Airbase Privacy Policy

Last Updated: October 20, 2022.

Airbase Inc. is a spend management solution that provides financial tools for companies, such as issuing corporate cards, facilitating bill payments, and processing employee reimbursements (collectively, the “Services”).

We treat all personal information covered by this Privacy Policy as pertaining to individuals acting as business representatives, and not in their individual or household capacity. For a description of how we handle consumers’ information as a service provider on behalf of our business customers, please review our Product Privacy Notice.

Personal Information We Collect

Information you provide to us:

  • Contact information, such as your first and last name, professional title, business affiliation and address, email address, and phone number.
  • Subscription information, such as your subscriptions and transaction information, service tier, and service history.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
  • Usage information, such as information about how you use the Services and interact with us and other users, including any content you upload to the Services or otherwise submit, communications and chats with other users, and information you provide when you use any interactive features of the Services.
  • Marketing information, such as your preferences for receiving communications about our Services, and details about how you engage with our communications.
  • Other informationthat we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Information we obtain from third parties:

  • Third parties, such as data brokers or business partners.
  • Social media information. We may maintain pages on social media platforms, such as Facebook, Instagram, Twitter, LinkedIn, YouTube, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use, and processing of your personal information.
  • Third-party login information. When you link, connect, or login to the Services with a third party service such as Google or Office365, you direct that service to send us information such as your registration, company, and profile information as controlled by that service or as authorized by you via your privacy settings at that service.
  • Other sources. We may obtain your personal information from other third parties, such as marketing partners, publicly-available sources, and data providers.

Automatic data collection. We or our service providers may automatically log information about you, your computer, or mobile device, and your interactions over time with our Services, our communications, and other online services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state, or geographic area.
  • Online activity data,such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, and whether you have opened our marketing emails or clicked links within them.

We use the following tools for automatic data collection:

  • Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

How We Use Personal Information

Provide our Services. It is in our legitimate business interests to use your personal information to:

  • Operate the Services and our business;
  • Maintain and improve the Services and the Services’ features;
  • Create and maintain your account;
  • Process your transactions;
  • Communicate with our customers and our customers’ employees and individual users about the Services, including by sending announcements, updates, security alerts, and support and administrative messages; and
  • Provide support for the Services, and respond to your requests, questions, and feedback.

Marketing and advertising, including for:

  • Subject to consent where required, we use personal information to market our Services to prospective and current Customers, and we can do so through websites, events, programs, and other means. We may send you direct marketing communications promoting our Services, events, programs, or other services that we believe are of interest. Recipients can opt out of our marketing communications as described in the “Opt out of marketing communications” section below; and
  • Interest-based advertising. We or our advertising partners, including third party advertising companies and social media companies, may use cookies and similar technologies to collect information about your interactions (including the data described in the “Automatic data collection” section above) over time across our Services, our communications, and other online services, and use that information to serve online ads that they think will interest you. We may also share information about our users with these companies to facilitate interest-based advertising to them or similar users on other online platforms.

Research and development. It is in our legitimate business interests to engage in research and development, including to:

  • Develop new features, products, and services; and
  • Create aggregated, de-identified, or other anonymous data or analytics.

Compliance with law, including to:

  • Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • Protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);
  • Audit our internal processes for compliance with legal and contractual requirements and internal policies;
  • Enforce the terms and conditions that govern our Services; and
  • Prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

How We Share Your Personal Information

Affiliates. We may share your information with our subsidiaries and affiliates, for purposes consistent with this Privacy Policy.

Service providers. We may share your personal information with third party companies and individuals that provide services on our behalf or help us operate our Services (such as hosting, analytics, email delivery, marketing, and database management).

Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. We may disclose your personal information to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transfers. We may sell, transfer, or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Privacy Choices

Access to account information. You may update, correct, or delete your account information by accessing the account you have established with us on the Services.

Opt out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive service-related and other non-marketing emails.

Online tracking opt-out. There are a number of ways to limit online tracking, which we have summarized below:

  • Blocking cookies in your browser.Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit allaboutcookies.org.
  • Blocking advertising ID use in your mobile settings.Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
  • Using privacy plug-ins or browsers.You can block our Services from setting cookies by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGoGhostery, or uBlock Origin, and configuring them to block third party cookies/trackers.
  • Google analytics. We use Google Analytics to collect and summarize information about how individuals engage with the Services. For more information on Google Analytics, click here. For more information about Google’s privacy practices, click here. You can opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
  • Platform opt outs.The following advertising partners offer opt out features that let you opt out of use of your information for interest-based advertising:
  • Facebook
  • Google
  • LinkedIn
  • Advertising industry opt out toolsYou can also use these opt out options to limit use of your information for interest-based advertising by participating companies:
  • Digital Advertising Alliance for Websites: http://outout.aboutads.info
  • Digital Advertising Alliance for Mobile Apps: https://youradchoices.com/appchoices
  • Network Advertising Initiative: http://optout.networkadvertising.org/?c=1

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Third-Party Services

Our Services can contain links to websites and other online services operated by third parties. In addition, our content can be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of or representation that we are affiliated with any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.

Information Security

We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe and we cannot guarantee the security of personal information.

Children’s Privacy

Our Services are not intended for use by children under 16 years of age. If we learn that we have collected personal information through our services from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.

Retention

We retain personal information for as long as appropriate to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we process personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Cross-Border Processing of Personal Information

If you provide us with your personal information when using the Services, then please note that we are headquartered in the United States. To provide and operate our Services, it is necessary for us to process personal information in the United States.

If we transfer personal information across borders such that we are required to apply appropriate safeguards to personal information under applicable data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you, for example through posting the Privacy Policy on our Services.

How to Contact Us

You can reach us by email at [email protected].