Updated November 23, 2020.
HubSpot is a widely used platform for marketing, sales and service management for websites.
In this article, we look at how to make sure your use of HubSpot is GDPR and CCPA compliant and how the Cookiebot consent management platform (CMP) app in HubSpot makes it simple and easy.
Using HubSpot for your website’s inbound marketing puts third-party cookies and trackers in operation on your domain.
These will collect personal data from your users when they visit your website, such as IP addresses, search or browser history and unique IDs.
Being compliant with the GDPR and CCPA means to know exactly what cookies and trackers your website hosts, where they come from, who they send data to and how to take control of them so that the user can give their consent to the processing of their personal data and information.
Cookiebot CMP performs deep scans of your website to detect all cookies and trackers, and then automatically blocks them until the users give their consent or indicate their opt-out wishes through a simple but highly customizable consent banner.
Cookiebot CMP standard consent banner that enables full GDPR compliance for your website.
Simply find the Cookiebot CMP App and get started on full compliance for your website and its use of HubSpot.
Cookiebot CMP App in the HubSpot App Marketplace ensures plug-and-play compliance with the GDPR and CCPA on your website and bulletproof protection of your end-users’ data privacy while using HubSpot.
HubSpot has an umbrella of services that your website can use to increase traffic, optimize marketing leads and automate sales processes.
The HubSpot CRM includes –
HubSpot specializes in inbound marketing, i.e. getting customers to find your website via search engines, social media and other online platforms rather than having marketers reach out to customers.
HubSpot’s inbound marketing model for converting leads to customers to promoters.
Inbound marketing consists of four steps –
1. Attracting visitors to your website
2. Converting them into leads by collecting information about them that can be stored in your HubSpot contact base
3. Converting leads into customers by utilizing the information collected on them; through personalized and targeted content that reaches the lead in the right moment and at the right time.
4. Engaging or delighting the customer with personalized content and attention is the last step in HubSpot’s inbound marketing model; whereby existing customers become crucial figures in attracting new visitors and potential customers.
On a practical level, this means anything from automating email sequence, scheduling and tracking, optimizing templates for repeated sales outreaches and predictive customer scoring.
In short, HubSpot can help you optimize and automate every part of your website’s marketing dimension.
Using HubSpot on your website isn’t by default non-compliant with the GDPR, but it requires you to implement a process of obtaining user consents before your process their personal data.
The General Data Protection Regulation (GDPR) protects the personal data of individuals inside the EU, regardless of where in the world the website processing their information is located.
The GDPR defines personal data broadly as any information relating to an identified or identifiable natural person, including online identifiers such as cookies that collect IP addresses, search and browser history, unique IDs and more.
Using HubSpot on your website therefore requires you to operate in compliance with the GDPR.
The GDPR requires you to –
If your website uses HubSpot to e.g. track user behavior on your website or detect when they open and read an email, these processes process personal data, to which users must first give their consent.
Cookiebot CMP – and the Cookiebot CMP App in HubSpot – manages user consent through a simple and easy-to-understand consent platform that allows users to quickly get an overview of what cookies and trackers are in use, what kind of personal data they collect and whether they wish to allow their activation.
By asking for and obtaining user consent prior to any activation of third-party cookies, you ensure that your website and its use of HubSpot is in full compliance with the General Data Protection Regulation (GDPR).
Making your website’s use of HubSpot GDPR compliant is super simple – with the Cookiebot CMP App available in the HubSpot App Marketplace, GDPR compliance becomes a seamless integration into all HubSpot services.
Cookiebot CMP helps your website live up to all GDPR requirements for personal data processing on websites.
Important GDPR requirements to be aware of are –
In order to be compliant, the consent has to be -
California Consumer Privacy Act (CCPA) took effect on January 1, 2020 and regulates how businesses are allowed to collect and sell the personal information of California residents.
Unlike the European GDPR, the CCPA does not require websites to obtain the prior consent of users before they are allowed to collect, process or sell personal data.
Instead, the CCPA empowers users with the rights to know what data has already been collected, demand it deleted and opt out of further data sales to third parties.
Cookiebot CMP enables full CCPA compliance for your website as well as GDPR compliance.
CCPA compliant notice from Cookiebot CMP.
When it comes to complying with the CCPA using HubSpot, most of the functions that HubSpot implemented in the wake of the GDPR can be used, e.g. when it comes to complying with deletion requests.
HubSpot helps websites manage their inbound marketing. To do this, your website will use third-party analytics and marketing cookies from HubSpot that will process personal data from your users. The GDPR requires you to ask for and obtain the explicit consent of users before you’re allowed to do so.
The CCPA requires your website to inform users that you use HubSpot, what kinds of personal information you process and share with HubSpot and how they can opt out of having their data processed.