AirTee Ltd ("AirTee", "we") provides the AirTee integrated resilience platform. This policy explains what personal data we process, why, and on what legal basis under UK and EU GDPR.
Customer data in the platform is processed by AirTee as a Processor on behalf of the Customer (Controller). Our Data Processing Agreement (DPA) governs that relationship and is available on request.
Marketing site data — names, email addresses and company details submitted via forms — is processed by AirTee as Controller for the purpose of responding to enquiries. Lawful basis: legitimate interest. Retained for 24 months unless you ask us to delete sooner.
We use a small set of operational sub-processors (cloud hosting, transactional email, observability). The current list is maintained at /security and is updated 30 days before any change.
You have the rights to access, rectify, port, restrict, object and request deletion of your personal data. Email privacy@airtee.ai to exercise any of these rights.
You can lodge a complaint with the UK Information Commissioner's Office (ICO) or your local EU supervisory authority.