Trust + Security

The full story on how Maximus stays in your control.

You saw the basics on the homepage — approvals, override, tone. Here's the rest: the audit trail, exactly what Maximus can and can't see in your data, and the security stack underneath all of it.

← Back to homepage

Section 1 — Audit Trail

Every move is logged. Forever.

Who approved what, when, and why. Every message Maximus drafted. Every action he took. Every decision he made — searchable, exportable, date-stamped. If a customer ever asks "did your guy text me?", you'll have the answer in 10 seconds.

  • One-click export. Export the full log to CSV for any date range.
  • Filter by anything. Customer, agent, action type, or approver.
  • Retained for the life of your account. We never auto-delete. You decide when something goes.
  • Webhook out. Pipe Maximus actions into your own dashboard. Available on request.

Section 2 — Data Access Boundaries (Jobber only, V1)

He sees what you tell him to see.

Maximus connects to Jobberfor V1. That's it. You decide which Jobber data Maximus reads from and what he's allowed to write back. Read-only by default. Every write requires either a rule you set or your direct approval.

  • Reads. Customers, jobs, invoices, payments, schedules — only the Jobber objects you turn on.
  • Writes. Create jobs, send customer messages, post review replies — only after you approve the rule or the action.
  • Disconnect anytime. One click revokes Maximus's Jobber access. Your data stays in Jobber.
  • Other CRMs. ServiceTitan + Housecall Pro support is on the roadmap. Not in V1. We picked Jobber first because that's where Founding 20 shops live.

Section 3 — Security

Your customer data stays yours.

SOC 2-aligned infrastructure. Encryption everywhere. We never train models on your shop's data. You own it. You can pull it. You can delete it.

  • Encrypted in transit and at rest. TLS 1.3 on every API call. AES-256 at rest in the database.
  • SOC 2. Built on Supabase (SOC 2 Type 2) and Vercel (SOC 2 Type 2). Happy to share the latest letter from either provider on request.
  • Tokens stored in Supabase Vault. Your Jobber, QuickBooks, Twilio credentials never sit in a database table. Vault uses authenticated symmetric encryption with a key managed by Supabase, separate from your application data.
  • No training on your data. We never use your customer messages, invoices, or call recordings to train models. Period.
  • You own your data. Export the full audit trail any time. Delete your account and we wipe it within 30 days.

See exactly what Maximus would touch in your shop.

30 minutes. Connect Jobber on a read-only sandbox. Watch what Maximus would do with last week's call volume.

Run the leak scan

Ask Maximus anything about your business.