The link to the Airtable privacy page is already an excellent repository of information and can answers a lot of your questions.
My organization just completed its audit and review of Airtable’s SOC 2 report and their ISO 27001.
It was the second most comprehensive SOC 2 report I’ve ever reviewed, second to Salesforce’s.
I’m gagged on sharing the documents for you to see, but between the reports and the relationship I have with Airtable, I can say that you can confidently trust Airtable with your data.
Something I do want to highlight for you is Airtable’s pivot towards enterprise business.
While the strong push to focus on enterprise sales is not the most directly beneficial thing to us, and even more so to the community developers and consultants, we do have the added peace of mind that comes with knowing that we are protected by the same data integrity measures held for the database as a whole.
In my experience, the weakest link regarding privacy of Airtable data is the users themselves. If you grant even read-only access to your base, users can see everything and instantly copy your data without you ever knowing.
@kuovonne took the words out of my mouth. In my opinion, Airtable should be considered a low-security platform. It might have decent privacy (I do not know about this), but it doesn’t have great security.