Features
Every feature in smallCRM Core. No upsells hidden behind modules — what you see here is what every paying tenant gets.
Companies & Contacts
Track every organisation you deal with and the people inside them. Contacts can link to multiple companies with a primary flag — perfect for consultants who work with several firms, or contractors who move between agencies.
Custom fields let you add tenant-specific metadata. Search and filter by name, domain, industry, or tag.
Deals & Kanban
A drag-drop kanban board across six fixed stages: new, qualified, proposal, negotiation, closed-won, and closed-lost. Each stage has a default win-probability that powers the weighted forecast at the top of the page.
Mark deals won or lost with an optional lost-reason — useful for spotting patterns when you review your pipeline.
Ticketing & Support
Customer support tickets with a five-stage lifecycle (new → open → pending → resolved → closed). Route by department, assign to a team member, and reply via internal or customer-facing comments.
Customer-facing comments trigger an automatic email to the linked contact — so your CRM and your inbox stay in sync.
Activity Timeline
Every change to a company, contact, deal, or ticket gets recorded as an immutable activity. Created, edited, status-changed, assigned, commented — all permanent, all searchable.
Use the timeline to retrace what happened, who did it, and when. A built-in audit trail with no extra clicks.
Comments + Email Replies
Polymorphic comments work on every Core entity. Mark a comment as customer-facing and smallCRM sends it as an email to the linked contact — replying via your support inbox without leaving the CRM.
Internal-only comments stay invisible to customers. Use them for team notes, escalation context, or post-mortems.
Tenant Isolation
Every record carries a tenant ID. Eloquent queries auto-scope to the current tenant via a fail-closed global scope — you cannot accidentally read or write to another tenant's data, even with raw queries.
Cross-tenant FK validation in every form. The same protection covers UUIDs in URLs: visiting another tenant's deal returns a 404, not a 403.
Role-Based Access
Three roles per tenant: Admin (everything), Member (create + edit own records), Viewer (read-only). Roles are tenant-scoped via Spatie's permissions package — invited users assume their role in your tenant only.
Owners (you) can edit role definitions in tenant settings, except for the Admin role which always retains full access.