. We need to process account, billing, and voyage data to provide the Service you asked for.
2.2Legitimate interest. Product telemetry, security logs, and fraud detection run under legitimate interest; we balance the interest against your rights and document the balancing test.
2.3Legal obligation. Financial records, tax records, and regulatory-notification logs are retained as long as the applicable statute requires.
2.4Consent. Optional analytics and preference-cookie behavior should match the maintained consent surface. Cookie preference links are forward-looking controls where the account surface supports them.
3. How we use it
We use personal information to:
- Deliver the Service — plan, save, and publish Voyages; run the Airheart agent; issue signed receipts for money-moving actions.
- Keep the Service secure — detect fraud and abuse, authenticate sessions, enforce rate limits, and investigate incidents.
- Communicate with you — send service notifications (billing, security, material policy changes) and, where you've opted in, the monthly editorial newsletter.
- Improve the Service — understand which features are used and which aren't, scoped to aggregate or pseudonymous analytics.
- Comply with the law — respond to lawful requests, maintain required records, and cooperate with regulators where required.
3.1Model-training, retention, and consent commitments are governed by the maintained privacy/product source and account controls. Route copy should not create a standalone training guarantee.
3.2Sale, sharing, and cross-context advertising commitments are controlled by maintained privacy terms and the consent implementation.
4. Who we share it with
We share personal information with the recipient categories required to provide and operate the Service.
4.1Sub-processors and service providers. Hosting, email delivery, model providers, payment processing, authentication, analytics, error tracking, and observability vendors are disclosed for procurement review. Processing terms, regions, and transfer mechanisms are controlled by maintained legal records or signed contracts.
4.2Your organization. If you use the Service through an Organization tier account, the organization's admins control your account, can see activity metadata, and can export or delete your data under their admin tools.
4.3Lawful requests. We respond to valid subpoenas, court orders, and comparable lawful process. Where we're legally permitted to notify you, we do — in advance, with enough time to seek protective relief.
4.4Corporate transactions. If Airheart is part of a merger, acquisition, or asset sale, personal information transfers with the Service under equivalent privacy commitments. You'll be notified before the transfer takes effect and given a reasonable window to delete your account.
5. Your rights (GDPR / CCPA)
Regardless of where you live, you can exercise the rights below through Settings → Privacy or by emailing privacy@airheart.com. Response timing is governed by applicable law and maintained privacy terms.
5.1 Rights under the GDPR and UK GDPR
5.1.1Access. A machine-readable copy of everything we hold for you — voyages, memory, receipts, conversation history.
5.1.2Rectification. Correction of inaccurate or incomplete personal information.
5.1.3Erasure. Deletion requests are handled under applicable law, product capabilities, and retained-record requirements.
5.1.4Restriction and objection. Pause or object to specific processing purposes; legitimate-interest processing may be objected to under Article 21.
5.1.5Portability. A structured, commonly-used, machine-readable export of your data.
5.1.6Lodge a complaint. You can complain to your local supervisory authority without going through us first. We'd rather hear from you — but it's your right either way.
5.2 Rights under the CCPA and CPRA (California)
5.2.1Right to know. Categories and specific pieces of personal information we collect, the sources, the purposes, and the categories of recipients.
5.2.2Right to delete. Deletion of personal information, with statutory exceptions.
5.2.3Right to correct. Correction of inaccurate personal information.
5.2.4Right to opt out of sale / sharing. Sale, sharing, and cross-context advertising rights are governed by maintained privacy terms and consent controls.
5.2.5Right to limit use of sensitive personal information. Sensitive-data use limits are governed by maintained privacy terms and product controls.
5.2.6Non-discrimination. CCPA non-discrimination commitments are governed by maintained privacy terms.
6. Data retention periods
Retention windows must come from maintained privacy/legal records, product controls, or signed contracts. The categories below describe the retention surfaces without turning route copy into the authoritative schedule.
- Account profile — controlled by account lifecycle and legal holds.
- Voyage drafts and catalogue content — controlled by account, export, and archive settings.
- Agent conversation history — controlled by tier settings, workspace policy, and legal holds.
- Billing and tax records — controlled by processor, tax, and accounting requirements.
- Security and audit logs — controlled by security operations and incident needs.
- Signed receipt proofs — proof state may be provisional, pending Rekor inclusion, or final; personal-data handling follows the signed receipt surface and legal retention source.
- Error traces — controlled by error-tracking and incident workflows.
- Marketing email data — controlled by subscription and suppression-list requirements.
7. International transfers
Airheart is incorporated in the United States and operates primary infrastructure in the US and the EU. Transfer mechanisms, addenda, and regional commitments are legal terms and should be confirmed from the maintained privacy source or signed contract.
7.1Transfer impact assessments and similar review artifacts are handled through the legal/procurement process where they are available.
7.2Additional technical measures should be sourced from maintained security/legal evidence before they are published as binding commitments.
7.3Transfer-document requests can be routed to dpo@airheart.com for the current contract source.
8. Children's privacy
The Service is not directed to children. We do not knowingly collect personal information from anyone under 13 (or the equivalent age of digital consent in your jurisdiction), and accounts are not offered to anyone under 16 without verified parental or organizational authorization.
8.1If you believe a child has provided us with personal information, contact privacy@airheart.com. We will verify, delete the information, and terminate the account if one was created.
8.2Traveler records added to a Voyage may include minors accompanying an adult traveler. Those records are treated as personal information of the account holder and inherit the account's retention and rights.
9. Changes to this policy
We may update this policy as the Service evolves. Every version is numbered and dated; prior versions are kept online for at least three years.
9.1Non-material changes — clarifications, typo fixes, reformatting — take effect on publication and are noted in the changelog.
9.2Material changes — new processing purposes, new categories of recipients, changes to data retention, or changes to lawful basis — follow the maintained policy-notice process.
10. Contact (DPO)
Privacy questions, rights requests, or complaints can be sent to our privacy inbox. Response timing follows applicable law and maintained privacy terms.
Data Protection Officer
Priya Ramanathan, Airheart Inc.
For access, deletion, correction, portability, or objection requests, or to raise a concern.
dpo@airheart.com privacy@airheart.comPostal address
Airheart Inc.
Attn: Data Protection Officer
Austin, TX 78701
United
States
Representative and jurisdiction-specific contact details are provided where the maintained legal source requires them.