Security
HubSpot security and reliability
How Company Data Guys handles HubSpot OAuth tokens, app-card requests, privacy, and reliability.
- Token storage
- Encrypted at rest
- OAuth endpoint
- HubSpot v3
- Card requests
- Signature-verified
- AI training
- Excluded
§ 01Controls
Auth
OAuth and tokens
The app uses HubSpot OAuth, exchanges tokens through HubSpot's date-based OAuth v3 token endpoint, stores refresh tokens encrypted at rest, and does not expose tokens in docs or dashboard UI.
Request integrity
Signed app-card requests
App-card requests are sent by HubSpot to Company Data Guys. The backend validates HubSpot request signatures before processing enrichment requests.
Operations
Reliability
When a company profile cannot be resolved from the available fields, the app reports the problem in the card instead of writing unrelated data. The app records the last successful card activity timestamp for support and audit.
Privacy
No model training
Customer HubSpot data is used only to provide the integration. It is not used to train or improve shared AI or machine-learning models.