Turn on data privacy settings in your HubSpot account

Data privacy laws (such as General Data Protection Regulation (GDPR) exist to enhance the protection of the personal data of individuals. These laws also increase the obligations of organizations that collect or process personal data. 

Please note: while these features live in HubSpot, your legal team is the best resource to give you compliance advice for your specific situation.

If you're a Super Admin or have Edit account defaults permissions turned on, you can turn on data privacy settings in your HubSpot account settings. This is a centralized place to automatically turn on features intended to support your data privacy compliance efforts throughout your HubSpot account.

• In your HubSpot account, click the settings settings icon in the top navigation bar.
• In the left sidebar menu, select Privacy & Consent. 

• Click to toggle the Turn on data privacy settings switch on. In the dialog box, click Yes, turn on data privacy settings.
  
  
  
   
  • To only send marketing emails to contacts with a legal basis to communicate, toggle the Send emails to contacts with legal basis switch on. In the dialog box, click Confirm. This is recommended for Europe to comply with GDPR and other privacy laws.
    • In the Update your contact's email subscription section, click View list of contacts to view contacts in your account that haven't specified their email preferences.
  • In the Define a legal basis to send surveys section, click Choose a legal basis to change the default legal basis to communicate for survey emails. 

Please note: legal basis to communicate is email address-based. Contacts must give consent for each email address they would like to receive emails for.

When the Turn on data privacy setting toggle is on, all subscription types on a contact's email subscription page will be unchecked by default.

Once data privacy settings are turned on, you'll have the following features in your account: 

• The cookie consent banner is toggled ON by default.
• Data privacy-ready forms with a legal basis notice and communication consent checkbox form field for newly created forms. For existing forms, you'll need to add notice and consent information for each form.
• Scheduling pages will include the notice/consent messaging by default (scheduling pages created before data privacy settings are turned on will not be updated to include this message).
• If you're using the HubSpot Sales extension or add-in, banners on contact records notifying you if a contact does not have a legal basis for processing.
•  Unsubscribe links are turned ON by default for sales one-to-one and sequences emails for users that don't yet have them turned on.
• Ability to add communication consent and legal basis for processing to contacts via a list import, bulk edit, or manual contact creation.
• Tracking (opens and clicks) for emails won't be added for contacts without legal basis.

Permanent delete functionality is available to all accounts, even if data privacy settings are turned off. When deleting a contact you'll have two options: Restorable delete a contact to keep the option to restore within 90 days, or Permanent delete the contact fully to comply with GDPR and other data privacy laws.

Please note: if you turn off data privacy settings in your account, the cookie consent banner will not be automatically turned off.