TruxCRM is multi-tenant by design — every company is strictly isolated, access is enforced on the server for every request, and documents are stored privately.
Every lead, quote, order, carrier, document, and payment is scoped to your company. One deployment serves many brokerages, each fully walled off from the others.
Access decisions happen on the server for every request — never trusted to the browser. Agents follow a default-deny model: only explicitly allowed actions go through.
Signed orders, invoices, and insurance files live in private storage buckets — never publicly listable, served only to authorized requests.
Passwords are hashed with bcrypt — never stored in plain text. Sessions are managed with server-side tokens.
Security headers (CSP via Helmet), a CORS origin allowlist, and rate limiting protect against common web attacks and abuse.
Built on managed Postgres and object storage with row-level security policies and least-privilege, server-only data access.
TruxCRM resolves the active company from the authenticated session on the server, then scopes every read and write to that company. The browser can't ask for another company's data, because the request is filtered before it ever reaches the database.
PDF invoices are built fresh and emailed as attachments — not stored — so they always reflect the latest numbers and leave no stale copies behind.
Notification history is kept lean with two-tier auto-pruning, and idle push devices are cleaned up automatically.
The AI assistant can look up your data to answer questions but is read-only — it can never modify or delete records, and access is controlled per company.
We're happy to walk your team or IT through our architecture, data flows, and security model on a call.
See how TruxCRM keeps your brokerage organized and your data protected.