hapily is Committed to Protecting Your Information
Your financial data is the most critical asset your company has, and we promise to keep that information and data private and secure.
In addition to our diligent efforts to enforce technical security, an important part of that promise is our commitment to transparency. Transparency in what information we have and transparency in how we protect it. This page aims to answer any of your privacy and security questions. You should also review our Terms of Service.
hapily's data privacy and security practices are currently undergoing an independent review and application security testing in an effort to attain SOC2 compliance. We expect to complete this review in Q1 2024.
What We Do
You might have reached this page at the request of a colleague who has asked for approval to use Zaybra to integrate Stripe's payment processing platform with HubSpot CRM. Zaybra allows users to manage Stripe subscriptions and import transaction information into HubSpot.
Personally Identifiable Information (PII)
When you activate Zaybra in HubSpot CRM, we collect Personally Identifiable Information (PII) from licensed HubSpot Users (not HubSpot Contacts). This information includes name, email address, and phone number.
Zaybra unifies the Stripe and HubSpot platforms. As a result, Zaybra can read and write data to these systems.
Your data is encrypted at all times using bank-grade technology, including:
- All incoming and outgoing data is encrypted in transit using SSL/TLS 1.2.
- All data is encrypted at rest using AES-256-GCM.
- Our databases are encrypted on secure cloud file systems hosted by Amazon Web Services.
- Authentication tokens are encrypted at rest using AES-256-GCM.
- We leverage AWS KMS for secure encryption key storage and management.
Your users authorize Zaybra to access HubSpot by way of the OAuth security protocol. This means that we never see your HubSpot password, and you have the ability to turn off our access to HubSpot at any time. We request the lowest level of permission that allows us to provide our service.
In order to access Stripe information, your administrator will give Zaybra Stripe API keys. These keys are double-encrypted and stored as described above.
Data We Store
The following data is stored at rest in our encrypted databases:
- Stripe Data
Stripe Customer data: ID, name, email, phone, shipping address
Charge data: transaction amounts, related customer IDs
Daily transaction volume
Stripe customer and charge data is only stored for up to 30 days.
- HubSpot Data
HubSpot users: ID, name, email
The following is a list of the major third-party vendors we use to provide the service.
Amazon Web Services
hapily uses AWS to host Zaybra application services, data, and content securely. hapily services are hosted in the “us-east-2” region across multiple availability zones to ensure high availability.
hapily uses Hubspot to host our website, www.zaybra.com, and as our marketing automation platform. In addition to storing customer information, we sync some user-specific application usage data for marketing and operational purposes.
hapily uses Postmark to deliver transactional emails to Zaybra users to notify them of account-related events.
hapily uses FusionReactor to monitor server availability and application performance.
Data Deletion Policy
As described in the hapily Terms of Service, you may request the deletion of your account at any time.
When a request is received, hapily will delete customer data according to our Data Deletion Policy, which is available upon request to review.
Vulnerability Disclosure Policy
We encourage third-parties to report bugs and vulnerabilities that they may have discovered.
For any reports, please provide supporting information, such as your account information (if applicable), relevant software platform details, and steps to reproduce.
Please submit reports by emailing email@example.com.