Skip to content

hapily is Committed to Protecting Your Information

Your financial data is the most critical asset your company has, and we promise to keep that information and data private and secure.

In addition to our diligent efforts to enforce technical security, an important part of that promise is our commitment to transparency. Transparency in what information we have and transparency in how we protect it. This page aims to answer any of your privacy and security questions. You should also review our Terms of Service.

 

hapily's data privacy and security practices are currently undergoing an independent review and application security testing in an effort to attain SOC2 compliance. We expect to complete this review in Q1 2024.

 

What We Do

You might have reached this page at the request of a colleague who has asked for approval to use saas•hapily to integrate Stripe's payment processing platform with HubSpot CRM. saas•hapily allows users to manage Stripe subscriptions and import transaction information into HubSpot.

 

Personally Identifiable Information (PII)

When you activate saas•hapily in HubSpot CRM, we collect Personally Identifiable Information (PII) from licensed HubSpot Users (not HubSpot Contacts). This information includes name, email address, and phone number. 

Customer Data

saas•hapily unifies the Stripe and HubSpot platforms. As a result, saas•hapily can read and write data to these systems.

 

Application Security

360° Encryption

Your data is encrypted at all times using bank-grade technology, including:

  • All incoming and outgoing data is encrypted in transit using SSL/TLS 1.2.
  • All data is encrypted at rest using AES-256-GCM.
  • Our databases are encrypted on secure cloud file systems hosted by Amazon Web Services.
  • Authentication tokens are encrypted at rest using AES-256-GCM.
  • We leverage AWS KMS for secure encryption key storage and management.

Secure Authentication

Your users authorize saas•hapily to access HubSpot by way of the OAuth security protocol. This means that we never see your HubSpot password, and you have the ability to turn off our access to HubSpot at any time. We request the lowest level of permission that allows us to provide our service.

In order to access Stripe information, your administrator will give saas•hapily Stripe API keys. These keys are double-encrypted and stored as described above.

Data We Store

The following data is stored at rest in our encrypted databases:

  • Stripe Data

    • API keys

    • Stripe Customer data: ID, name, email, phone, shipping address

    • Charge data: transaction amounts, related customer IDs

    • Daily transaction volume

    • Stripe customer and charge data is only stored for up to 30 days.

  • HubSpot Data

    • HubSpot users: ID, name, email

 

Third-party Vendors

The following is a list of the major third-party vendors we use to provide the service.

Amazon Web Services

hapily uses AWS to host saas•hapily application services, data, and content securely. hapily services are hosted in the “us-east-2” region across multiple availability zones to ensure high availability.

More information:

aws.amazon.com | Amazon Cloud Security | Amazon Cloud Compliance

Hubspot

hapily uses Hubspot to host our website, www.saas•hapily.com, and as our marketing automation platform. In addition to storing customer information, we sync some user-specific application usage data for marketing and operational purposes.

More information:

hubspot.com | Hubspot Security

Postmark

hapily uses Postmark to deliver transactional emails to saas•hapily users to notify them of account-related events.

More information:

postmarkapp.com | Postmark Security

FusionReactor

hapily uses FusionReactor to monitor server availability and application performance.

fusion-reactor.com | FusionReactor Security

 

Data Deletion Policy

As described in the hapily Terms of Service, you may request the deletion of your account at any time.

When a request is received, hapily will delete customer data according to our Data Deletion Policy, which is available upon request to review. 

 

Vulnerability Disclosure Policy

We encourage third-parties to report bugs and vulnerabilities that they may have discovered. 

For any reports, please provide supporting information, such as your account information (if applicable), relevant software platform details, and steps to reproduce.

Please submit reports by emailing security@hapily.com.