We know the importance of data privacy and security when it comes to using Hubbl Diagnostics, which is why we’ve baked this into our product since its beginning. We have implemented measures to ensure that your data is handled responsibly and securely. The use of Hubbl Diagnostics is governed by our Terms & Conditions and a Privacy Policy that users agree to each time a scan is performed.
Hubbl Diagnostics provides value to users by allowing them to scan and visualize insights about a Salesforce org. To accomplish this, a user authorizes a secure connection to an org via OAuth2. Metadata and record counts are retrieved to a temporary, secure container filesystem to which no human has access. No transactional data is retrieved, ensuring PII/PHI compliance. The metadata is then analyzed and aggregated by the Hubbl Diagnostics’ scanners. Once the aggregated analysis is prepared, the secure token from the client org and all retrieved metadata files are deleted from our systems, unless you've elected to automatically monitor your org on an ongoing basis, in which case, tokens will be retained but securely encrypted. The aggregated analysis is then used to display visualizations, benchmarks and insights within the Hubbl Diagnostics platform.
Employees of Hubbl Diagnostics are given access to customer data only when deemed necessary for product development, user support, or marketing functions. All employees are familiar with Hubbl Diagnostic’s Privacy Policy and all employee agreements include an Employee Data Security Agreement, which explains their expectations in regards to data security and the consequences for deliberate or accidental violation of our Employee Data Security Agreement. Employees are also given ongoing security training.
All workstations which employees work from are required to have a device compliance verification platform installed and compliant. It’s checks include, but are not limited to, full disk encryption, anti-virus software running, OS patches up to date, and screen lock enabled. Mobile devices that can access company data are managed through Google BasicMDM, which allows work accounts to be wiped if required, basic passcode enforcement is also a requirement to access this data. Mobile apps which can cache, and access data are blocked, and users are required to use native Google apps to access this data on a mobile device.
Hubbl Diagnostics’ principal architect is responsible for maintaining and monitoring GDPR compliance on an ongoing basis. Minimizing personal data collection and processing is core to our product principles.
The following personal data is collected and stored in Hubbl Diagnostics:
This data is necessary so that users can access the product effectively and so that their data can be associated with the account they are using. Employees who can access this data can do so only with two-factor authentication, and in some cases IP restrictions.
Any breaches to data security would be handled in accordance with Hubbl Diagnostics Security Incident Response Plan, with any breaches communicated to users and the corresponding regional authorities. For any additional questions about your personal information or should you request it to be deleted, please send an email to support@hubbl.com. Users can keep their contact information up to date in the Account section of Hubbl Diagnostics or by contacting support@hubbl.com.
While no transactional data is collected from any Salesforce org that Hubbl Diagnostics scans, the following is how we handle the information that Hubbl Diagnostics does collect. Any sensitive information (access tokens, etc) used by Hubbl Diagnostics is encrypted at rest. All data entering or leaving the infrastructure is encrypted in transit. Production backups are snapshotted automatically and are retained for seven days.
Hubbl Diagnostics uses several partners to provide its services to users, all of whom are GDPR compliant. You can find all of their security policies outlined below.
Hubbl Diagnostics
3012 Murray Street, Unit A
Port Moody, BC V3H 1X2
e-mail: support@hubbl.com
Last Updated: May 31, 2023
