Lately there has been quite a few public discussions on data privacy and security. Matters that we take seriously, and we would like to take the opportunity to share inform on how we are using personal data through HubSpot, to supply you with marketing information (e.g. this newsletter).
HubSpot is a US based company and they host product infrastructure on Amazon Web Services in the United States and Google Cloud Platform in the EU. European customer data is processed and secured in the EU before being transmitted and stored in the US. The cloud infrastructure hosted on GCP provides additional redundancy for all HubSpot customers for critical components. The European Data Protection Board (EDPB) has explained that for US based data importers (like HubSpot), SCCs (Standard Contractual Clauses) may be a valid transfer mechanism depending on assessment of adequate protection plus what supplementary measures a data importer can implement to protect data. HubSpot SCC together with several security measures, including encryption in-transit and at-rest, is how the requirements are met.
If you have questions on any of above or if you want to be removed from our database you can contact us through this link: