Overview
Quick Spot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Chrome extension that provides custom sidebar views for HubSpot CRM.
Information We Collect
1. Account Information
- Email address (for account creation and authentication)
- Password (encrypted and stored securely)
- Account preferences and settings
2. HubSpot Integration Data
- HubSpot user ID and account information
- CRM data you choose to view (contacts, companies, deals, custom objects)
- OAuth tokens (stored securely for API access)
3. Usage Analytics
- Extension usage patterns (via PostHog Analytics)
- Feature interactions and preferences
- Error logs and performance data
- Session duration and frequency
4. Payment Information
- Stripe customer ID (for subscription management)
- Payment method details (processed securely by Stripe)
- Subscription status and billing history
5. Technical Information
- Browser type and version
- Extension version
- Basic device information
- IP address (for security and fraud prevention)
- Browser extension permissions and settings
6. Chrome Extension Specific Data
- Active tab URLs (only when extension is actively used on HubSpot pages)
- Browser storage data (for offline functionality and caching)
- Extension installation and update events
- Permission grants and revocations
How We Use Your Information
Core Functionality
- Authenticate your access to the extension
- Connect to your HubSpot account via OAuth
- Display your CRM data in custom views
- Sync and cache data for improved performance
- Tab Detection: Monitor active HubSpot tabs to automatically populate record data
- Local Storage: Store user preferences and cached data in browser storage
- Background Processing: Maintain authentication tokens and sync data
Service Improvement
- Analyze usage patterns to improve features
- Monitor extension performance and reliability
- Provide customer support and troubleshooting
Subscription Management
- Process payments and manage billing
- Send service-related communications
- Provide access to customer portal
Chrome Extension Permissions
Our extension requires the following Chrome permissions to function:
Required Permissions
- Storage: To save your preferences and cache HubSpot data locally
- ActiveTab: To detect when you're viewing HubSpot records for auto-population
- Host Permissions (HubSpot): To communicate with HubSpot APIs on your behalf
- Host Permissions (Our Services): To connect with our authentication and analytics services
- Scripting: To inject our sidebar into HubSpot pages
- SidePanel: To display the extension interface
Permission Usage
- We only access data from the specific websites listed in our permissions
- We never access browsing history, bookmarks, or data from other websites
- All permissions are used solely for the stated functionality
- You can revoke these permissions at any time through Chrome settings
Data Storage and Security
Security Measures
- Data transmission uses HTTPS encryption
- Passwords are encrypted and stored securely
- OAuth tokens are stored securely and never shared
- Payment processing handled securely by Stripe
- Chrome Extension Security: Extension reviewed by Google Chrome Web Store
- Content Security Policy (CSP): Security policies help prevent malicious code execution
Data Storage
- User accounts and preferences: Supabase (secure cloud storage)
- HubSpot data: Temporarily cached locally for performance (stored in Chrome extension storage)
- Analytics data: PostHog
- Payment data: Stripe (never stored on our servers)
- Local Browser Storage: Extension settings, authentication tokens, and cached HubSpot data
- Chrome Sync: If enabled, basic preferences may sync across your Chrome browsers
Data Retention
- Account data: Retained while your account is active
- Usage analytics: Aggregated and retained as needed for service improvement
- HubSpot data: Not permanently stored, refreshed on each use
- Payment data: Managed by Stripe per their retention policies
- Local browser storage: Cleared when extension is uninstalled or you clear browser data
- Chrome sync data: Removed when you sign out of Chrome or disable sync
Data Sharing and Third Parties
Third-Party Services
We integrate with the following trusted services:
- HubSpot: To access your CRM data (with your explicit permission)
- Supabase: For secure user authentication and data storage
- Stripe: For payment processing and subscription management
- PostHog: For privacy-focused usage analytics
Data Sharing Policies
- We never sell your personal information
- We never share your HubSpot CRM data with third parties
- We only share data with service providers necessary for core functionality
- All third-party integrations require your explicit consent
Your Rights and Choices
Access and Control
- View your data: Access your account information and settings
- Modify preferences: Control which HubSpot data you sync
- Download data: Request a copy of your account data
- Delete account: Permanently remove your account and associated data
Privacy Controls
- Manage integrations: Disconnect HubSpot or other services anytime
- Control permissions: Revoke extension permissions via browser settings
- Uninstall extension: Completely remove the extension and all local data
- Clear browser data: Remove cached extension data through Chrome settings
- Disable Chrome sync: Prevent extension settings from syncing across devices
Compliance
Regional Laws
- GDPR (EU): We aim to comply with European data protection laws
- CCPA (California): We aim to comply with California privacy regulations
- Chrome Web Store Policies: We follow Google's Chrome extension privacy requirements
User Rights
- Request access to your personal data
- Request correction of inaccurate data
- Request deletion of your account and data
- Download your account data
- Object to certain data processing
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. When we make material changes, we will:
- Update the "Last Updated" date
- Aim to notify users via email or extension notification
- Provide reasonable advance notice for significant changes
Chrome Web Store Compliance
This extension complies with all Chrome Web Store developer program policies:
Transparency Requirements
- Clear purpose: This privacy policy clearly explains all data collection and usage
- Minimal permissions: We only request permissions necessary for core functionality
- User consent: All integrations require explicit user authorization
- Data disclosure: All data sharing with third parties is clearly documented
Security Standards
- Secure coding practices: All code follows Chrome extension security best practices
- Regular updates: Extension is maintained with security patches and improvements
- Review process: All updates go through Chrome Web Store review process
Contact Information
If you have questions about this Privacy Policy or our data practices, please contact us:
- Email: quickspot.help@gmail.com
- Chrome Web Store: Quick Spot Extension support page
- Privacy Questions: quickspot.help@gmail.com
For privacy-related inquiries, contact us at quickspot.help@gmail.com
Data Processing Basis
We process your personal data based on:
- Consent: For analytics (when explicit consent is obtained)
- Contract: To provide the extension services you've requested
- Legitimate Interest: For service improvement and security
- Legal Obligation: To comply with applicable laws