
TL;DR
What You Need to Know
- On July 1, 2026, HubSpot announced proposed updates to its enrichment data terms that introduced a shared enrichment model for certain professional business information.
- The proposal raised questions around customer consent, data governance, transparency, and opt-out defaults.
- Following customer and partner feedback, HubSpot withdrew the proposed changes before they took effect and confirmed they would not move forward as announced.
- Today, HubSpot's enrichment features continue to operate under their existing model.
- The broader takeaway goes beyond HubSpot: every organization should understand how its enrichment provider collects, processes, stores, governs, and protects customer data before enabling enrichment.
The discussion is no longer just about HubSpot. As AI-powered enrichment becomes a standard part of modern revenue platforms, organizations should evaluate every vendor's approach to customer-contributed data, privacy controls, governance, administrative transparency, and consent models, not just the size or accuracy of its enrichment database.
Your CRM contains one of your company's most valuable assets.
Not your software.
Not your workflows.
Your customer data.
When HubSpot announced proposed changes to its enrichment data policy in July 2026, the conversation quickly moved beyond enrichment itself. The real issue was trust: who controls enriched data, how it is used, and what level of transparency customers should expect from the platforms they rely on every day.
Organizations raised important questions about whether customer-contributed information should help improve shared enrichment datasets, whether participation should be opt-in or opt-out, and how businesses can maintain governance over the data stored in their CRM. These concerns were particularly relevant for enterprises with strict compliance, security, and data governance requirements.
Following feedback from customers and partners, HubSpot withdrew the proposed changes before they took effect and confirmed that the rollout would not proceed as originally announced. While that resolved the immediate issue, it also sparked a broader industry conversation.
Today, the question is no longer limited to HubSpot. As AI-powered enrichment becomes a standard capability across modern revenue platforms, every organization should understand how its enrichment provider collects, processes, stores, governs, and protects customer data. Choosing an enrichment platform is no longer just about data quality, it's also about privacy, transparency, and long-term trust.
What Happened With HubSpot's Enrichment Policy?
In early July 2026, HubSpot announced proposed updates to the terms governing its data enrichment features. The changes were intended to support a broader contact discovery and enrichment experience by allowing certain professional business information to contribute to a shared enrichment dataset.
The announcement prompted widespread discussion among customers, partners, and privacy professionals. While HubSpot clarified that CRM records, notes, deals, emails, call recordings, and other customer-owned data would not be shared, many organizations sought additional clarity around consent, governance, and how customer-contributed enrichment data would be handled.
Timeline
- July 1, 2026: HubSpot announces proposed updates to its enrichment terms. (Source)(Source)
- August 4, 2026 (planned): The new enrichment model was scheduled to take effect.
- Shared enrichment model explained: HubSpot outlines a "give-to-get" approach in which certain professional business information could contribute to improving its commercial enrichment dataset.
- Community discussion begins: Customers, partners, and compliance experts raise questions about transparency, customer control, data governance, and opt-out defaults.
- HubSpot acknowledges concerns: Company leaders publicly respond to feedback and recognize that the rollout created uncertainty around customer trust.
- Proposed changes withdrawn: Before the planned launch date, HubSpot confirms that the July 1 terms will not move forward and commits that any future customer-data initiatives will be transparent and opt-in. (Source)
- Current status: HubSpot's enrichment features continue to operate under their existing model, and the proposed policy was never implemented.
The proposed policy never took effect. However, it sparked an industry-wide discussion about customer trust, transparency, consent models, and how enrichment providers should govern customer-contributed data as AI-powered enrichment continues to evolve.
Why Customers Raised Questions About the Proposal
The discussion around HubSpot's proposed enrichment changes was largely about governance and transparency, not the value of enrichment itself. Most organizations recognize that data enrichment improves lead quality, sales productivity, and CRM accuracy. The questions centered on how customer-contributed information would be handled and what level of control customers should have.
Several themes emerged throughout the discussion:
- Opt-in vs. opt-out participation: Many organizations expected participation in any shared enrichment model to require explicit consent rather than being enabled by default.
- Customer ownership expectations: Businesses wanted assurance that data they collected, verified, or maintained would remain under their control.
- Shared commercial datasets: Teams sought clarity on whether professional business information contributed through enrichment could be used to improve a broader commercial dataset.
- Enterprise governance: Large organizations often have internal policies governing how customer and prospect data can be shared with third parties.
- GDPR and regional privacy considerations: Companies operating under regulations such as GDPR needed to evaluate whether proposed changes aligned with their legal and compliance obligations.
- Internal compliance reviews: Security, legal, and procurement teams needed sufficient documentation to assess the operational impact of the proposed model.
- Transparency: Customers wanted clear explanations of what data was included, how it was used, and which administrative controls were available.
- Trust: Ultimately, organizations wanted confidence that any future changes affecting customer data would be communicated clearly and introduced with appropriate customer choice.
The discussion highlighted a broader reality: as AI-powered enrichment platforms become more sophisticated, evaluating privacy, governance, and transparency is just as important as evaluating data quality or coverage.
CRM Data vs. Enrichment Data: What's the Difference?
One reason the announcement generated so much discussion is that CRM data and enrichment data are often confused, even though they represent different parts of the enrichment process.
A typical enrichment workflow looks like this:
Your CRM record → Enrichment request → Vendor's enrichment sources → Additional company or contact information returned → Updated CRM record
Understanding each component helps clarify what was, and wasn't, being discussed.
CRM records
This is the information your organization owns and manages inside its CRM, including contacts, companies, deals, notes, activities, emails, call recordings, custom properties, and internal sales history. These records represent your customer relationships and operational data.
Enrichment datasets
An enrichment dataset is the vendor's commercial database used to supplement existing CRM records with additional business information, such as job titles, company attributes, firmographics, or publicly available professional details.
Customer-maintained data
This refers to information your team has collected, verified, corrected, or enriched over time as part of your sales and marketing operations. Organizations often view this as a valuable business asset that should remain under their control.
Vendor-owned commercial data
Most enrichment providers maintain proprietary datasets built from a combination of licensed data providers, publicly available information, first-party signals, and other commercial sources. These datasets power the enrichment process by supplying additional information when requested.
During the discussion around HubSpot's proposal, many conversations blurred the distinction between these concepts. Some assumed that customer CRM records would be shared directly, while HubSpot consistently stated that customer-owned CRM data, such as contacts, notes, deals, emails, call recordings, and custom fields, would not be included in the proposed enrichment model. The primary discussion instead focused on how certain professional business information used during enrichment could contribute to a broader commercial dataset and what level of customer control should govern that process.
Understanding these distinctions makes it easier to evaluate any enrichment platform based on its actual data practices rather than assumptions about how enrichment works.
What Actually Changed, and What Didn't
One of the biggest sources of confusion during the discussion was that different types of data were often grouped together, even though they serve different purposes. Separating the proposed changes from the data that was never affected makes it easier to understand what was actually under discussion.
What Was Proposed
The July 2026 proposal focused on expanding the information used to support HubSpot's enrichment capabilities. According to the announcement, the proposed model included:
- Professional contact information such as job title, role, seniority, business location, and professional profile URL.
- Additional business-card-level professional details that could be used for contact enrichment.
- A shared enrichment model, where certain professional information could contribute to improving HubSpot's commercial enrichment dataset.
- An expanded enrichment dataset intended to improve contact discovery and data accuracy for participating customers.
What Was Never Included
HubSpot consistently stated that the proposal did not include customer-owned CRM information such as:
- CRM records
- Notes
- Deals
- Emails
- Call recordings
- Custom properties
- Internal business data and sales activity
These records remained customer-owned and were never described as part of the proposed shared enrichment model.
Understanding this distinction is important when evaluating any enrichment provider. CRM data represents your organization's operational records, while enrichment data refers to the external information used to enhance those records. Many discussions blurred these concepts, making the proposal appear broader than it actually was. Regardless of the vendor, understanding exactly which data is customer-owned, vendor-owned, or potentially contributed to an enrichment network is an essential part of data governance.
Not All Enrichment Platforms Handle Data the Same Way
One of the most important lessons from this discussion is that "data enrichment" is not a single architecture. Vendors collect, maintain, and deliver enrichment data in different ways, each with its own strengths and trade-offs.
Rather than asking which platform is "best," it's more useful to understand how each enrichment model works and whether it aligns with your organization's privacy, governance, and compliance requirements.
Shared Enrichment
A shared enrichment model improves its dataset through participation from customers. Professional business information contributed during enrichment helps keep the overall dataset more complete and up to date for other participating organizations.
Benefits
- Dataset improves over time through collective contributions.
- Higher likelihood of fresh professional information.
- Strong network effects as participation grows.
Trade-offs
- Requires clear governance and customer transparency.
- Organizations may require explicit consent before participating.
- May not align with every enterprise's internal data policies.
Commercial Data Networks
Many enrichment providers maintain proprietary commercial databases built from licensed data providers, publicly available information, first-party signals, and ongoing verification processes. Customer CRM records are not the primary source of the dataset.
Benefits
- Broad company and contact coverage.
- Continuous data verification and refresh cycles.
- Suitable for organizations that prioritize external data coverage.
Trade-offs
- Coverage and accuracy depend on the quality of the vendor's commercial data sources.
- Enterprise-grade datasets often come at a higher cost.
- Freshness can vary across regions and industries.
Private Customer Enrichment
Some platforms are designed so that customer enrichment remains isolated within each organization's environment rather than contributing to a shared enrichment ecosystem. The enrichment process enhances CRM records without using customer-maintained enrichment data to improve datasets for other customers.
Benefits
- Greater customer control over enriched data.
- Simpler governance for organizations with strict privacy requirements.
- Easier to align with internal security and compliance policies.
Trade-offs
- Does not benefit from network effects created by shared contribution models.
- Data quality depends primarily on the vendor's own enrichment sources and verification processes.
- Coverage improvements rely on the provider rather than contributions from participating customers.
There is no universally "best" enrichment architecture. The right approach depends on your organization's governance requirements, regulatory obligations, security policies, and appetite for participating in collaborative data ecosystems. Understanding how a platform handles data is often just as important as evaluating the accuracy of the enrichment it provides.
How to Evaluate Any Enrichment Platform
When evaluating an enrichment platform, it's easy to focus on the size of the database or the number of contacts it claims to cover. While those factors matter, they tell only part of the story. Data quality, governance, and transparency are equally important, especially for organizations handling sensitive customer and prospect information.
Instead of asking "Which database is biggest?", ask questions like:
- Where does the enrichment data originate? Is it sourced from commercial providers, public records, first-party signals, or other sources?
- Can customer-contributed enrichment improve a shared dataset? If so, how is that process governed?
- Is participation opt-in or opt-out? How much control do customers have over participating?
- Can administrators disable participation? Are these controls easy to access and manage?
- Are audit logs available? Can you review enrichment activity for governance or compliance purposes?
- How transparent are the vendor's privacy terms? Are data practices clearly documented and regularly updated?
- What certifications or compliance frameworks does the vendor support? Consider standards such as SOC 2, ISO 27001, GDPR, or CCPA where relevant.
- What happens after cancellation? Does the vendor explain how enriched data is handled if your subscription ends?
- Can enrichment settings be centrally governed? Large organizations often need consistent administrative controls across teams and business units.
A trustworthy enrichment platform should provide clear answers to these questions, not just impressive coverage statistics.
Shared Enrichment vs. Private Enrichment
Different enrichment providers take different approaches to how enrichment data is maintained and governed. Understanding these models helps organizations choose a platform that aligns with their privacy, compliance, and governance requirements.
Neither model is inherently better. The right choice depends on your organization's legal obligations, procurement policies, customer commitments, internal governance standards, and overall approach to data privacy. Understanding these trade-offs allows teams to make informed decisions rather than assuming every enrichment platform operates the same way.
What Features Matter Most in an Enrichment Platform?
The best enrichment platform isn't necessarily the one with the largest database, it's the one that delivers reliable data while supporting your organization's governance, security, and operational requirements.







