HubHorizon is a CRM health analysis tool for HubSpot. It connects to your portal via OAuth, analyzes your properties, data quality, and process alignment, and gives you composite health scores, AI readiness assessments, and prioritized recommendations. Think of it as an independent audit of your HubSpot setup.

RevOps teams who want to measure and improve their CRM health. HubSpot partners who audit client portals. And anyone managing a HubSpot portal who wants to know what to fix first. It works on every HubSpot tier, from Free to Enterprise.

Is my HubSpot data safe?

Yes. We use OAuth 2.0 for authentication — we never see or store your HubSpot password. We read your property configurations for analysis. Write access is only used for optional property management features (like pushing templates), and every write operation is auditable with rollback support. You can revoke access anytime from your HubSpot settings.

What data do you access?

We access property definitions, object schemas, and metadata about your CRM structure. We do not access individual contact records, emails, or sensitive customer data. Our analysis focuses on your CRM configuration, not your customer information.

Are you GDPR compliant?

Yes. All data is hosted on Hetzner Cloud in Finland (EU). AI processing runs through Mistral AI in Paris, France. We have zero US subprocessors. We provide full data export and deletion capabilities, and a Data Processing Agreement (DPA) is available on request. You can delete your account and all associated data at any time.

What do I get for free?

You get a free preview of your health scores after connecting your portal. This shows you your overall health score and key metrics. To unlock the full analysis with detailed recommendations, export capabilities, and monthly refreshes, you upgrade to an annual plan starting at €199/year.

Is this a subscription?

Yes. Individual portal plans are billed annually (€199/year for Premium, €399/year for Pro) and include unlimited monthly refreshes. You can cancel anytime — your access continues until the end of your billing period. HubSpot Partners have annual subscription options for multiple portals.

We offer a free preview so you can evaluate the full analysis before purchasing. Because you can thoroughly assess the product before paying, we don't offer refunds after purchase. If you have concerns, contact us — we're committed to making HubHorizon valuable for your team.

Which HubSpot plans do you support?

HubHorizon works with all HubSpot plans — Free, Starter, Professional, and Enterprise. Some advanced scores (like methodology tracking) may show limited data on Free plans due to available features, but core health analysis works on any plan.

How long does the analysis take?

Initial analysis typically completes in 1-3 minutes, depending on the size of your portal. Larger portals with hundreds of custom properties may take slightly longer. You will see a progress indicator while we analyze.

Will this affect my HubSpot performance?

No. We use HubSpot's official APIs with rate limiting built in. Analysis uses read-only access and has no impact on your portal performance or your users' experience.

Can I disconnect HubHorizon?

Yes, anytime. Go to your HubSpot settings → Integrations → Connected Apps and revoke access. You can also delete your HubHorizon account entirely, which removes all stored data.

Privacy Policy — HubHorizon CRM Health Analysis

1. Data controller

HubHorizon.io, a Finnish sole proprietorship ("we", "us", "our"), is the data controller for the personal data collected through this application. Contact us at privacy@hubhorizon.io for any data protection inquiries.

2. Data we collect

We collect the following categories of personal data:

Account data: Email address, password (encrypted), full name
HubSpot portal metadata: Portal ID, portal name, property definitions (names, types, labels, descriptions, usage statistics, group assignments)
Record sample data: During analysis, we access a sample of property values (up to 1,000 records per object type — contacts, companies, deals, tickets) to compute fill rates, value distributions, and data quality scores. This data is processed transiently in memory and is not stored beyond the analysis session. Only aggregate statistics (e.g., "65% of contacts have a phone number") are retained.
Lead data: Email address for newsletter subscribers
Usage data: Analysis history, property actions, timestamps
Payment data: Transaction records processed by Mollie (we do not store card details)

3. Legal basis for processing

We process your data based on:

Contract (Art. 6(1)(b) GDPR): Processing necessary to provide our analysis services, including accessing HubSpot portal data via OAuth
Consent (Art. 6(1)(a) GDPR): For email marketing and optional analytics
Legitimate interest (Art. 6(1)(f) GDPR): For service improvement, security monitoring, and fraud prevention
Legal obligation (Art. 6(1)(c) GDPR): For tax and financial record-keeping

4. How we use your data

To analyze your HubSpot property configuration and data quality
To compute fill rates and value distributions from record samples (processed transiently, not stored)
To provide health scores, AI readiness assessments, and recommendations
To generate AI-powered property suggestions and descriptions
To send service-related communications
To send marketing emails (only with your consent)
To improve our services

5. Data retention

We retain your data only as long as necessary for the purposes described. Specific retention periods:

Data type	Retention period
Account data	Duration of service + 30 days
Analysis results (aggregate)	12 months from last analysis
Record sample data	Not stored — processed transiently during analysis only
Audit logs	90 days
Payment records	7 years (Finnish tax law)
Lead email addresses	Until unsubscribe

You can request deletion at any time.

6. Data sharing

We share data only with the following service providers:

Mollie B.V.: Payment processing (PCI DSS compliant, Netherlands, EU)
HubSpot, Inc.: API access to your portal data via OAuth (US, covered by EU-US Data Privacy Framework)
Mistral AI: AI-powered property suggestions, descriptions, and embeddings (Paris, France, EU). Property metadata is sent for processing — no data is stored by Mistral beyond the request, and it is not used to train AI models.

Self-hosted infrastructure: Our database (Supabase) and analytics (Plausible) are self-hosted on our own servers at Hetzner in Finland, EU. They are not third-party SaaS services — we control the infrastructure directly.

We do NOT sell your personal data.

7. Your rights (GDPR)

You have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a machine-readable format
Object: Object to processing based on legitimate interests
Withdraw consent: Unsubscribe from marketing at any time

To exercise these rights, contact us at privacy@hubhorizon.io or use the data export feature in your dashboard. We will respond within 30 days as required by GDPR.

8. Data security

We implement appropriate technical and organizational measures including encryption at rest (AES-256) and in transit (TLS 1.2+), role-based access controls, and regular security assessments. HubSpot OAuth tokens are stored encrypted and never exposed to the client.

9. Local storage and preferences

We use your browser's local storage (not cookies) to store the following preferences and session data:

Authentication tokens: Required for the app to function (essential)
Theme preference: Light/dark mode setting
Onboarding state: Tracks your setup progress
Consent preference: Your storage preference choices
Analysis cache: Cached analysis results for faster page loads

This data is stored only in your browser and is not transmitted to our servers (except authentication tokens, which are sent with API requests). You can clear this data at any time through your browser settings.

10. Website analytics

We use a self-hosted instance of Plausible Analytics to understand how visitors use our website. Plausible is a privacy-focused, open-source analytics tool that:

Does not use cookies — no tracking cookies are set
Does not collect personal data — no IP addresses, device fingerprints, or persistent identifiers are stored
Is fully self-hosted on our EU servers (Hetzner, Finland) — no data is sent to third parties
Collects only aggregate metrics — page views, referral sources, browser type, and country (derived from IP, then immediately discarded)

The legal basis for this processing is legitimate interest (Art. 6(1)(f) GDPR). Since Plausible does not use cookies or collect personal data, no consent is required under the ePrivacy Directive.

11. International transfers

All our core infrastructure is located within the European Economic Area (EEA):

Application and database: Hetzner, Finland (EU)
AI processing: Mistral AI, Paris, France (EU)
Analytics: Self-hosted Plausible, Hetzner, Finland (EU)
Payments: Mollie B.V., Netherlands (EU)

The only international transfer outside the EEA is to HubSpot, Inc. (US) when we access your portal data via their API. This transfer is covered by the EU-US Data Privacy Framework, under which HubSpot is certified.

12. HubSpot marketplace compliance

As a HubSpot ecosystem application, we comply with:

HubSpot's Acceptable Use Policy
HubSpot's App Partner Program Agreement
HubSpot's Developer Terms and API Use Policy

We process HubSpot data only as authorized through the OAuth consent flow and for the purposes described in this policy. We only request OAuth scopes necessary for the service's functionality. Users are also bound by HubSpot's own Terms of Service when using HubSpot data through our service.

13. Data deletion requests

You can request complete data deletion by:

Emailing privacy@hubhorizon.io
Using the "Delete My Data" button in your account settings
Disconnecting your HubSpot portal (removes all portal data)

When HubSpot notifies us of a data deletion request (GDPR compliance), we remove any associated data within 24 hours.

14. AI data processing

Our AI-powered features (property suggestions, descriptions, embeddings) are processed by Mistral AI (Paris, France, EU). Your data is:

Not used to train AI models
Not stored by the AI provider beyond the request
Processed only for generating immediate responses
Limited to property metadata (names, descriptions, types) — not individual record values
Processed entirely within the EU (no data leaves the EEA for AI processing)

15. Children's privacy

Our service is designed for business professionals and is not directed at children. We do not knowingly collect personal data from children under 16 years of age (per GDPR) or 13 years of age (per COPPA). If we become aware that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at privacy@hubhorizon.io.

16. Changes to this policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email (if you have an account) and by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the service after the effective date constitutes acceptance of the updated policy. The "Last updated" date at the top of this page indicates when the policy was last revised.

17. Contact and complaints

For privacy inquiries: privacy@hubhorizon.io
You also have the right to lodge a complaint with your local data protection authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto).