Trust · Support access

How our support team accesses your agency.

Sometimes our engineers need to look at your account to debug an issue. Here is exactly what we allow them to do, what is blocked, and what you can see.

The short version

• Every support session creates a permanent audit log row visible to you in Settings → Support access log.
• Sessions are read-only by default. The engineer cannot write anything until they switch to full mode.
• Switching to full mode requires approval from a second staff member. The first staff cannot self-approve.
• All sessions time out after 30 minutes. Past that, the next request automatically logs them out.
• You can turn off support access entirely at any time from Settings → Support access. We won't be able to override it.
• You can opt in to real-time email notifications when any session begins on your account.

What's logged

What support staff cannot do

• Change passwords, MFA secrets, OAuth tokens, billing identifiers, or anything that authenticates a user.
• Change anything on your account that isn't on a small allowlist of safe columns. Sensitive flags require two-person approval before they apply.
• Bypass your kill switch. If you've turned support access off, no engineer (including super users) can impersonate inside your agency.
• Reach unlimited accounts. Each engineer is rate-limited per window and supers are alerted on anomalous activity.

How to revoke access in an emergency

1. Sign in as the agency owner.
2. Go to Settings → Support access.
3. Toggle "Disable support access". Existing sessions stay in audit but new ones cannot start.

A super user can also force-end any active session from our side, with reason recorded and emailed to you.

Questions?

Reply to any audit-log email or write us at support. If something looks off in the log, we'd rather hear about it than not.

Last updated May 2026 · Back to Agency Beta