Hubspot
Implementation Summary
Fides uses the following Hubspot endpoints to retrieve and delete Personally Identifiable Information (PII) when processing a Privacy Request. Right to Access and Right to Delete (Right to Forget) support for each endpoint is noted below.
| Endpoint | Right to Access | Right to Delete |
|---|---|---|
| Search (opens in a new tab) | Yes | No |
| Contacts (opens in a new tab) | Yes | Yes |
| Owners (opens in a new tab) | Yes | No |
| Communication Preferences (opens in a new tab) | Yes | Yes |
| Users (opens in a new tab) | Yes | Yes |
Scopes
The following Hubspot scopes are required for executing privacy requests:
- crm.objects.contacts.read
- crm.objects.contacts.write
- crm.objects.owners.read
- communication_preferences.read
- communication_preferences.write
- settings.user.read
- settings.users.write
Connection Settings
Connection instructions may be found in the configuration guide.
Deletion requests are fulfilled by masking PII via UPDATE endpoints.
To give Fides permission to delete personal data using DELETE endpoints, ensure the masking_strict variable in your fides.toml file is set to false. Read how to set Fides configuration variables here.
Example Hubspot Configuration
saas_config:
fides_key: hubspot_connector_example
name: Hubspot SaaS Config
type: hubspot
description: A sample schema representing the Hubspot connector for Fides
version: 0.0.1
connector_params:
- name: domain
default_value: api.hubapi.com
- name: private_app_token
client_config:
protocol: https
host: <domain>
authentication:
strategy: bearer
configuration:
token: <private_app_token>
test_request:
method: GET
path: /companies/v2/companies/paged
endpoints:
- name: contacts
requests:
read:
path: /crm/v3/objects/contacts/search
method: POST
body: |
{
"filterGroups": [{
"filters": [{
"value": "<email>",
"propertyName": "email",
"operator": "EQ"
}]
}]
}
query_params:
- name: limit
value: 100
param_values:
- name: email
identity: email
data_path: results
pagination:
strategy: link
configuration:
source: body
path: paging.next.link
update:
path: /crm/v3/objects/contacts/<contactId>
method: PATCH
body: |
{
<masked_object_fields>
}
param_values:
- name: contactId
references:
- dataset: hubspot_connector_example
field: contacts.id
direction: from
- name: owners
requests:
read:
path: /crm/v3/owners
method: GET
query_params:
- name: limit
value: 100
param_values:
- name: placeholder
identity: email
postprocessors:
- strategy: unwrap
configuration:
data_path: results
- strategy: filter
configuration:
field: email
value:
identity: email
pagination:
strategy: link
configuration:
source: body
path: paging.next.link
- name: subscription_preferences
requests:
read:
path: /communication-preferences/v3/status/email/<email>
method: GET
param_values:
- name: email
identity: email
update:
path: /communication-preferences/v3/unsubscribe
method: POST
body: |
{
"emailAddress": "<email>",
"subscriptionId": "<subscriptionId>",
"legalBasis": "LEGITIMATE_INTEREST_CLIENT",
"legalBasisExplanation": "At users request, we opted them out"
}
data_path: subscriptionStatuses
param_values:
- name: email
identity: email
- name: subscriptionId
references:
- dataset: hubspot_connector_example
field: subscription_preferences.id
direction: from
postprocessors:
- strategy: filter
configuration:
field: status
value: SUBSCRIBED
- name: users
requests:
read:
path: /settings/v3/users/
method: GET
query_params:
- name: limit
value: 100
param_values:
- name: placeholder
identity: email
postprocessors:
- strategy: unwrap
configuration:
data_path: results
- strategy: filter
configuration:
field: email
value:
identity: email
pagination:
strategy: link
configuration:
source: body
path: paging.next.link
delete:
path: /settings/v3/users/<userId>
method: DELETE
param_values:
- name: userId
references:
- dataset: hubspot_connector_example
field: users.id
direction: from