Scope
This Support Policy applies to all support interactions between TradersFlow and its users, including email support, administrative investigations, account recovery, billing assistance, and any temporary access to a customer account by TradersFlow personnel.
It should be read alongside our Terms of Service and Privacy Policy.
Account Impersonation and Support Sessions
Certain authorised support staff may temporarily access a customer account to diagnose issues, verify settings, or reproduce reported problems. This is referred to internally as an impersonation or support session.
Impersonation sessions are clearly identified internally and are never initiated covertly. All impersonation actions are logged with the following details:
- the identity of the administrator performing the session;
- the identity of the customer account being accessed;
- the timestamp when the session began and ended;
- a description of the actions performed during the session;
- the total duration of the session.
Impersonation sessions automatically expire and cannot be used to retain ongoing access. A new session must be initiated for each subsequent investigation.
Customers may request support assistance that requires account access. TradersFlow personnel will only view or modify information that is strictly necessary to resolve the reported issue.
Admin Panel Roles and Safeguards
Access to the TradersFlow administrative panel is governed by the following role-based permissions. Each role carries only the privileges required for its function:
- Owner — full platform and administrative control, including role assignment and critical configuration changes.
- Super Admin — broad administrative access across all operational areas, subject to audit logging.
- Admin — operational access to user management, support tooling, and routine administrative functions.
- Support — access to customer accounts for troubleshooting, impersonation sessions, and support ticket resolution.
- Finance — access to billing records, subscription data, refunds, invoices, and payment-related operations.
- Read-only — view access to operational data and reports without the ability to modify accounts, settings, or transactions.
Role assignments are reviewed periodically. Personnel may not escalate their own privileges, and all role changes are recorded in the audit log.
Audit Logging Requirements
The following administrative actions must be recorded in the immutable audit log:
- updates to user accounts, profiles, or credentials;
- changes to subscriptions, including upgrades, downgrades, cancellations, and trial extensions;
- refunds and reversal of charges;
- invoice modifications, voids, or payment-link actions;
- transactional email sends initiated from the admin panel;
- impersonation and support sessions;
- permission and role changes;
- changes to platform settings or feature flags.
Each audit entry includes the actor, action, target account or resource, timestamp, and (where applicable) the before and after state. Audit logs are retained for the lifetime of the platform and are not modifiable by administrative users.
User Consent
By using TradersFlow, you acknowledge that authorised personnel may access your account for support, operational, security, compliance, and maintenance purposes when reasonably necessary.
This consent is part of the overall agreement formed when you accept our Terms of Service. If you do not agree to this access, you should not use the Service.
Compliance
TradersFlow is operated from the United Kingdom and complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable privacy and data-protection legislation.
Administrative access to personal data is carried out under the lawful basis of legitimate interests (platform operation, security, and customer support) and, where appropriate, contractual necessity. Data accessed during support operations is handled only for the purpose for which it was accessed and is subject to the same security and retention standards described in our Privacy Policy.
Billing and payment operations are processed through Stripe. Stripe acts as an independent data controller for regulated payment services. TradersFlow only handles the billing and subscription data necessary to operate the platform, in accordance with Stripe's Connected Account Agreement and privacy terms.
Contact
Questions about this Support Policy, requests for audit-log information, or concerns about administrative access should be sent using the details below.
- Trading name: TradersFlow
- General support: support@tradersflow.co.uk
- Privacy & data requests: privacy@tradersflow.co.uk
- Security disclosures: security@tradersflow.co.uk
- Registered business address: To be published once company registration is finalised.
- Company number: Not yet incorporated — will be published once issued.
Written notice by email to the addresses above is accepted as valid contact for the purposes of this policy until a registered business address is published.
Related policies: Terms · Privacy · Cookies · Sub-processors · Security.