Understanding hapily's Data Security

When you connect hapily to your HubSpot portal, you’re trusting us to handle your data carefully and responsibly. Data protection is a foundational part of how we build and operate our products.

 

Our goal is always the same: keep customer information secure, limit what we store, and ensure everything flows through controlled, well-monitored systems.

This overview outlines how we manage access, where data is processed, what we store, and how we stay compliant with key data protection requirements. 

 

 

 

1. How do we control and monitor access to customer data and systems?

For full detail, our SOC 2 report is the best resource.

At a high level, we follow strict internal access policies to ensure that only the necessary team members can view customer-specific data.

All access to your HubSpot portal uses OAuth with industry-standard authentication. Requests are logged and monitored as part of our ongoing operational reviews.

2. Where is customer data stored, processed, and backed up?

Customer data is only lightly processed on our servers in the United States. We intentionally keep stored data to the bare minimum. The only information we retain is the list of HubSpot users who have access to the event•hapily admin interface.

All event data, including records created through our app, is stored directly in HubSpot according to HubSpot’s infrastructure and compliance standards.

We do not currently support EU or UK alternatives for data storage or processing.

3. Do we use subcontractors to handle customer data?

No.

We do not use subcontractors for customer data handling. The third-party sub-processors listed on our website support platform-level operations but do not act as subcontractors with direct access to customer data.

4. How do we ensure compliance with UK GDPR and local data protection laws?

Our privacy and security framework follows the same control structure we use for our SOC 2 alignment. This includes strict data handling processes, controlled system access, and regular security reviews.

These safeguards support compliance with UK GDPR and other applicable data protection requirements.

5. How is customer data segregated in our environment?

Because we store very little data, segregation is simple and controlled. Any customer information we do retain is partitioned by HubSpot portal ID, keeping each environment isolated and properly separated.

For customers who need deeper detail, our SOC 2 documentation provides the full technical breakdown.

If you have questions about a specific security concern, our team is always available to help at care@hapily.com.