Sighub is officially approved by HubSpotWhat this means

sighub.io

// Data & privacy

Your HubSpot data stays yours

Sighub reads operational metadata, never message content. HubSpot remains the source of truth, while Sighub only reads signals and writes tasks.

What Sighub reads

Sighub reads operational metadata from HubSpot: timestamps, dates, status fields, amounts, currencies, and owner assignments. It never reads email body content, note content, call recordings, meeting notes, or ticket content.

What Sighub stores

  • Portal configuration (mapped properties, renewal window, owner routing)
  • Encrypted HubSpot access and refresh tokens (AES-256-GCM)
  • One risk snapshot per company (company name, signal type, severity, evidence strings, value at risk, owner name, task status, timestamps)
  • Temporary OAuth state records (single-use, 15-minute expiry)

Sighub does not store email bodies, notes, call recordings, meeting content, ticket content, or full contact/deal records.

What Sighub writes

Only HubSpot tasks: subject, body, status, priority, due date, owner (when available), and company association. Sighub does not modify existing Company, Contact, Deal, or Ticket records.

Permissions requested

Sighub requests these HubSpot scopes:

  • Companies, Contacts, Deals, and Owners (read)
  • Email activity metadata (read)
  • Tickets (read)
  • Tasks (create and update, for Sighub-created tasks only)

The sidebar card

The Sighub card appears in the HubSpot Company sidebar and shows:

  • Active signal: Renewal Risk, Engagement Risk, or Healthy
  • Explanation: why this account needs attention
  • Evidence: the specific signals behind it
  • Value at risk: the account value when available
  • Owner and last evaluated timestamp

Opening or refreshing the card can trigger a fresh scan of that company when task automation is active.

Amount at risk

The value at risk is sourced in this order:

  1. Company value: a mapped numeric property with a value > 0, plus a valid 3-letter hs_currency_code.
  2. Deal fallback: Sighub checks associated deals (active first, then closed-won, then any valid deal with a positive amount).
Sighub does not convert currencies. Amounts are displayed in their original currency without normalization.

Scan frequency

Sighub is not real-time. Scans are triggered three ways:

  • Scheduled: a background scheduler checks every 60 minutes and runs a full portal scan when the last completed scan was at least 23 hours ago.
  • On open / refresh: opening the Sighub card or settings panel can trigger a scan.
  • Manual: from the settings panel.

The only HubSpot webhook used is for app lifecycle events (e.g., uninstall).

Uninstall and reauthorization

Uninstall

When Sighub is uninstalled from HubSpot, all stored portal data (configuration, tokens, risk snapshots) is deleted. HubSpot tasks previously created by Sighub are not removed.

Reauthorization

If token refresh fails or HubSpot returns repeated authentication errors, the portal is marked as requiring reauthorization. Scanning pauses for that portal until you reconnect via the Sighub settings.

See also: Privacy Policy

Previous
Tasks
Next
Limitations & FAQ