Skip to main content
Header Logo
  • Features
  • How It Works
  • Contact
  • Install Free
Install Free
Legal

Privacy Policy

How Deal Duplicate Finder collects, uses, and protects your information.

Last updated: May 11, 2025  |  Effective date: May 11, 2025

1. Introduction

Deal Duplicate Finder ("we", "us", "our") is a HubSpot Marketplace application operated by Troo Inbound. This Privacy Policy describes how we collect, use, store, and protect information when you install and use our application through the HubSpot Marketplace.

By installing or using Deal Duplicate Finder, you agree to the collection and use of information in accordance with this policy. This policy applies to all users who access the Application through HubSpot.

Deal Duplicate Finder is an independent product developed by Troo Inbound. It is not affiliated with, endorsed by, or operated by HubSpot, Inc.

2. Information We Collect

2.1 HubSpot Account Information

When you connect your HubSpot account via OAuth 2.0, we collect and store:

  • Your HubSpot Portal ID (account identifier)
  • OAuth access token and refresh token (stored securely with access controls)
  • Token expiration timestamps for automatic renewal

2.2 HubSpot Deal Data

To perform duplicate detection, the Application accesses the following data from your HubSpot account:

  • Deal records including properties you select for duplicate matching (e.g. Deal Name, Amount, Close Date)
  • Deal object IDs required to identify and execute merge operations
  • Deal property schema (names, labels, types) to populate the scan configuration interface

We do not store deal records permanently. Deal data is exported, processed to detect duplicates, and the raw export file is automatically deleted after the scan completes or is no longer needed.

2.3 Optional CRM Data

If you grant optional permissions during OAuth installation, the Application may also read:

  • Contact records (crm.objects.contacts.read) for additional deal context
  • Company records (crm.objects.companies.read) for additional deal context
  • Owner records (crm.objects.owners.read) for displaying deal owner information

These are optional scopes and are not required for core duplicate detection functionality.

2.4 Merge Configuration and History

We store the configuration and results of merge operations you initiate, including:

  • Primary and secondary HubSpot deal object IDs involved in each merge
  • Merge status (Pending, Processing, Merged, Failed)
  • HubSpot API responses for completed merges
  • Error messages for failed merge attempts
  • Timestamps for all operations

2.5 Usage and Diagnostic Data

We may collect basic application usage data such as scan frequency, merge counts, and error rates for the purpose of improving service reliability. This data is aggregated and is not linked to individual deal records or personal information.

3. How We Use Your Information

We use the information collected solely to:

  • Authenticate your HubSpot account and maintain your authorized session
  • Execute duplicate scans against your HubSpot deal data
  • Perform deal merge operations you explicitly review and authorize
  • Maintain audit logs of merge history for your reference
  • Diagnose and resolve technical issues
  • Improve the reliability, accuracy, and performance of the Application
  • Send service-related communications (e.g. scan completion notifications, policy updates)

We do not sell, rent, or share your HubSpot data or personal information with third parties for marketing or advertising purposes.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data under the following legal bases:

  • Contract: Processing is necessary to provide the service you have requested
  • Legitimate interests: Improving the Application and maintaining security
  • Consent: Where you have explicitly authorized optional data access via OAuth scopes

5. Data Storage and Security

Your data is stored in a secured PostgreSQL database hosted on a private server. We implement the following security measures:

  • OAuth tokens are stored with strict access controls limiting exposure
  • All data transmission uses HTTPS/TLS encryption in transit
  • Database access is restricted to authorized application servers only
  • Application logs do not contain raw deal data or OAuth tokens
  • Background job queues (Redis/Celery) process data in memory only and do not persist personal data

6. Data Retention

  • OAuth credentials: Retained until you disconnect the app or submit a deletion request
  • Duplicate scan export files (CSV): Retained temporarily during active scan processing, then deleted automatically
  • Duplicate report files: Retained for the duration of the active scan request and available for download; deleted on request
  • Merge history records: Retained for the duration of your active subscription
  • Application logs: Retained for 30 days for debugging and diagnostics, then purged

7. HubSpot Data Processing and OAuth Scopes

Deal Duplicate Finder operates as a HubSpot Public App listed on the HubSpot Marketplace. We are bound by HubSpot's App Partner Program policies and developer terms. We access only the scopes you explicitly authorize during the OAuth installation flow:

  • crm.objects.deals.read — to read deal records for duplicate detection
  • crm.objects.deals.write — to execute merge operations you approve
  • crm.schemas.deals.read — to retrieve deal property definitions
  • crm.objects.contacts.read (optional) — for additional contact context
  • crm.objects.companies.read (optional) — for additional company context
  • crm.objects.owners.read (optional) — for owner display
  • crm.export (conditionally required) — to export deal data for bulk processing

You may revoke any or all of these permissions at any time from HubSpot Settings under Connected Apps.

8. Data Sharing and Third Parties

We do not sell or transfer your data to third parties. The Application uses the following third-party services strictly for operational purposes:

  • HubSpot API — for CRM data access, property retrieval, and merge execution
  • Redis — for background job queue management (no personal or deal data is persisted in Redis)
  • Celery — for asynchronous task processing (operates in memory only)

These services are used solely to deliver the Application's core functionality and are bound by their own privacy and security commitments.

9. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of the data we hold associated with your HubSpot portal
  • Deletion: Request deletion of all your account data by emailing privacy@trooinbound.com
  • Correction: Request correction of inaccurate data we hold
  • Portability: Request an export of your merge history data in a machine-readable format
  • Objection: Object to processing in cases where we rely on legitimate interests as the legal basis
  • Disconnection: Revoke the Application's access to your HubSpot account at any time from HubSpot Settings → Integrations → Connected Apps

We will respond to all valid data rights requests within 30 days.

10. International Data Transfers

Your data may be processed and stored on servers located in India. If you are accessing the Application from the EEA, UK, or other regions with data transfer regulations, you acknowledge that your data may be transferred to and processed in India. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy.

11. Children's Privacy

Deal Duplicate Finder is a business-to-business application intended for use by professionals. It is not directed to individuals under the age of 16. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify active users of material changes via email to the address associated with your HubSpot account or via an in-app notice at least 14 days before the changes take effect. Continued use of the Application after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related questions, data rights requests, or concerns, contact us at:

  • Email: privacy@trooinbound.com
  • General support: support@trooinbound.com
  • Phone: +91 97240 71214
  • Website: https://dedupts.trootechproducts.com
Footer Logo

Clean CRM. Clear Pipeline.
Zero Duplicates.

  • Twitter
  • LinkedIn
  • HubSpot Marketplace

Product

  • Features
  • How It Works
  • Install App

Company

  • Contact
  • Support

Legal

  • Privacy Policy
  • Terms of Service

© Deal Duplicate Finder by Troo Inbound. All rights reserved.

  • Privacy
  • Terms
  • Contact