Security & Trust
How We Handle Your Data
The honest version. What we connect to, what we send to LLMs, what we keep, and what we don't have yet.
OAuth-only access
Connect via HubSpot’s standard OAuth flow. No credentials shared. Revoke any time from your HubSpot portal.
No data warehouse
BaseCommand stores no copy of your HubSpot data. Records are pulled per-run, processed, and discarded.
Read-only by default
Most agents read HubSpot only. The few that write back are explicit, opt-in, and disclosed in the agent’s input form.
No third-party data brokers
No enrichment vendors, no marketing data appends, no resale. Your data goes only where you authorize it.
US-only processing
Data is processed in the US via agent.ai infrastructure. EU customers should evaluate fit accordingly.
Honest about compliance
We don’t have SOC 2 yet. We tell you upfront and offer a sandbox-evaluation path for security reviews that need it.
What happens on every agent run
One path, three hops. Nothing stored in between.
Your HubSpot
You initiate a run. agent.ai uses your OAuth token to read the records the agent needs.
agent.ai runtime (US)
The records pass through the agent workflow. No persistent copy is created.
LLM provider
Only the relevant records are sent to Anthropic, OpenAI, or Google for the analysis. Providers do not train on API data.
Back to you
The output is rendered in agent.ai and emailed to the user who triggered the run. Nothing leaves to a third party.
What we connect to
The exact OAuth scopes we request, and why. We never request scopes outside what an individual agent needs.
| Integration | Method | Scopes | Purpose |
|---|---|---|---|
| HubSpot (read) | OAuth 2.0 | crm.objects.deals.read, crm.objects.contacts.read, crm.objects.companies.read, crm.engagements.read | Pull deal, contact, and engagement data for analysis |
| HubSpot (write — opt-in) | OAuth 2.0 | crm.objects.deals.write | Only for agents that explicitly write back (e.g., Forecast Roll-Up). Off by default; clearly labeled per agent. |
| Email delivery | Sent from agent.ai to the user’s own email address | n/a | Deliver each agent’s report to the user who triggered the run |
What data is sent to LLM providers
The HubSpot records relevant to the specific agent you ran. Nothing else.
For an agent like Renewal Health Scanner, we send: deal name, amount, stage, close date, owner, associated contact names, engagement summaries, and the custom property values relevant to scoring.
We do not send: passwords, API keys, payment methods, or any data outside HubSpot.
Per-agent LLM provider is configurable. Anthropic Claude is the default for analysis; OpenAI GPT-4o family for formatting; Google Gemini available as an alternative. All three providers operate under enterprise DPAs and do not train on data submitted via API (per their public terms as of 2026-05-02).
Data retention
BaseCommand itself stores no customer HubSpot data. Here's where each piece of data lives during and after a run.
| Data | Where | Retention |
|---|---|---|
| HubSpot records pulled into a run | agent.ai runtime memory | Duration of the run only (typically <60 seconds), then discarded |
| Agent run logs (timing, step status) | agent.ai platform | Per agent.ai’s retention policy |
| Agent output (the report you receive) | Your email inbox | Controlled by you |
| LLM provider logs | Anthropic, OpenAI, or Google | Per provider’s enterprise policy — typically 30 days for abuse monitoring, then deleted |
Authentication model
- OAuth 2.0 through HubSpot's standard flow. The user authorizes the connection from their own HubSpot portal — no credentials are shared with BaseCommand.
- Tokens are held by agent.ai, not by BaseCommand. Revoking the connection in HubSpot immediately invalidates access.
- No service accounts, no shared secrets, no API keys to rotate.
- Token scope can be reviewed and modified by your HubSpot admin at any time.
Evaluate without connecting your production portal
For security reviews that need to see the product before granting OAuth access, two paths.
Sandbox HubSpot portal
Connect a HubSpot sandbox or test portal with non-production data. See the full agent output against synthetic records. Recommended for a structured security review.
Live walkthrough
Mike walks any agent through against BaseCommand's own HubSpot in a 15-minute screen-share. No customer data involved.
Compliance status (as of 2026-05-02)
We are an early-stage product. We'll be transparent about what we have and don't have, and we prioritize compliance work as customers require it. If your security policy requires SOC 2 before connecting production data, the sandbox path above lets you evaluate without that gate.
| Standard | Status | Notes |
|---|---|---|
| SOC 2 Type II | Not currently certified | Sandbox evaluation path available for security reviews that require it. |
| GDPR | US-based processing | EU customers should evaluate fit. DPA available on request. |
| HIPAA | Not in scope | BaseCommand is not designed for PHI. |
| Data residency | US-only | Processing happens via agent.ai US infrastructure. |
| Penetration testing | Not yet conducted | agent.ai platform security is operated by HubSpot co-founder Dharmesh Shah’s team. |
Security questions?
Send a list of specific questions to security@basecommand.aiand we'll respond in writing within two business days. Happy to join a 15-minute call with your security team.