Security
Security & architecture
Read-only HubSpot OAuth access, portal-scoped isolation, and enterprise-friendly deployment options.
Read-only
Security & architecture
How data is accessed
- Users connect their portal via HubSpot OAuth (no separate username/password).
- The app requests only read-only scopes required for the charts (campaigns, lists, contacts, deals).
- The app never writes data back to HubSpot.
- The in-HubSpot UI uses short-lived, signed access to prevent cross-portal access.
Data handling
- We don’t store your HubSpot campaigns/contacts/deals in a database.
- We store only operational data needed to run the app (connection tokens and licensing metadata), encrypted at rest.
- Read-only responses are cached briefly to reduce HubSpot API calls and keep the UI fast.
- For enterprise requirements, we can provide dedicated hosting or deploy into your cloud environment.