How This Briefing Works
This dossier opens with key findings, then maps the gap between what HubSpot discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.
At a Glance
across 193 sites
vendor fires before consent
1 HIGH
Briefing
HubSpot is a publicly traded (NYSE: HUBS) marketing automation and CRM platform based in Cambridge, Massachusetts, detected on 198 sites with 285 total detections. The platform exhibits a 47.4% pre-consent tracking rate, creating tension with their SOC2, GDPR, and CCPA compliance claims. Critically, HubSpot operates beyond typical CRM scope by maintaining commercial datasets of professionals and explicitly disclosing data sales/sharing under CCPA, positioning it as both a marketing tool AND a data enrichment vendor.
What This Means For You
If HubSpot tracks your website visitors, their code fires before consent on 47.4% of observed implementations — meaning nearly half your visitors may be tracked without authorization. Under GDPR Art 7, you bear liability for this pre-consent data collection. Beyond CRM, HubSpot maintains commercial datasets of professionals and explicitly sells or shares identifiers to advertising partners under CCPA. If you use HubSpot enrichment features, your customer data may flow into their commercial dataset where it becomes available to competitors using HubSpot data services. Their SOC2 Type II report requires an NDA to access, limiting your ability to independently verify their security posture before deployment.
Risk Channel Breakdown
HubSpot tracking code fires pre-consent on 47.4% of detected sites, meaning attribution data is captured before users can consent. This distorts measurement by including visitors who would have opted out, inflating engagement metrics and corrupting conversion attribution.
HubSpot maintains a commercial dataset of professionals and explicitly sells/shares identifiers to advertising partners under CCPA. Demand signals from your website visitors may flow to HubSpot enrichment products, potentially accessible to competitors using HubSpot data services.
HubSpot serves as a central data aggregator across marketing, sales, and service touchpoints. A breach of their infrastructure would expose comprehensive customer journey data. Their widespread use (198+ sites detected) creates single-point-of-failure risk for business intelligence.
Despite SOC2/GDPR/CCPA compliance claims, 47.4% pre-consent tracking rate creates consent validity liability. HubSpot privacy policy explicitly discloses data selling/sharing, which may conflict with customer privacy expectations and regional regulations requiring explicit consent for such practices.
Threat Indicators
Runtime-observed (BTI-C)
Evasion infrastructure, auditor bypass
Keystroke/mouse tracking
Full session replay
Identity stitching
Ignoring CMP signals
Device identification
PII deanonymization
Container/loader (neutral)
Claims-vs-Reality (BTI-X)
False certification claims
Collection exceeds disclosed scope
Per-code narrative explanations of what each detected behavior means for your organization
Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →
Agent Runtime — MCP Options
HubSpot ships a first-party MCP server. 3 third-party wrappers are published as alternatives. If you're deploying an LLM agent that needs to read or write to HubSpot, this is the comparison set. Each option's severity reflects how a reasonable buyer should weigh it.
@shinzolabs/hubspot-mcp
A community-built HubSpot MCP with the broadest tool coverage in our corpus (112 tools across HubSpot's full CRM surface), but with significant disclosure-versus-reality gaps. The package's PRIVACY.md states telemetry doesn't transmit IP or port; the runtime does. An undeclared HTTP server runs alongside the documented stdio mode that would expose HubSpot credentials if reachable on a network. The production dependency tree carries 17 known vulnerabilities (2 critical, 5 high), and telemetry defaults to 100% sampling with a 5-second export interval. If you need broad HubSpot tool coverage and you can run this in a tightly-controlled environment, the tool surface is real; for environments with privacy, compliance, or supply-chain attestation requirements, this MCP doesn't currently meet the bar.
peakmojo/mcp-hubspot
A Python-based HubSpot MCP that adds vector storage and persistent local caching of CRM data on top of HubSpot's API — features marketed as "context retention" for AI assistants. The headline concern is that the local cache is full plaintext JSON of HubSpot record content, with no encryption, a 7-day rolling window, and no documented retention policy. CLI-flag credential exposure in the host process list, an exact-pinned dependency with known CVEs, and tool-count discrepancies (16 tools registered, 7 documented) round out the concerns. If your organization has data residency requirements, encryption-at-rest mandates, or audit constraints on CRM data, this MCP places that data outside the control plane you've reasoned about.
@chinchillaenterprises/mcp-hubspot (npm)
Closed-Source Third-PartyA multi-tenant HubSpot MCP that markets credential persistence as the headline feature — store keys for multiple HubSpot accounts in your OS keychain, switch between them at runtime. The architecture works as advertised, but every disclosure layer around it is thin: no public source repo despite shipping the source code in the package, no SECURITY.md, no PRIVACY.md, ten months of stagnation since the last release, internal AI-orchestration documents accidentally shipped in the npm tarball, and the same architectural template recurs across at least six of this publisher's MCPs spanning different vendors. If you specifically need multi-account credential management for HubSpot, the feature works as advertised — but 10 months of stagnation with no security policy means nobody is watching for issues in the code that holds your credentials.
Claims vs. Reality
BLACKOUT analyzed HubSpot's public claims against observed runtime behavior and identified 3 contradictions.
"GDPR and CCPA compliance certified"
47.4% of HubSpot tracking instances fire before consent is obtained
2 more gaps — with regulatory citations and evidence pointers — available with subscription.
Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →
What To Do
5 for current users · 5 for evaluators
contractual leverage points
Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →
Supply Chain & Pairings
googletagmanager, googleanalytics4, linkedinads…
Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →