HubSpot Legal Stuff

by: HubSpot Employee
HubSpot Employee

September 2, 2022, Legal Stuff Update

September 2, 2022, Legal Stuff Update


HubSpot recently updated the following legal documents, which are all included in our Customer Terms of Service: 

  • November 1, 2021, Master Terms
  • May 2, 2022, Product Specific Terms 
  • November 1, 2021, Jurisdiction Specific Terms
  • September 27, 2021, Data Processing Agreement 
  • February 23, 2022, Privacy Policy

We wanted to give you some information on what's changed below.  Please remember that this is just an informal, high-level summary of the most recent changes to these documents, and that you should always make sure you’ve read and understood the complete Customer Terms of Service before you use our products or services.


General Terms Update 

We updated the name of our main terms to “General Terms.” We also made the following updates: 

  • We removed a reference to capacity packs as an example in the definition of “Add-Ons.”  You can review our Product and Services Catalog for product and services information.  
  • We added a statement to clarify that knowledge base articles are not incorporated into the Agreement; they are for information only.
  • We made some updates to our fees and payments language, including adding a new definition for Authorized Payment Methods and a transparent authorization to use your Authorized Payment Method to pay outstanding fees. 
  • We clarified that “Confidential Information” includes information that would reasonably be considered confidential. 
  • We clarified that HubSpot Payments is controlled by the HubSpot Payments Terms of Use rather than the Customer Terms of Service. 
  • We removed an out-of-date link previously included in the examples in the definition of “Third-Party Products.” 
  • We expanded the definition of “You” to include those of your Affiliates included in the scope of your purchase. 
  • We updated the suspension rights to include an opportunity for you to correct the use giving rise to the suspension (for example, consuming excessive bandwidth or storage, etc.).
  • Take a look at the Privacy Policy section to review updates related to Usage Data. 
  • We added a clarifying example in the confidentiality section to address circumstances where the Disclosing Party fails to respond or consent to disclosure.   
  • We clarified that termination under the Agreement will always align with the “Effect of Termination or Expiration” section.  
  • We updated our Force Majeure Language to not suspend payment obligations during such time.  

We’ve also made minor drafting clean-ups and clarifications across the terms.  

Product Specific Terms

We've worked to update the Product Specific terms in an effort to make it shorter and to remove duplicative language. 

  • This includes moving the Legacy Marketing Hub Terms to a separate link and consolidating terms applicable to the other hubs.  
  • We clarified the reference to the HubSpot CRM Email Sent Limit to align with the Product and Services Catalog
  • We’ve updated the Limits portion of the Free Services section to clarify use of the Free Services will not exceed typical resource consumption, including bandwidth and storage. 
  • We worked to simplify the language in the Non-Renewal Notice Period in the HubSpot CRM and Free Services section. 
  • We have updated the Retrieval of Customer Data sections, including adding relevant knowledge base articles.   
  • If you use Google Enhanced Conversions, we updated those terms as well. 
  • We clarified that your Subscription Fee will not remain fixed if you exceed your number of Users or other applicable Limits.
  • We worked to simplify the language related to Downgrades. 
  • We clarified our HubSpot Marketplace Terms of Use apply to the HubSpot Directory.  
  • We simplified the references to Alpha/Beta Services to Beta Services. 
  • We tried to simplify our Service Uptime Commitment language.
  • We updated our Phone Support section to reflect response times during our Company-wide week of rest.  


Jurisdiction Specific Terms

We are delighted to have opened multiple new offices across the globe! Accordingly, we updated our Jurisdiction Specific Terms.  

  • We have added new Contracting Entities for Customers in Spain and The Netherlands.  
  • We have worked to remove duplicative terms between the Jurisdiction Specific Terms and the General Terms. 
  • We have also stated our commitment to compliance for our customers in the European Economic Area.   


Data Processing Agreement 

Our Customer Data Processing Agreement (DPA) provides transparency into how we protect and process your data and ensures that we do so in line with all applicable laws. We’ve updated our DPA to ensure that we continue to provide the most up to date and detailed information possible. Here is a quick summary of the important changes: 

  • We previously included the full text of Module Two of the European Union Standard Contractual Clauses (SCC’s) in the DPA, we now incorporate these by reference together with Module Three to support Processor to Processor transfers (when applicable). We have also incorporated the International Data Transfer Addendum issued by the UK Information Commissioner (the UK Addendum) to supplement the SCC’s when we transfer data out of the UK. You can access the full text of the SCCs and the UK Addendum through the link in the DPA, or download the DPA PDF which includes the full text.
  • We’ve made updates to Annex 2 - Security Measures, to provide greater detail on the steps we take to keep your data safe. This includes linking out to HubSpot’s Security page where you can download additional resources such as our SOC 2 Type II Report, SOC 3 Report, Security Overview and Penetration Test Summaries. We also provide more information on areas that include:
    • Physical and environmental security
    • The way in which we perform penetration tests
    • Our access controls around your data
    • Our employee background checks; and
    • Disaster recovery planning
  • We are also excited to add our two new HubSpot entities to our list of Sub-Processors in Annex 3: HubSpot Spain, S.L. and HubSpot Netherlands B.V.n

Privacy Policy

We’ve made some updates to our Privacy Policy to make it easier for you to understand what information we collect, why we collect it, and how we use it, and to provide additional transparency around our practices regarding your personal data. We encourage you to review the full Privacy Policy here. Here’s a quick summary of the important updates:

  • We’ve made changes to how we organize our Privacy Policy so that it is easier to navigate, and you can more readily find the information that you need. For example:
    • simplifying definitions and adding more context to how we use defined terms, such as the HubSpot Subscription Service; and
    • better organizing our content to remove repetition and ensure the information is easy to find, whether you want to know what data we collect, how we use it or how we share it with third parties.
  • We’ve provided additional transparency around our data practices including how we collect, store and share your data and for what purposes, these include:
    • Greater detail on how we collect and store log files (including what data these log files include!);
    • How usage data is collected, used and shared.
  • We’ve made changes to expand the scope of our Privacy Policy to apply to the Hubspot brands the Hustle and Trends. Making this change provides consistency and transparency across HubSpot.

If you have any questions about these changes, please reach out to us using the contact information provided in the privacy policy.