HubHorizon is a CRM health analysis tool for HubSpot. It connects to your portal via OAuth, analyzes your properties, data quality, and process alignment, and gives you composite health scores, AI readiness assessments, and prioritized recommendations. Think of it as an independent audit of your HubSpot setup.

RevOps teams who want to measure and improve their CRM health. HubSpot partners who audit client portals. And anyone managing a HubSpot portal who wants to know what to fix first. It works on every HubSpot tier, from Free to Enterprise.

Is my HubSpot data safe?

Yes. We use OAuth 2.0 for authentication — we never see or store your HubSpot password. We read your property configurations for analysis. Write access is only used for optional property management features (like pushing templates), and every write operation is auditable with rollback support. You can revoke access anytime from your HubSpot settings.

What data do you access?

We access property definitions, object schemas, and metadata about your CRM structure. We do not access individual contact records, emails, or sensitive customer data. Our analysis focuses on your CRM configuration, not your customer information.

Are you GDPR compliant?

Yes. All data is hosted on Hetzner Cloud in Finland (EU). AI processing runs through Mistral AI in Paris, France. We have zero US subprocessors. We provide full data export and deletion capabilities, and a Data Processing Agreement (DPA) is available on request. You can delete your account and all associated data at any time.

What do I get for free?

You get a free preview of your health scores after connecting your portal. This shows you your overall health score and key metrics. To unlock the full analysis with detailed recommendations, export capabilities, and monthly refreshes, you upgrade to an annual plan starting at €199/year.

Is this a subscription?

Yes. Individual portal plans are billed annually (€199/year for Premium, €399/year for Pro) and include unlimited monthly refreshes. You can cancel anytime — your access continues until the end of your billing period. HubSpot Partners have annual subscription options for multiple portals.

We offer a free preview so you can evaluate the full analysis before purchasing. Because you can thoroughly assess the product before paying, we don't offer refunds after purchase. If you have concerns, contact us — we're committed to making HubHorizon valuable for your team.

Which HubSpot plans do you support?

HubHorizon works with all HubSpot plans — Free, Starter, Professional, and Enterprise. Some advanced scores (like methodology tracking) may show limited data on Free plans due to available features, but core health analysis works on any plan.

How long does the analysis take?

Initial analysis typically completes in 1-3 minutes, depending on the size of your portal. Larger portals with hundreds of custom properties may take slightly longer. You will see a progress indicator while we analyze.

Will this affect my HubSpot performance?

No. We use HubSpot's official APIs with rate limiting built in. Analysis uses read-only access and has no impact on your portal performance or your users' experience.

Can I disconnect HubHorizon?

Yes, anytime. Go to your HubSpot settings → Integrations → Connected Apps and revoke access. You can also delete your HubHorizon account entirely, which removes all stored data.

Security — How We Protect Your HubSpot Data

How we protect your HubSpot data. Everything on this page describes what is actually implemented today.

Infrastructure

Everything runs in the EU. We self-host our database and analytics on our own servers, not through third-party SaaS.

Service	Provider	Location
Application + database	Hetzner Cloud (self-hosted Supabase)	Helsinki, Finland
AI processing	Mistral AI	Paris, France
Analytics	Plausible CE (self-hosted)	Helsinki, Finland
Payments	Mollie B.V.	Netherlands

Encryption

OAuth tokens: Encrypted with AES-256-GCM using PBKDF2 key derivation (100,000 iterations) and a random 16-byte salt per operation. Tokens are never stored in plaintext.
In transit: All connections use TLS 1.2 or higher.
At rest: Database storage is encrypted at the filesystem level.
Client-side: No sensitive data is stored in the browser. Authentication tokens are handled by Supabase's secure session management.

Authentication and access control

HubSpot OAuth 2.0: We never see or store your HubSpot password. Access is granted via OAuth consent and can be revoked at any time from your HubSpot settings.
Application auth: Supabase JWT-based authentication with secure session handling.
Row-Level Security: Every database table is protected by RLS policies. Users can only access data belonging to their own portals.
Edge function auth: Every API call validates the JWT, verifies the user identity, and confirms portal ownership before processing.

Data handling

We access your HubSpot portal to analyse property configurations and compute health scores. Here is exactly what we access and store:

Data type	Accessed	Stored
Property definitions (names, types, labels)	Yes	Yes (metadata only)
Record samples (up to 1,000 per object)	Yes	No — processed in memory, then discarded
Aggregate scores and statistics	Computed	Yes
Individual contact/deal/company records	No	No
Write operations (property edits)	User-initiated only	Audit log (90-day retention)

AI processing

AI features (property suggestions, descriptions, embeddings) are processed by Mistral AI in Paris, France.

Only property metadata is sent (names, descriptions, types) — not individual record values
Per Mistral AI's data processing terms, API data is not stored beyond the request and is not used for model training
All processing stays within the EU

GDPR compliance

Data controller: HubHorizon.io, a Finnish sole proprietorship
DPA: A Data Processing Agreement is available for all customers
Data export: Full export available on request
Right to erasure: Delete your account and all associated data at any time
Supervisory authority: Office of the Data Protection Ombudsman (Finland)

Security roadmap

What we're working on next:

Planned

SOC 2 Type II certification

Planned

ISO 27001 certification

Coming soon

Bug bounty programme

Questions?

For security questions, vulnerability reports, or to request a security questionnaire, contact us at security@hubhorizon.io.