Privacy Policy

Last Updated: January 8, 2026

1. Introduction

BarrierX ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CCO-as-a-Service platform, which provides real-time insights, automated coaching, and data-driven results for sales teams.

By using BarrierX, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Company name and tenant information
  • Authentication credentials
  • Profile information and preferences

2.2 CRM and Integration Data

When you connect third-party services, we collect:

  • HubSpot Integration: Deal information, contacts, companies, engagements, meetings, emails, calls, and associated metadata
  • Slack Integration: Workspace information, channel data, and messages (as permitted by your integration settings)
  • Gmail Integration: Email metadata (subject, sender, recipient, date), email content when you use our email generation features, and OAuth tokens for accessing your Gmail account
  • OAuth tokens and credentials for accessing integrated services

2.3 Deal and Sales Data

We process and store:

  • Deal information (amounts, stages, pipelines, close dates)
  • Risk scores and indicators calculated by our AI systems
  • Meeting schedules and engagement history
  • Contact and company information
  • Sales activity data (calls, emails, meetings)

2.4 AI Analysis Data

Our AI systems analyze:

  • Deal details and metadata
  • Engagement patterns and communication history
  • Risk indicators and scoring factors
  • Evidence and reasoning for risk assessments

2.5 Usage and Technical Data

We automatically collect:

  • Log data (IP addresses, browser type, access times)
  • Device information
  • Usage patterns and feature interactions
  • Error reports and performance metrics

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve our services
  • Analyze deals and calculate risk scores using AI technology
  • Generate insights, recommendations, and automated coaching
  • Sync and process data from integrated CRM systems
  • Send notifications, alerts, and updates
  • Authenticate users and manage access
  • Detect and prevent fraud or security issues
  • Comply with legal obligations
  • Respond to your inquiries and provide customer support

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Database: Data is stored in Supabase, a secure cloud database platform with encryption at rest and in transit
  • Encryption: All data transmissions are encrypted using TLS/SSL
  • Access Controls: We implement role-based access controls and authentication mechanisms
  • Backups: Regular backups are performed to ensure data availability
  • Monitoring: We monitor our systems for security threats and vulnerabilities

While we implement strong security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

5. Third-Party Services and Integrations

5.1 HubSpot

When you connect HubSpot, we access your HubSpot data according to the permissions you grant. We sync deals, contacts, engagements, and meetings to provide risk analysis and insights. Your use of HubSpot is also governed by HubSpot's Privacy Policy.

5.2 Slack

If you integrate Slack, we access workspace and channel data as permitted by your OAuth authorization. Your use of Slack is also governed by Slack's Privacy Policy.

5.3 Gmail

When you connect Gmail, we access your Gmail account through Google OAuth 2.0 authentication. We use Gmail API to:

  • Read and send emails on your behalf to facilitate communication with customers
  • Access email metadata (subject, sender, recipient, date) for deal analysis and engagement tracking
  • Generate and send emails as part of our automated coaching and action recommendations

We only access emails and data necessary to provide our services. We do not store the full content of your emails unless you explicitly use our email generation features. OAuth tokens are securely stored and encrypted. You can revoke Gmail access at any time through your Google Account settings or through our platform. Your use of Gmail is also governed by Google's Privacy Policy and Terms of Service.

5.4 Other Service Providers

We may use third-party service providers to help operate our platform, including hosting, analytics, and customer support services. These providers have access to your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Within Your Organization: Data is shared with authorized users within your tenant/organization
  • Service Providers: With trusted third-party service providers who assist in operating our platform
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: When you explicitly authorize us to share information

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to processing of your data in certain circumstances
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis
  • Disconnect Integrations: Revoke access to third-party integrations at any time

To exercise these rights, please contact us at the email address provided below.

8. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:

  • Account data is retained while your account is active
  • Deal and sales data is retained according to your subscription terms
  • We may retain certain data for legal, regulatory, or business purposes even after account deletion
  • You can request deletion of your data, subject to applicable legal requirements

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

10. Children's Privacy

BarrierX is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

13. Compliance

This Privacy Policy is designed to comply with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR) for users in the European Economic Area
  • California Consumer Privacy Act (CCPA) for California residents
  • Other applicable regional data protection laws