Privacy Policy
Last reviewed: 2026-05-04
How AIRTIME CONNECT, LLC collects, uses, shares, and protects personal information through the public website at airtimeconnect.com.
1. Who we are and how to reach us
AIRTIME CONNECT, LLC ("ATC," "we," "us," or "our") is a Florida limited liability company headquartered at 4601 NW 36th Street, Miami Springs, FL 33166, United States. We operate the public website at airtimeconnect.com (the "Site") and the ATC Platform that airlines and travel agencies license under separate agreements.
For questions about this Policy, to exercise any of the rights described below, or to make any other privacy-related request: info@airtimeconnect.com.
2. What this Policy covers — and what it does not
This Policy covers personal information ATC collects and processes as a controller through the public Site — for example, when you submit the demo-request form, browse pages, or contact us by email.
This Policy does NOT cover personal information ATC processes on behalf of a customer organization (an airline, charter, or travel agency) when that customer uses the ATC Platform to operate its business. In that context, ATC acts as a processor under the customer's instructions; the customer's own privacy notice governs how passenger and traveler data is collected, used, and shared. If you are a passenger or end-traveler whose data was processed by ATC at the direction of an airline or agency, please contact that airline or agency directly. ATC cannot independently respond to data-subject requests about data we do not control.
If you contact us about data processed on behalf of one of our customers, we will route your request to the controller (the airline or agency) where we are able to identify them, and will assist that controller in responding as required by Article 28 GDPR and comparable U.S.-state-law obligations.
This Policy also does not cover third-party websites or services that may be linked from the Site. Their privacy practices are governed by their own policies.
3. The personal information we collect
3.1 Information you give us directly
When you submit the demo-request form, send us an email, or otherwise contact us, you may provide:
- First and last name
- Email address
- Company or organization name
- Role / job function
- Anything else you choose to put in a free-form message
3.2 Information collected automatically when you use the Site
When you visit the Site, our servers and our analytics provider automatically receive certain information from your browser, including:
- IP address and approximate location derived from it (city / region / country level)
- Device and browser data (browser type, operating system, screen size, language)
- Usage data (pages visited, time spent on a page, referring URL, clicks)
- Cookies and similar identifiers — see the Cookie Policy for the full list
- reCAPTCHA signals when you submit a form — Google's reCAPTCHA evaluates your interaction with the page (mouse movement, IP, browser, prior reCAPTCHA history) to determine whether you are likely a human or a bot
3.3 Information we do not collect on the public Site
For clarity:
- We do not collect government-issued ID numbers, passport details, payment-card numbers, frequent-flyer numbers, or other sensitive travel data through the public Site. Any such data flows through the ATC Platform under a separate customer agreement.
- We do not knowingly collect personal information from children under 13 (or 16, depending on jurisdiction). The Site is a B2B marketing site not directed at children. If you believe a child has submitted information, contact us at info@airtimeconnect.com and we will delete it.
- We do not collect biometric or genetic data.
- We do not sell personal information for money. (Whether automated cookie-based advertising-related transfers count as a "sale" or "share" under California CPRA is addressed in §8 below.)
4. Why we collect it (purposes of processing)
| What we use the information for | Examples |
|---|---|
| Responding to your inquiry | Replying to a demo request, answering an emailed question, scheduling a sales call |
| Operating the Site | Loading pages, enforcing acceptable-use rules, preventing abuse and fraud (reCAPTCHA, IP-based rate limiting) |
| Analytics and improvement | Understanding which sections of the Site are read, which CTAs are clicked, which pages convert into demo requests, so we can improve the Site |
| Marketing communications | Sending follow-up emails about ATC and related product updates — we will only send these where we are permitted to do so by applicable law, and you can unsubscribe at any time |
| Security, legal, and compliance | Defending against fraud, abuse, or unauthorized access; complying with subpoenas, court orders, or applicable regulations |
| Internal record-keeping | Maintaining our customer-relationship-management (CRM) system and sales records |
5. Legal bases (for visitors in the EU, UK, and similar regimes)
For visitors located in the European Economic Area, the United Kingdom, or other jurisdictions with a "legal basis" requirement, we rely on the following bases:
| Processing | Legal basis |
|---|---|
| Responding to a demo request | Pre-contractual measures at your request (Art. 6(1)(b) GDPR) |
| Sending marketing follow-up emails | Your consent (Art. 6(1)(a)) where required, or our legitimate interest in pursuing a B2B sales conversation (Art. 6(1)(f)) where the relationship qualifies |
| Site analytics (Google Analytics 4) | Pending deployment of consent management: legitimate interest in measuring Site performance and improving content (Art. 6(1)(f)). Once consent management is deployed, the legal basis will become consent (Art. 6(1)(a)) for non-essential analytics cookies. |
| reCAPTCHA on the demo form | Legitimate interest in preventing automated abuse and securing the form (Art. 6(1)(f)) |
| Security, fraud prevention, and legal compliance | Legitimate interest (Art. 6(1)(f)) and legal obligation (Art. 6(1)(c)) |
For processing based on consent, you can withdraw consent at any time by contacting info@airtimeconnect.com. Cookie-banner controls referenced in the Cookie Policy will become available once consent management is deployed; in the interim, see §3.2 and §3.4 of the Cookie Policy for browser-level controls and Google's Analytics opt-out add-on.
6. Who we share personal information with
We share personal information with the following categories of recipients:
| Recipient | Why |
|---|---|
| Google LLC (Google Analytics 4) | Site analytics. Google processes this data as a separate controller. See Google's privacy policy. |
| Google LLC (reCAPTCHA) | Spam and bot detection on the demo form. See Google's privacy policy. |
| Amazon Web Services, Inc. | Site hosting infrastructure (servers, storage, content delivery). AWS processes data as our processor under an executed agreement. |
| Email service providers (transactional and marketing email) | Service providers we engage to deliver demo-request confirmations and sales follow-up email. |
| Customer-relationship-management (CRM) platforms | Service providers we engage to store demo-request submissions and manage the sales pipeline. |
| Professional advisors and counsel | Where necessary to obtain legal, accounting, or audit advice. |
| Acquirers, in a corporate transaction | If ATC is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to confidentiality. |
| Government, regulators, and law enforcement | Where required by law, regulation, court order, or subpoena, or to protect the rights, property, or safety of ATC, our customers, or the public. |
We do not sell personal information for monetary consideration. We do, however, use Google Analytics with cookie-based identifiers, which California's CPRA characterizes as "sharing" personal information for cross-context behavioral advertising. We provide an opt-out for this — see §8 and the Cookie Policy.
7. International transfers
Because we are based in the United States and our service providers operate globally, your personal information may be processed in the United States or in other countries with privacy regimes different from your own.
For visitors in the EU, UK, or other jurisdictions that restrict international transfers, we rely on the following safeguards:
- EU–US Data Privacy Framework (DPF) for transfers from the EU to service providers that participate in the DPF. ATC itself is not a DPF participant; some of our service providers (including Google LLC and Amazon Web Services, Inc.) are DPF-certified at the time of this Policy's last review. For transfers to providers that do not participate, we rely on Standard Contractual Clauses (SCCs) issued by the European Commission.
- UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs for transfers from the UK to the US.
- Equivalent safeguards for transfers from other jurisdictions.
8. Your rights
Depending on where you live, you have some or all of the following rights:
| Right | What it means |
|---|---|
| Access | Get a copy of the personal information we hold about you |
| Correction | Have inaccurate information corrected |
| Deletion | Have your information deleted, subject to legal exceptions (e.g., we may need to retain a record for accounting or legal-defense purposes) |
| Portability | Receive your information in a structured, commonly used, machine-readable format |
| Objection / restriction | Object to or restrict certain processing, including direct marketing |
| Withdraw consent | Withdraw consent for processing that relies on consent |
| Opt out of "sharing" / cross-context behavioral advertising | Opt out of cookie-based analytics that California CPRA, Colorado CPA, and Connecticut CTDPA characterize as "sharing." We treat a Global Privacy Control (GPC) signal sent by your browser as a valid opt-out, in accordance with CPRA §7025 and equivalent state regulations. You can also use the cookie controls described in the Cookie Policy once consent management is deployed. |
| Non-discrimination | We will not discriminate against you for exercising any of these rights — for example, we will not refuse to provide you a demo because you opted out of analytics. |
| Lodge a complaint | Lodge a complaint with your local data-protection authority (in the EU/UK) or attorney general (in many US states). |
To exercise any of these rights, email info@airtimeconnect.com. We will respond within the timeframe required by applicable law (typically 30 days in the EU/UK and 45 days under US state laws, with one possible extension). To verify your identity, we may ask you to confirm information we already have on file. Authorized agents can submit requests on your behalf with appropriate documentation.
California-specific disclosures (CPRA)
Under the California Consumer Privacy Act (as amended by the California Privacy Rights Act):
- Categories of personal information collected: identifiers (name, email, IP address); commercial information (interest in ATC products); internet/network activity (browsing on the Site); inferences drawn from the above (e.g., audience segment).
- Purposes: as described in §4.
- Sources: directly from you (forms), automatically (cookies, server logs), and from our analytics provider (Google).
- Disclosed to: the recipients listed in §6.
- "Sold" or "shared": we do not sell. We "share" via Google Analytics for cross-context behavioral advertising. You can opt out using the methods in §8 above.
- Sensitive personal information: we do not collect sensitive personal information as defined by CPRA on the public Site.
- Retention: see §10.
EU/UK-specific disclosures
The data controller is AIRTIME CONNECT, LLC.
9. How we protect personal information
We use industry-standard administrative, technical, and physical safeguards to protect personal information, including:
- Encryption in transit (TLS) for all Site traffic
- Encryption at rest for stored personal information
- Access controls limiting which ATC personnel can access personal information, on a need-to-know basis
- Vendor due diligence for the service providers listed in §6
- Network and endpoint security including monitoring and logging
No system is perfectly secure, and we cannot guarantee that personal information will not be accessed without authorization. If we become aware of a breach affecting your personal information, we will notify you in accordance with applicable law.
10. How long we keep personal information
We keep personal information only as long as we have a legitimate purpose for it:
| Information | Typical retention |
|---|---|
| Demo-request submissions | Up to 36 months from the last interaction, unless you ask us to delete sooner |
| Sales-cycle and CRM records | Until 7 years after the relationship ends, for accounting and legal-defense purposes |
| Server logs | Up to 90 days, then deleted or aggregated |
| Analytics data (Google Analytics) | As configured in our Google Analytics property (default 14 months) |
| Cookies | As described in the Cookie Policy |
If you ask us to delete your information, we will do so unless we are legally required to keep it (for example, for tax records, fraud prevention, or pending litigation).
11. Changes to this Policy
We may update this Policy from time to time. The current version is always posted at this URL with the "Last reviewed" date at the top. If a change is material, we will provide additional notice (for example, an email or a banner on the Site) before the change takes effect.
12. How to contact us
For any privacy-related question or to exercise the rights described in §8:
AIRTIME CONNECT, LLC
4601 NW 36th Street
Miami Springs, FL 33166
United States
Email: info@airtimeconnect.com