revtrace

Your data security is non-negotiable

RevTrace is built with a zero-trust approach to your HubSpot data. Read-only access, no raw data stored, encryption everywhere.

How we protect your data

Read-only access

RevTrace connects to your HubSpot portal with read-only OAuth permissions. We cannot create, update, or delete any records in your portal. Your data stays exactly as it is.

Zero raw data storage

We never store raw HubSpot records — no contacts, deals, companies, or tickets. All CRM data is processed in memory during an audit. Only aggregated, anonymized findings are saved (e.g., '12 deals missing close dates' — not the deals themselves).

Encryption at rest and in transit

All connections use HTTPS/TLS. OAuth tokens are encrypted with AES-256-GCM before storage. Passwords are hashed using industry-standard algorithms — never stored in plaintext.

Instant disconnect

You can disconnect your HubSpot portal at any time from your RevTrace settings. Disconnecting immediately revokes API access and clears all stored OAuth tokens.

Infrastructure security

RevTrace is hosted on Vercel with automatic SSL, DDoS protection, and edge caching. Our database runs on Neon Postgres with point-in-time recovery and automated backups.

GDPR-by-design

Our architecture was built for GDPR compliance from day one. No personal data from your CRM enters our database. Account deletion, data export, and audit logging are all available.

Compliance & certifications

We take a proactive approach to compliance, implementing controls before they're required.

SOC 2 Type IFoundational controls in place
GDPRCompliant by design
Data encryptionAES-256-GCM at rest, TLS in transit
Audit loggingAll access events logged
Penetration testingRegular third-party assessments
Dependency scanningAutomated via Dependabot + npm audit

Questions about security?

Read our full privacy policy or contact us at privacy@revtrace.ai.

Start Free Audit
Start Free Audit