Privacy Policy

Last updated: January 27, 2026

1. Introduction

AuthHub ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our OAuth aggregation platform and related services.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, company name, and billing information.

OAuth Tokens: We securely store OAuth access tokens and refresh tokens that your clients authorize to enable platform integrations. These tokens are encrypted and stored using industry-standard security practices.

Usage Data: We collect information about how you interact with our service, including access request history, platform connections, and feature usage.

Client Information: When your clients authorize access, we collect their email addresses and the platform permissions they grant.

3. How We Use Your Information

  • To provide and maintain our OAuth aggregation services
  • To process and manage platform authorizations on your behalf
  • To send you service-related notifications and updates
  • To respond to your inquiries and provide customer support
  • To improve and optimize our platform
  • To detect and prevent fraud or unauthorized access
  • To comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist in operating our platform (e.g., cloud hosting, payment processing).
  • Advertising Platforms: OAuth tokens are used solely to authenticate with the platforms your clients authorize (Meta, Google Ads, LinkedIn, etc.).
  • Legal Requirements: When required by law or to protect our rights and safety.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of OAuth tokens at rest and in transit
  • Secure token storage using secret management services
  • Regular security audits and monitoring
  • Access controls and audit logging
  • SOC 2 Type II compliance (in progress)

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. OAuth tokens are retained until revoked by the client or agency. You may request deletion of your data at any time by contacting us.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability
  • Withdraw consent at any time

8. Cookies and Tracking

We use essential cookies to maintain session state and authentication. We may use analytics cookies to understand how our service is used. You can control cookie preferences through your browser settings.

9. Third-Party Links

Our service may contain links to third-party websites and advertising platforms. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

10. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: jon@pillaraiagency.com