Hubalot Privacy Policy

1. Information We Collect

To provide and improve Hubalot's services, we collect:

• Account Info: Name, email address, and billing details (encrypted; payment data handled by third-party processors).
• User Content: Files uploaded or connected via integrations, AI prompts, chat responses, memory notes, and insights.
• Usage Data: IP address, device/browser type, session data, and feature usage.
• Third-Party Integrations (optional, user-initiated):
  • Google Drive: Only the files the user explicitly selects via the Google Drive Picker.
  • Gmail: Individual emails a user opens for summarization (never bulk-ingested).
  • Dropbox / Notion: Only files or pages the user explicitly selects.

We do not collect passwords. We never sell personal information.

2. Data Protection & Security

We use multiple safeguards, including:

• Encryption: AES-256 at rest; TLS 1.3+ in transit.
• Access Controls: Row-level database security ensures only the file owner can access their data.
• OAuth Security: All integrations use OAuth. We never request credentials.
• No AI Training: User content is not used to train third-party AI models.

3. Google API Scope Compliance

Hubalot follows the Google API Services User Data Policy. We request only the minimum scopes needed for user-initiated actions.

Google Drive Integration

Scope Used: https://www.googleapis.com/auth/drive.file

Purpose: Allows Hubalot to access only the specific files a user selects in Google Drive Picker.

How It Works:

1. The user clicks "Add from Google Drive" in Hubalot.
2. The Google Drive Picker opens and the user selects one or more Google Docs.
3. Hubalot receives the file ID(s) and calls the Drive API files.export method to convert the chosen Doc(s) into text.
4. The converted text is encrypted and stored in the user's private Hubalot workspace.

Important: Hubalot does not request documents.readonly, does not crawl or sync all Drive content, and never modifies Docs. Access is limited strictly to the files a user picks.

Gmail Integration

Scope Used: https://www.googleapis.com/auth/gmail.readonly (Restricted)

Purpose: Lets users open individual emails for AI summarization.

Safeguards:

• Hubalot does not ingest or store Gmail in bulk.
• Only user-requested summaries may be stored in encrypted form.
• Gmail data is not shared with external AI providers.

4. How We Use Your Data

We use data solely to:

• Provide features you request (e.g., importing documents, generating insights).
• Personalize your workspace and AI memory.
• Manage billing and product reliability.
• Improve Hubalot's performance and security.

We may use aggregated, anonymized data for analytics. We never sell user content.

5. Sharing & Disclosure

We share data only in limited cases:

• Service Providers: Hosting, storage, analytics, payments—under strict contracts.
• Integration Providers: Only to perform the action the user initiates (e.g., importing a selected file from Drive).
• Legal Requirements: If compelled by law or valid request.

6. Storage & Retention

• Plan Limits: Free 1GB / Pro 10GB / Elite 50GB.
• Retention: Data is stored only as long as necessary or legally required.
• Deletion: Users can delete individual files, summaries, or their entire account at any time.

7. User Rights

You may:

• Access, export, or delete your personal data.
• Disconnect integrations at any time.
• Opt out of personalization features.
• Unsubscribe from emails.

Hubalot complies with GDPR, CCPA, and global privacy regulations.

8. Security Monitoring

We maintain:

• Real-time anomaly detection and audit logs.
• Strict admin and role-based controls.
• Scheduled penetration testing and reviews.

9. Children's Privacy

Hubalot is not intended for users under 13. If we learn of such accounts, we will remove them immediately.

10. Updates to This Policy

We may update this policy as Hubalot evolves. Users will be notified of material changes in-app or by email.

11. Contact

Email: privacy@Hubalot.com

Security Team: security@Hubalot.com