Data & Security
This page explains how Kyroo collects, uses, and protects your data when you use our platform at getkyroo.com and app.getkyroo.com. If you have questions, contact us at support@getkyroo.com.
What we access - HubSpot
We connect to HubSpot using a public OAuth app. The app requests two scopes: crm.objects.companies.read and crm.objects.deals.read. Nothing else. This means we can read company names, domains, deal names, deal values, and deal stages.
We cannot read contacts, emails, call logs, meeting notes, tasks, sequences, workflows, or any other data in your HubSpot portal. We cannot create, update, or delete any record.
What we access - LinkedIn
We connect to LinkedIn Ads using the r_ads_reporting OAuth scope. This is the same permission that LinkedIn Campaign Manager uses when you export your own performance data. It gives us read access to impression counts, click counts, spend figures, and campaign names. That is all.
We cannot see your ad creative, your targeting settings, your audience lists, your billing details, or your account configuration. We cannot create, pause, edit, or delete any campaign or ad. If you revoke access, our connection is terminated immediately.
How is my data stored?
All data stored by Kyroo is encrypted at rest using AES-256 encryption via Supabase, which runs on AWS infrastructure in the EU (eu-west-1, Ireland). All data in transit between your browser, our servers, and our database uses TLS 1.2 or higher. Every table in our database has row-level security enabled, which means your organisation's data is cryptographically isolated from every other organisation's data.
No Kyroo staff member can query your data. If you disconnect an integration, your data is deleted immediately and permanently. Disconnect LinkedIn and your LinkedIn impression data is gone. Disconnect HubSpot and your CRM data is gone. Delete your account and everything goes with it.
What we never do
Kyroo can not and will not write to your LinkedIn Ads account. We will never write to your HubSpot portal. We will never access contact records, personal email addresses, or any individually identifiable data from your CRM. We will never sell your data, share it with third parties, or use it to train any model. We will never store your LinkedIn or HubSpot credentials. All authentication uses short-lived OAuth tokens that you can revoke at any time from within LinkedIn or HubSpot directly.
Questions
If your security or IT team has questions not covered here, we are happy to walk through the data model directly.
Please email support@getkyroo.com