The policy states that HubSpot uses cookies, web beacons, and similar tracking technologies to monitor user activity and store information, and discloses that refusing cookies may limit access to certain service features.
This analysis describes what HubSpot's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes HubSpot's use of persistent and session-based tracking mechanisms across its services, which engages consent requirements under GDPR and ePrivacy rules for EU users and disclosure obligations under CCPA for California users.
Interpretive note: The policy does not specify which cookies are classified as essential versus non-essential or describe the full scope of the cookie consent management implementation, which affects assessment of GDPR consent standard compliance.
Under this provision, HubSpot deploys cookies and web beacons to track user activity across its services; EU users are subject to consent requirements for non-essential cookies, and California users may have opt-out rights where tracking data is shared with third parties.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
HubSpot has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We use cookies, web beacons, and similar tracking technologies to track activity on our Services and to hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.— Excerpt from HubSpot's HubSpot Privacy Policy
1. REGULATORY LANDSCAPE: This provision engages the ePrivacy Directive as implemented across EU member states, GDPR consent requirements for non-essential tracking, and CCPA and CPRA provisions addressing tracking technologies and the sharing of personal information with advertising vendors. The Irish DPC and relevant EU member state data protection authorities have jurisdiction over ePrivacy compliance. 2. GOVERNANCE EXPOSURE: Medium. Cookie consent implementation must be verified to ensure non-essential cookies do not activate prior to user consent for EU and EEA users. The disclosure that cookie refusal may limit service functionality may require evaluation under GDPR's freely given consent standard. 3. JURISDICTION FLAGS: EU and EEA users have the highest exposure given ePrivacy Directive consent requirements. California users have CPRA opt-out rights where cookie data is used for cross-context behavioral advertising. Illinois and other state biometric or tracking-specific laws may apply in certain contexts. 4. CONTRACT AND VENDOR IMPLICATIONS: Organizations embedding HubSpot tracking scripts on their own websites should assess whether those scripts deploy cookies that require consent under applicable ePrivacy or GDPR requirements and whether their cookie consent management platforms are configured to block HubSpot tracking prior to consent. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should audit HubSpot's cookie consent banner implementation to confirm it meets GDPR and ePrivacy standards for prior informed consent, and should review whether the service functionality limitation tied to cookie refusal creates a conditional consent issue under GDPR guidance.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes HubSpot's use of persistent and session-based tracking mechanisms across its services, which engages consent requirements under GDPR and ePrivacy rules for EU users and disclosure obligations under CCPA for California users.
Under this provision, HubSpot deploys cookies and web beacons to track user activity across its services; EU users are subject to consent requirements for non-essential cookies, and California users may have opt-out rights where tracking data is shared with third parties.
ConductAtlas has identified this type of provision across 78 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by HubSpot.