Skip to content

Legal

Security

Your dealership's data is sensitive. Here's how we protect it.

Last updated June 2026

Data isolation

Flux is multi-tenant by design. Every dealership's data is strictly isolated — each request is scoped to the signed-in user's dealership, with defense-in-depth checks on every related query so one tenant can never reach another's records.

Encryption

Data is encrypted in transit with TLS, and at rest by our database and storage providers. Passwords are hashed — never stored in plain text.

Access & permissions

Permission checks are evaluated live against the database on each sensitive action, not from a cached login token — so revoked access takes effect immediately.

Infrastructure

Flux runs on reputable cloud infrastructure with managed Postgres, regular backups, and least-privilege access for our team.

Responsible disclosure

Found a vulnerability? We appreciate your help. Please email hello@fluxdms.com with the details and we'll respond promptly. Please give us a reasonable chance to fix issues before public disclosure.

Questions about this page? Email us at hello@fluxdms.com.