Trust Center
Last updated: December 15, 2025
ClearSync helps SaaS companies sync Stripe subscription and revenue data into HubSpot so Finance, RevOps, and GTM teams can trust their revenue numbers. Because ClearSync processes business and customer metadata, we take security, privacy, and data protection seriously.
This Trust Center describes ClearSync’s security and reliability approach, how we handle data in connection with the Service, and how to contact us with security or privacy requests.
1. Security Overview
The security of your data is important to us. ClearSync uses commercially reasonable administrative, technical, and organizational measures designed to protect the confidentiality, integrity, and availability of data processed in connection with the Service. No method of transmission over the Internet or method of electronic storage is 100% secure; accordingly, we cannot guarantee absolute security.
ClearSync uses Clerk as its authentication provider for user sign-in and organization-based access. Access to production systems is restricted to authorized personnel and is intended to be limited to what is required to operate, maintain, troubleshoot, support, and comply with legal obligations.
ClearSync is designed to use encrypted connections (TLS) for data transmitted between your browser and the Service and for communications between the Service and third-party providers.
2. Infrastructure and Hosting
ClearSync is hosted on cloud infrastructure and uses third-party service providers to operate the Service.
These providers may operate secure facilities and maintain their own security and compliance programs.
Because infrastructure configurations can change over time and may vary by environment, ClearSync does not represent in this Trust Center that specific backup, redundancy, or network monitoring measures are in place in all deployments. If you require details regarding hosting, monitoring, or data resilience for a security review, you may contact us using the information in Section 9.
3. Data Flow and Data Minimization
ClearSync is designed to process and store only the data reasonably necessary to provide the Service, including enabling reporting and integration functionality.
Stripe remains the system of record for billing and payments. ClearSync is not designed to modify Stripe billing or payment data.
ClearSync may process and store identifiers and business metadata associated with subscriptions and revenue reporting. This may include, by way of example, Stripe customer IDs, subscription IDs, invoice or event identifiers, and HubSpot portal and object identifiers; subscription and revenue metadata such as status, product information, quantity, billing interval information, and MRR-related calculations; and limited customer metadata used for reporting and association workflows, such as customer name, email address, and domain (where available).
ClearSync is not designed to store full payment card numbers, card verification values (CVV), or other sensitive payment credentials intended for payment authorization. ClearSync may store a payment-method descriptor (for example, a card brand and last four digits) when available from Stripe billing context; this information is used for reporting and operational visibility and is not a substitute for full payment credentials.
4. Privacy and Data Ownership
As between you and ClearSync, you retain all rights, title, and interest in and to your User Content, subject to the limited license granted in the Terms of Use to provide and improve the Service. ClearSync does not sell your customer data. ClearSync does not share customer data with third parties except as necessary to operate the Service (including through service providers), comply with law, or as otherwise described in the Privacy Policy and Terms of Use.
ClearSync processes personal data in accordance with applicable privacy and data protection laws, including the GDPR and the CCPA where applicable, as described in the Privacy Policy and Terms of Use.
5. Privacy Rights Requests (GDPR/CCPA)
Depending on your jurisdiction, you may have rights to access, correct, delete, or otherwise control your Personal Data. ClearSync will honor verified requests submitted by email, subject to legal retention obligations and other lawful bases for retention.
To submit a privacy rights request, contact us at support@clearsync.ai. Please include sufficient information for us to verify the request and identify the relevant account and data.
6. Compliance and Certifications
ClearSync is beginning a SOC 2 program and is targeting completion in 2026. ClearSync is not currently SOC 2 certified. Any statements in this Trust Center regarding SOC 2 reflect ClearSync’s current goals and roadmap and do not constitute a guarantee of certification.
7. Google OAuth and Authentication
ClearSync authentication is provided through Clerk. If you choose to sign in using Google through Clerk, ClearSync uses the information made available through that sign-in flow for authentication and account management purposes. ClearSync does not sell Google user data. Additional details are described in the Google User Data Privacy Policy.
8. Incident Reporting, Response, and Responsible Disclosure
If you believe you have identified a security vulnerability or incident affecting the Service, you should notify ClearSync promptly by emailing support@clearsync.ai.
ClearSync aims to (i) acknowledge security reports within one business day, (ii) perform an initial severity assessment within two business days, and (iii) provide status updates for active high-severity incidents at least every two business days until resolution. These timeframes are targets and may vary based on the nature of the report and operational constraints.
If ClearSync confirms unauthorized access to customer data, ClearSync will notify affected customers without undue delay and will share information about the nature of the incident, the categories of data involved, and recommended next steps, as appropriate.
ClearSync supports responsible disclosure. Please provide sufficient details and reproduction steps, and please do not publicly disclose vulnerabilities before allowing time for investigation and remediation.
9. Third-Party Services and Analytics
ClearSync integrates with third-party services such as Stripe, HubSpot, and Clerk in order to provide the Service. ClearSync may also use analytics technologies on the website or application to measure usage and improve the Service. For details on cookies and tracking technologies, please review the Privacy Policy.
10. Policies and Contact Information
This Trust Center is provided for informational purposes and does not modify or amend the Privacy Policy or Terms of Use. In the event of any conflict between this Trust Center and the Privacy Policy or Terms of Use, the Privacy Policy and Terms of Use control.
Relevant policies:
Data Processing Addendum (available upon request)
Contact:
support@clearsync.ai
Mailing address:
ClearSync, Inc.
125 Mt. Auburn St. #380773
Cambridge, MA 02238
