Protecting customer data is core to Airtable. We take privacy and security into consideration in all aspects of the platform and supporting infrastructure. Earning and keeping the trust of our users is our top priority, and we continually look for ways to expand and improve the security of Airtable as the product innovates.
At Airtable, we strive to create a secure environment that builds trust with our customers through the following guiding principles.
Continuous advancement of our security technologies and practices to get ahead of emerging threats.
Across the organization through regular security training which covers topics such as data privacy, information security, and password security.
Stay updated on industry regulations, standards, and best practices, enabling alignment with data protection and privacy requirements, reducing legal and reputational risks for the company.
Skilled security professionals who belong to one of four security teams:
Application Security
Governance, Risk, Compliance & Privacy (GRCP)
Infrastructure Security
Customizable collaborator permissions in your workspace where you can control who you share a workspace with and whether they can modify content.
Access restriction to Airtable views through password-protected share links or email domain.
Record-level revision history that shows a visual activity feed of the changes made to each record.
Two-factor authentication (2FA) for your account if you’re using password-based authentication.
SAML-based Single Sign On (SSO) and additional administration features for teams on the Enterprise Plan.
Airtable has obtained the following certifications to demonstrate our commitment to the protection of your data.
Airtable has undergone a Service Organization Controls audit (SOC 2 Type 2). Please contact your account manager or sales@airtable.com to request Airtable's most recent report.
ISO/IEC 27001:2022 is a specification for an information security management system (ISMS), which is a framework for an organisation's information risk management processes. View certificate.
ISO/IEC 27701:2019 is a specification for a privacy information management system (PIMS), which is a framework for an organization's privacy management processes. View certificate.
The Health Insurance Portability and Accountability Act (HIPAA) are national standards to protect sensitive patient health information from disclosure. For more information, please see here.
Airtable is committed to adhering to privacy laws, regulations, and best practices.
Airtable’s privacy program is designed for compliance with global privacy laws and regulations, including Europe’s General Data Protection Regulation (GDPR) and the United Kingdom GDPR. You can learn more about Airtable’s commitment to compliance with GDPR here.
Airtable’s privacy program is designed for compliance with global privacy laws and regulations, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). You can learn more about Airtable’s commitment to compliance with CCPA here.
We take our privacy obligations and the protection of your information seriously, and we comply with all applicable privacy laws and regulations. You can learn more about Airtable’s privacy practices in our Privacy Policy.
You can sign our Data Processing Addendum (DPA) by entering your information at this link. You will be able to download and review the DPA before signing it.
Airtable places a strong emphasis on cookie compliance. Read more about how cookies are used, what types of cookies are employed, and how cookie preferences can be managed in Airtable’s Cookie Policy.
Airtable offers our customers the option to have their data stored in the European Union. Read more about some of the common Frequently Asked Questions here.
Airtable provides our Enterprise customers the ability to store data at rest with customer-owned keys. You can learn more about this offering here.
Airtable maintains a current list of Airtable’s data subprocessors for transparency found at this link.
At Airtable, we put our customers and their security needs first. We are continuously seeking advancement of our security technologies and practices and use world class solutions to get ahead of emerging threats.
Airtable has completed the CAIQ. This is an industry-standard questionnaire that is developed and maintained by the Cloud Security Alliance. This can be shared under NDA, please reach out to your sales representative for more information.
Airtable has completed the SIG Lite. This is an industry-standard questionnaire that is maintained by the Shared Assessments Organization. This can be shared under NDA, please reach out to your sales representative for more information.
Airtable has completed the HECVAT. This is an industry-standard questionnaire that is developed by the Higher Education Information Security Council. This can be shared under NDA, please reach out to your sales representative for more information.
Report an issue
If you believe you’ve discovered a security-related issue, please report the issue on our HackerOne bug bounty program or contact us at security@airtable.com.