HubSpot Apps - Security Statement
Overview
Presago’s HubSpot apps are designed according to data-minimization principles. They do not store HubSpot customer data. Our apps may process data temporarily only to provide the requested functionality.
Audit and usage logs
When you use our apps, we may collect anonymous usage analytics for:
Auditing and security purposes;
Product improvement;
Bug resolution;
Customer support.
These analytics are not intended to identify individual end users. We also ensure that no confidential information or personal data can be included in the analytics.
Data hosting and location
Any information available via the HubSpot REST API might be temporarily processed to render certain functions of the apps.
We use Cloudflare to host, serve, protect and optimize the worldwide app traffic. Data exchanged between users, HubSpot, third-party services, and Presago’s application components may traverse Cloudflare’s network and is processed by our application services solely as necessary to provide the requested functionality.
You can read the Cloudflare privacy statement at: Cloudflare's Privacy Policy | Cloudflare.
Encryption in transit: All traffic between the user browser and our server is encrypted with TLS 1.2 or higher.
Data storage and retention
Unless expressly specified for a given app/feature:
Presago does not store HubSpot customer content or personal data on its servers.
Data may be processed temporarily (transient/in-memory) to fulfill a user request and is not persisted after completion.
Disaster recovery and RTO
Depending on severity, Presago is committed to addressing incidents and service disruptions within 2 to 48 business hours.
Privacy
Presago’s apps are designed to support compliance with EU GDPR principles, including data minimization.
For more details, please refer to our Privacy Policy.
Managing Security Vulnerabilities
We monitor for vulnerabilities through automated scanning tools and periodic reviews. Vulnerabilities are prioritized and addressed according to severity:
Severity | CVSS Score | Timeframe for resolution |
|---|---|---|
Critical | CVSS v3 >= 9.0 | Fixed within 4 weeks of being reported or triaged. |
High | CVSS v3 >= 7.0 | Fixed within 6 weeks of being reported or triaged. |
Medium | CVSS v3 >= 4.0 | Fixed within 8 weeks of being reported or triaged. |
Low | CVSS v3 < 4.0 | Fixed within 25 weeks of being reported or triaged. |
Security Documentation – CAIQ Lite
Presago maintains security documentation aligned with the Cloud Security Alliance (CSA) CAIQ Lite questionnaire.
For additional details regarding our security controls and governance practices, please refer to our CAIQ Lite documentation available here: https://presago.atlassian.net/wiki/spaces/PRESDOC/pages/1135017988.
Development and Support Team
Our development and support teams are located in Italy.
For questions, clarifications, or security reports, contact us at https://presago.atlassian.net/servicedesk/customer/portals
App-specific Data Handling - SendGrid Connector for HubSpot
Data that may be processed temporarily (in transit)
To send emails through SendGrid, the following data may transit through Presago services temporarily, only for the time required to forward the request to SendGrid:
Temporary data | Purpose | Retention |
|---|---|---|
Contact email address | Recipient routing | Transient only (not persisted) |
Contact first and last name | Email personalization | Transient only (not persisted) |
Optional extra HubSpot properties selected by the admin | Email personalization | Transient only (not persisted) |