Privacy policy

Last updated: May 2026

1. Who We Are

AirNote is operated by Nomad Apps Ltd, a company registered in England and Wales with company number 10131056.

Registered office: Pilgrims Nook Bench Manor Crescent, Chalfont St. Peter, Gerrards Cross, England, SL9 9HL.

Website: https://airnoteai.com
Main contact: support@airnoteai.com
Privacy contact: support@airnoteai.com

AirNote has not appointed a Data Protection Officer. We have assessed the requirement and do not currently consider appointment mandatory. We will review this as our processing scale and customer base changes.

AirNote has not appointed an EU representative because AirNote is initially offered to UK users only. We will review this before active EU marketing or sales.

2. What This Policy Covers

This Privacy Policy explains how AirNote handles personal data when you:

visit our website;
contact us for support or business enquiries;
use the AirNote macOS app;
use Cloud Sync;
use AirNote's AI note generation, client document generation, or Ask AirNote features;
connect optional Google Calendar or Apple Calendar integrations;
buy, restore, or manage an App Store subscription.

AirNote is designed for business/professional use by therapists, counsellors, psychotherapists, clinical psychologists, and other professional users. It is not intended for personal, household, or consumer use. Therapy transcripts, notes, process notes, client context, and generated documents may contain health information and other special category data.

3. Controller and Processor Roles

Therapist or clinician customers are normally the controller for their own client and session records. This means the therapist decides why and how client/session data is processed, including whether to use AirNote.

AirNote acts as a processor when it processes client/session content on the therapist's behalf through AirNote cloud-enabled features, such as Cloud Sync, AI note generation, client document generation, and Ask AirNote.

AirNote acts as controller for its own business data, including support communications, subscription administration, product security, incident response, vendor management, and website/business operations.

If you are a therapy client or session participant, your therapist is normally the right person to contact about your therapy record, access requests, correction requests, deletion requests, and clinical retention periods. AirNote may assist the therapist where our systems are involved.

4. Summary of AirNote's Privacy Design

AirNote is local-first.
Session audio is recorded on the therapist's Mac.
Transcription is performed locally using the AirNote-STT local transcription runtime.
Raw audio is not sent to OpenAI, AWS, Google, or Apple by the current implementation.
Clinical records are stored locally in the app's SwiftData store and, when Cloud Sync is enabled, in server-side-encrypted AWS S3 sync snapshots.
CloudKit sync is disabled in the current model configuration.
Cloud Sync excludes raw audio files and keeps only the current and previous sync snapshots.
AI generation is optional and user-triggered.
When AI generation is used, relevant text is sent through AirNote's AWS proxy to OpenAI.
Limited customer profile, subscription, onboarding, and legal acceptance metadata is stored in AWS for account administration and compliance evidence.
Product usage analytics are sent to AirNote's AWS proxy to help understand feature usage and reliability.
OpenAI requests are made with store: false in the current code.
Clinical text is intentionally excluded from app/proxy logs.
AI outputs are drafts for therapist review and are not automatically sent to anyone.

5. Personal Data We Process

Data category Examples Where it is processed

Therapist/user contact data Name, email address, support messages, business enquiries AirNote support/business systems

Subscription and entitlement data StoreKit product ID, transaction ID, original transaction ID, JWS proof, expiry/revocation state Apple, AirNote app, AWS proxy for entitlement verification

Customer profile and onboarding metadata Mac local user/profile name, first name, practitioner type, onboarding progress, app version/build, BAA/legal acceptance metadata and document hashes AirNote app, AWS customer profile ledger

Client identifiers Client name or label, client UUID, avatar colour, consent timestamp Local AirNote app store; AWS S3 sync snapshots when Cloud Sync is enabled

Session metadata Session title, subtitle, date/time, duration, session state, template IDs, calendar event ID, calendar ID, calendar event end time, meeting URL Local app store; AWS S3 sync snapshots when Cloud Sync is enabled; sent to AI services when needed for user-triggered generation

Clinical content Transcript, clinical note, process note, client context, generated client documents, Ask AirNote conversations and answers Local app store; AWS S3 sync snapshots when Cloud Sync is enabled; sent to AWS/OpenAI only when the therapist invokes relevant AI features

Raw session audio Therapist/client tracks created during recording Local file storage only in the current implementation

Dictation audio Temporary audio for dictated context or session notes Local file storage only in the current implementation

Google Calendar data Google account email, calendar IDs/names, selected calendar IDs, event IDs, event titles, start/end times, location, meeting URL, attendee display names/email addresses, organizer/creator display names/email addresses Google, local app, Keychain/UserDefaults; selected session metadata in local records and AWS S3 sync snapshots when Cloud Sync is enabled; optional and user-enabled

Google OAuth tokens Access/refresh tokens for Calendar integration macOS Keychain only; not sent to AirNote servers

Apple Calendar data Calendar IDs/names, event IDs, event titles, start/end times, location, meeting URL Local app/EventKit/UserDefaults; optional and user-enabled

Local practice analytics Word counts and local generation event counts Local app store only by default

Cloud Sync snapshots Clients, sessions, transcripts, notes, generated documents, Ask AirNote conversations, practice analytics, audio asset metadata, settings, and tombstones. Raw audio files are excluded. AirNote app, AWS proxy, AWS S3 sync bucket, AWS DynamoDB sync metadata

Product usage analytics App launch, session create/start/stop, transcription/generation success/failure, Ask AirNote usage, document/formulation usage, error categories, coarse word-count/duration buckets, app version/build, OS version, and a random install identifier AirNote app local send queue; AWS product analytics ledger

Operational logs Request IDs, status codes, AWS request IDs, byte counts, character counts, product IDs, performance timings, error categories macOS unified logs and AWS CloudWatch Logs/CloudTrail

Exported files User-created DOC/PDF/copy/email exports and client data packs User-selected destination outside AirNote's control after export

6. How We Use Personal Data

We use personal data for the following purposes:

to provide the AirNote app and its core local record management features;
to provide Cloud Sync across signed-in installs/devices and device-loss recovery;
to transcribe audio locally on the therapist's Mac;
to generate draft clinical notes, process notes, client documents, and Ask AirNote answers when the therapist requests them;
to verify subscription entitlement before providing cloud AI features;
to maintain customer profile, onboarding, subscription, and legal acceptance records;
to understand product usage, feature reliability, and error patterns using product usage analytics;
to provide optional Google Calendar or Apple Calendar integrations when enabled by the user;
to provide support and respond to enquiries;
to troubleshoot errors and protect the security and reliability of the service;
to maintain compliance records, investigate incidents, and meet legal obligations;
to improve the product using local or aggregated/non-clinical information where available.

We do not use client/session clinical content for advertising.

We do not sell personal data.

We do not use identifiable clinical content to train general AI models.

We do not automatically send generated notes, documents, or Ask AirNote outputs to third parties.

We use Google user data only to provide and maintain user-facing Google Calendar features. We do not sell Google user data, use it for advertising, transfer it to advertising platforms or data brokers, or use it to train generalised AI or machine learning models.

Product usage analytics are enabled by default and are not currently user-configurable. They are limited to product-event metadata and safe enum-like properties. They must not include client names, session titles, transcripts, notes, documents, Ask AirNote questions or answers, prompts, raw audio, file paths, email addresses, phone numbers, or other free-text clinical content.

7. Lawful Bases

When AirNote acts as controller, our lawful bases are:

Purpose Working lawful basis
Subscription administration and provision of paid app features Article 6(1)(b), contract
Support, service communications, troubleshooting, and product operation Article 6(1)(b), contract, and/or Article 6(1)(f), legitimate interests
Security, fraud prevention, abuse prevention, incident response, and operational logging Article 6(1)(f), legitimate interests
Product usage analytics for product improvement and reliability Article 6(1)(f), legitimate interests
Legal, regulatory, tax, accounting, or compliance obligations Article 6(1)(c), legal obligation
Marketing communications and mailing lists Consent or legitimate interests, depending on the channel and final provider/consent setup
For client/session content, the therapist or clinician customer is normally the controller and is responsible for identifying and documenting their own lawful basis and special category condition.

The confirmed position documented for AirNote's intended UK therapy use case is:

Article 6(1)(f), legitimate interests; and
Article 9(2)(h), health or social care.

Each therapist/controller should still document its own position for its own practice and client records.

8. AI Processing

AirNote uses AI to help therapists create draft documentation. AI features are user-triggered.

When a therapist asks AirNote to generate a note, document, or Ask AirNote answer, AirNote may send relevant text to the AirNote AWS proxy and OpenAI. This may include:

transcript text;
process notes;
client context;
clinical notes, where relevant to the requested output;
session title and metadata;
template or prompt text;
the therapist's Ask AirNote question and prior Ask AirNote turns for that session, where needed for follow-up context;
generated output returned by OpenAI.

AirNote does not send raw audio to OpenAI in the current implementation.

The AWS proxy does not intentionally store clinical request or response bodies. The proxy sends AI requests to OpenAI with store: false where supported.

OpenAI API inputs and outputs are not used to train OpenAI models by default. AirNote's covered production OpenAI organization/project is configured with Legacy Zero Data Retention, and AirNote sends store: false where supported.

AI outputs are drafts. Therapists must review, edit, and approve outputs before relying on them or sharing them. AirNote is not a substitute for professional clinical judgement, safeguarding procedures, diagnosis, emergency care, or legal advice.

Ask AirNote conversations and answers are stored locally with the session until deletion or retention cleanup, and can be included in client data pack exports if selected.

9. Local Storage, Cloud Sync, Audio, and Retention

AirNote stores client/session records locally on the therapist's Mac in the app's Application Support area. The local store is marked not to be indexed by Spotlight, and CloudKit sync is disabled in the current model configuration.

If Cloud Sync is enabled, AirNote uploads sync snapshots to AirNote's AWS account. Sync snapshots can include client/session records, transcripts, notes, generated documents, Ask AirNote conversations, practice analytics, audio asset metadata, settings, and deletion tombstones. Raw audio files are excluded. AirNote keeps the latest sync snapshot and at most one previous replacement snapshot. If Cloud Sync is disabled, cloud sync objects and metadata are deleted. If a subscription becomes inactive, sync objects are retained for 90 days by default and then deleted by scheduled cleanup.

The default local session retention period is 180 days.

Available retention settings are:

30 days;
90 days;
180 days;
365 days.

Therapists can delete sessions and client records in the app.

Raw audio is handled differently from text records:

after successful transcription, raw session audio is deleted;
after transcription failure or app crash, retry audio may be retained for up to 7 days so the therapist can retry transcription;
after 7 days, retained retry audio is deleted;
dictation audio is deleted after transcription, or after up to 7 days if interrupted/orphaned;
exporting a client data pack deletes retained raw audio for the selected client where eligible.

Exported files are controlled by the therapist after export.

10. Calendar Integrations

Google Calendar and Apple Calendar integrations are optional.

Google Calendar

If enabled, AirNote uses Google OAuth with the openid, email, and https://www.googleapis.com/auth/calendar.readonly scopes to identify the connected Google account, show available calendars, show upcoming events from selected calendars, suggest existing client matches, create AirNote sessions from selected events, and open meeting links. The Calendar scope is read-only; AirNote does not request write access to Google Calendar.

The use and transfer of raw or derived user data received from Google Workspace APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

AirNote may access Google account email, calendar IDs/names, selected calendar IDs, event IDs, event titles, start/end times, locations, meeting URLs, attendee display names/email addresses, and organizer/creator display names/email addresses. Current UI/code does not request or store event descriptions, and event titles are not used as AirNote session titles by default.

AirNote uses Google Calendar data only to provide user-facing calendar features and related security, debugging, compliance, and support. AirNote does not sell Google user data, use it for advertising, transfer it to advertising platforms or data brokers, or use it to train generalised AI or machine learning models.

Google OAuth tokens are stored in macOS Keychain and are not sent to AirNote servers. Calendar cached state may be stored in UserDefaults. Upcoming calendar events are fetched directly by the app from Google over HTTPS and are not routed through AirNote servers.

If the therapist creates an AirNote session from a Google Calendar event, AirNote stores only the selected session metadata needed for the session record: event ID, calendar ID, session start/end time, and meeting URL. If Cloud Sync is enabled, that selected session metadata may be included in encrypted AWS Cloud Sync snapshots. If the therapist later uses AI generation for that session, derived session metadata such as date/time may be included in the AI request. Current AI request payloads do not intentionally include Google event titles, attendee details, organizer/creator details, event IDs, calendar IDs, or meeting URLs.

AirNote discloses or transfers Google user data only as described in this policy: to Google to provide OAuth and Calendar API access; to AWS only where selected session metadata is included in Cloud Sync or operational/security processing; to OpenAI only where user-triggered AI generation includes derived session date/time metadata from a calendar-created session; to legal/regulatory authorities where required; or as part of a merger, acquisition, financing, reorganisation, or sale of assets subject to appropriate confidentiality and notice where required. AirNote does not otherwise disclose Google user data to third-party service providers unless the user chooses to include it in a support request or AirNote is legally required to disclose it. AirNote does not disclose Google OAuth tokens to AWS, OpenAI, advertising platforms, or data brokers.

Users can disconnect Google Calendar, which revokes or attempts to revoke Google access and removes stored tokens and cached calendar preferences from the app. Users can also manage or revoke app access from their Google Account.

The Google Cloud Data Processing Addendum applies to AirNote's Google Calendar integration.

Apple Calendar

If Apple Calendar is enabled, AirNote uses local EventKit access on the user's Mac to show upcoming sessions and create AirNote sessions from selected calendar events. Apple Calendar event data is not routed through AirNote servers. AirNote may cache selected calendar IDs/names, event IDs, event titles, times, location, and meeting URL in UserDefaults. Current UI/code does not store Apple Calendar event notes, and event titles are not used as AirNote session titles by default.

Users can stop importing from Apple Calendar, which clears cached Apple Calendar preferences and events in AirNote. macOS Calendar permission remains controlled by the user in System Settings.

11. Subprocessors and Service Providers

AirNote currently uses or may use the following services:

Provider Purpose Data involved

AWS Hosts AirNote proxy routes, Cloud Sync S3 snapshot storage, sync/customer metadata ledgers, entitlement checks, server-side secrets, metadata-only product usage analytics, and metadata-only operational/audit logs AI request text in transit, Cloud Sync snapshots excluding raw audio, entitlement proof, request metadata, customer profile and legal acceptance metadata, product usage analytics metadata

OpenAI AI generation for notes, documents, and Ask AirNote Prompt text, transcript/context/notes/questions, prior Ask AirNote turns, generated outputs

Apple App distribution, StoreKit subscriptions, App Store transaction verification Apple account/payment data handled by Apple; StoreKit transaction metadata and entitlement proof

Google Optional Calendar OAuth/API integration Google account email, calendar IDs/names, selected calendar IDs, event IDs, event titles, event times, location, meeting URL, attendee display names/email addresses, organizer/creator display names/email addresses, and OAuth tokens stored locally in Keychain

The bundled local transcription runtime does not send audio or transcript to Hugging Face or another external transcription provider in the current implementation.

No third-party crash reporting SDK or external product analytics SDK is used in the inspected codebase. Product usage analytics are first-party events sent to AirNote's AWS proxy.

12. International Transfers

Some service providers may process personal data outside the United Kingdom.

Where required, AirNote relies on appropriate safeguards such as data processing agreements, standard contractual clauses, the UK Addendum, adequacy decisions, or other lawful transfer mechanisms.

Current vendor review notes:

OpenAI: AirNote has reviewed and accepted the OpenAI DPA. The covered production OpenAI organization/project is configured with Legacy Zero Data Retention.

AWS: AirNote uses AWS for proxy hosting, Cloud Sync S3 snapshot storage, sync/customer metadata ledgers, server-side secrets, product usage analytics, logs, and audit controls. AWS BAA evidence is filed for HIPAA readiness; AirNote should maintain AWS transfer and data-processing evidence for the production account.

Google DPA: the Google Cloud DPA applies to AirNote's Google Calendar integration and includes SCC/alternative transfer solution terms. The integration uses read-only Calendar access.

Apple: App Store/App Store Connect data is handled under Apple Developer/Paid Agreements and Apple privacy terms. Current AirNote architecture does not send clinical content to Apple.

13. Security

AirNote uses technical and organisational measures designed to protect personal data, including:

local-first storage for clinical records;
Cloud Sync snapshots stored in AWS S3 with server-side encryption, blocked public access, and current/previous snapshot limits;
local transcription;
macOS app sandboxing;
Keychain storage for Google OAuth tokens;
HTTPS/TLS for app, AWS proxy, OpenAI, Apple, and Google network calls;
server-side OpenAI and Apple credentials stored in AWS Secrets Manager for the proxy;
no intentional logging of clinical text, response body previews, or upstream body snippets;
AWS CloudWatch Logs and CloudTrail for operational and administrative activity, configured to avoid clinical request and response bodies;
raw audio deletion after successful transcription and a 7-day cap for retry audio;
user-controlled retention settings;
FileVault guidance in the app;
restricted access to incident response records.

Therapists remain responsible for securing their own Macs, accounts, backups, exports, and sharing workflows. We recommend enabling FileVault, using a strong login password, keeping macOS updated, and storing exported client records only in secure locations.

14. Data Subject Rights

Where AirNote acts as controller, you may have rights under UK data protection law, including the right to:

access your personal data;
correct inaccurate personal data;
request deletion of personal data;
restrict processing;
object to processing based on legitimate interests;
receive certain data in a portable format;
withdraw consent where processing is based on consent;
complain to the UK Information Commissioner's Office.

To exercise rights against AirNote as controller, contact support@airnoteai.com.

Where the request relates to therapy client/session records controlled by a therapist, the therapist is normally responsible for responding. If AirNote receives a request relating to therapist-controlled client/session content, we may redirect the request to the relevant therapist/customer where legally permitted and provide reasonable assistance where required.

ICO website: https://ico.org.uk/

15. Cookies and Website Analytics

airnoteai.com uses analytics, cookies, pixels, and mailing lists.

AirNote maintains provider-level details for:

analytics provider(s);
cookie and pixel provider(s), purposes, retention, and consent/opt-out controls;
embedded third-party content, if any;
mailing-list provider, lawful basis, retention, and unsubscribe flow;
support chat/helpdesk tools;
CRM tools.

This section and any cookie notice/policy should be updated when website providers, cookie categories, retention periods, or opt-out controls materially change.

16. Children and Vulnerable Clients

AirNote is intended for use by therapists and clinicians, not directly by children.

Therapists may use AirNote in practices that involve children, young people, or vulnerable adults. In those cases, the therapist/controller is responsible for confirming that use of AirNote is appropriate, lawful, transparent, and consistent with professional duties, consent/assent requirements, safeguarding obligations, and clinical record-keeping duties.

AirNote will review additional safeguards if the product is actively marketed for child therapy, safeguarding-heavy workflows, or other high-risk practice areas.

17. Automated Decision-Making

AirNote does not make solely automated clinical decisions.

Generated notes, documents, and Ask AirNote answers are drafts. Therapists remain responsible for professional judgement, clinical decisions, diagnosis, risk assessment, safeguarding decisions, treatment planning, records disclosure, and communications with clients or third parties.

18. Changes to This Policy

We may update this Privacy Policy as AirNote changes. When we make material changes, we will update the date at the top and provide additional notice where required.

19. Contact

For privacy questions, data protection requests, or support:

Email: support@airnoteai.com

Postal address:

Nomad Apps Ltd, Pilgrims Nook Bench Manor Crescent, Chalfont St. Peter, Gerrards Cross, England, SL9 9HL

You may also complain to the UK Information Commissioner's Office:

https://ico.org.uk/

Ready to get started

Download AirNote, and try it with your next session — free.

Try AirNote free

7 day free trial

then

monthly

Ready to get started

Download AirNote, and try it with your next session — free.

Try AirNote free

7 day free trial

then

monthly

Sessions

KB

Kevin Bradley

28th April 2026

Maternal rupture, interview anxiety

21st April 2026

Initial session, sibling estrangement

AJ

Alison Johnson

SF

Sarah-May Franklin

AG

Arkit Guptur

BF

Bill Fairweather

Done

Sally Franklin

Maternal rupture, interview anxiety

Transcript

|

Process Note

|

Clinical Note

|

Client Docs

Session Focus / Agenda

Broad check-in after several weeks, with focus on the impact of the mother’s recent visit, self-critical thinking, and associated stress and tiredness.


Presenting System and Client Concerns

Client described feeling scattered, tense and emotionally tired, with work stress and recurrent sensitivity to criticism. Maternal comments were experienced as activating and left her feeling ashamed, angry and “not enough.”


Parts Identified

A self-critical part/inner critic; a younger part that wants maternal approval and feels “human” rather than pathetic; an angry part that is not easily expressed; a polite/compliant part that cleans, overexplains and manages others’ reactions; and a fearful part that freezes when boundaries are needed.


Part Roles, Fears and Protective Intentions

The self-critical part appeared to attack vulnerability and shame her for wanting care. The compliant/manager part seemed aimed at preventing criticism and keeping others comfortable. The angry part held protest at being treated unfairly, while the approval-seeking part longed for warmth and acceptance from her mother. The fearful part appeared concerned that direct boundary-setting would be rude or would upset her mother.