// Trust & Security Report
INSIDERE, LLC
BoldTrail/kvCORE — all-in-one real estate CRM platform combining IDX website, lead engine, AI-powered CRM, marketing automation, listing/transaction management, and business intelligence. Rebranded from kvCORE to BoldTrail in June 2024.
Certifications held
2
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on insiderealestate.com“Terms of Service (Sec. 3.7): 'you agree to comply with all applicable requirements of all applicable state data protection and data privacy laws and regulations of the United States, including but not limited to the California Consumer Privacy Act'; IRE is positioned as a CCPA 'service provider'. Privacy policy exposes a verbatim 'Do Not Sell or Share My Personal Information' link and a 'CCPA Privacy Notice'.”
Verify on insiderealestate.com“Privacy policy 'Canada Privacy Rights' section: 'under PIPEDA and substantially similar provincial privacy legislation, users also have the right to...' including 'Access their personal information at free or minimal cost within 30 days of requesting access', 'The right to withdraw consent to the processing of personal information', and 'The right to request the deletion of their personal data'.”
> Show 4 unconfirmed / not-held certifications
source: insiderealestate.comNo public evidence of SOC 2 certification found on vendor's official domain, privacy policy, terms of service, or public marketing materials.
source: insiderealestate.comNo public evidence of ISO 27001 certification found on vendor's official domain, privacy policy, terms of service, or public marketing materials.
source: insiderealestate.comTerms of Service (Sec. 3.6): 'you agree that you will not (i) use any of the services provided hereunder to collect or otherwise process personal data subject to European data protection laws and regulations, including the European Union's General Data Protection Regulation.' Platform prohibits EU personal data processing by design.
source: insiderealestate.comNo public evidence of HIPAA compliance or Business Associate Agreement (BAA) support. Product is designed for real estate, not healthcare.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
United States (data stored and processed in US; no international data residency options mentioned)
BoldTrail platform includes AI-powered CRM features, but no public documentation on customer data training practices. Privacy policy does not address AI model training on customer data.
// Security controls
Encryption in Transit
Mentioned for third-party integrations (e.g., Plaid bank verification: 'information is encrypted and securely tokenized'). General encryption standards not publicly documented.
help.insiderealestate.comSLA / Uptime Guarantee
24/7 availability target stated, but no specific SLA percentage provided. Excludes planned downtime and circumstances beyond reasonable control.
insiderealestate.comBreach Notification
Commitment to notify 'without undue delay' but no specific timeline defined.
insiderealestate.comVulnerability Disclosure Policy
Accepts vulnerability submissions from users; specific process not publicly detailed.
boldtrail.comPersonnel Confidentiality
Personnel handling data must be bound by confidentiality obligations.
insiderealestate.com// Products & data scope
data: Real estate agent/broker contact databases, property listings, client communications, marketing campaigns, transaction management
All-in-one front office platform combining IDX website builder, lead engine, AI-powered CRM, marketing automation, listing management, transaction tracking, and business intelligence. Rebranded June 2024. US-only (GDPR-prohibited).
data: Lead generation, contact management, customer relationship management
Predecessor product; Inside Real Estate portfolio. Targets individual agents, teams, and small-to-medium brokerages.
// What to watch
- No SOC 2, ISO 27001, or other industry-standard security certifications present or publicly documented.
- GDPR compliance explicitly prohibited in terms of service — vendor states 'customers cannot process EU personal data through the platform.' Not suitable for international deployments involving EU data.
- No dedicated trust center or security/compliance documentation page found. Security commitments relegate to generic 'commercially reasonable' language in terms of service rather than verifiable standards.
- Encryption and technical security details not publicly documented; only general statement of 'industry-standard' protections.
- No SLA percentages specified despite uptime claims; breach notification timelines not defined ('without undue delay' is vague).
- Product includes AI-powered CRM features but no public policy on whether customer data is used for AI model training.
- Real estate industry focus means low probability of HIPAA use cases, but vendor does not explicitly disclose HIPAA ineligibility.
// At a glance
Pricing model
Subscription-based; tiered pricing for agents and teams
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on INSIDERE, LLC's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
insiderealestate.com