Privacy Policy
At Harbor HQ, we believe privacy is the foundation of effective command. Our commitment to transparency means being clear about what data we access and why.
1. Data Architecture
We utilize a zero-trust architecture. Your credentials for third-party services are never stored in plain text and are encrypted at the service level using AES-256-GCM.
Identity
We store only your email, name, and profile picture provided via Google authentication.
Credentials
OAuth 2.0 tokens are encrypted with military-grade standards and rotated automatically.
Metadata
We store platform usage statistics to optimize your command center experience.
2. Data Processing Roles
You are the Controller
You maintain absolute control over the data processed. HarborHQ acts solely as a Processor, executing commands and synchronizing data across your connected services as directed.
We are the Processor
Our access is scoped to the specific permissions you grant. We do not sell your data, nor do we use it for advertising purposes.
3. Infrastructure Partners
Infrastructure
Google Cloud Platform with strictly scoped access.
Isolation
Role-based access control and organization-level data segregation.
4. Connected Services Inventory
HarborHQ integrates with the following professional services to unify your business operations. We request only the minimum scopes required for each integration.
Productivity & Cloud Storage
Google (Sheets, Drive), Microsoft 365 (Excel, OneDrive), Airtable, Dropbox, Amazon S3
Databases & Infrastructure
Supabase, Firestore, Railway, Neon, PostgreSQL, MySQL, MongoDB, MSSQL
Financial & Accounting
QuickBooks, Xero, FreshBooks, Wave
Marketing, CRM & Messaging
Salesforce, HubSpot, Zoho, Facebook, Instagram, X (Twitter), LinkedIn, TikTok, YouTube, Mailchimp, Telegram
GDPR Compliance
For our users in the EEA and UK, we operate under strict GDPR guidelines. You have the right to access, rectify, export, and delete your data at any time.
Contact Us
Questions regarding your data?
mail@harborhq.com