Version: 1.0
Effective date: 01.03.2026
Last updated: 01.03.2026

This Access Governance Policy describes how access is granted, changed, and revoked in BloomLightly farm workspaces.

1. Purpose

1.1. This policy defines governance rules for owner-controlled, multi-user access to farm data and operations.
1.2. It supports security, accountability, and data protection compliance for collaboration features.

2. Scope

2.1. This policy applies to all farm workspaces in the Service.
2.2. It covers access to production operations, infrastructure configuration, inventory/ERP-related features, environment logs, and related assets exposed through role/permission controls.

3. Access Model

3.1. Each farm workspace has one Owner account with full control.
3.2. The Owner may invite additional users (staff/collaborators) and assign role-based permissions.
3.3. Access is tenant-scoped per farm. Access to one farm does not grant access to another farm.

4. Invitation and Onboarding Flow

4.1. Only authorized users (Owner and, where enabled, delegated managers with staff-management rights) may issue invites.
4.2. Invitations are email-bound and time-limited.
4.3. Invite acceptance requires: (a) token validation;
(b) login as the invited email holder, or registration with that invited email if not yet a system user;
(c) authenticated acceptance to activate membership.

4.4. If the invited person is not already a system user, account registration is completed during onboarding before access activation.

5. Roles and Permission Levels

5.1. Access can range from view-only rights for selected assets to broad operational rights up to full farm infrastructure and production management, subject to role/permission assignment by the Owner (or delegated manager, where permitted).
5.2. Typical role patterns include: (a) Viewer: read-only access to permitted modules/assets;
(b) Worker: day-to-day operational actions on permitted modules;
(c) Manager: extended operational management, potentially including staff management;
(d) Owner: full control of the farm workspace.

5.3. Where custom permission overrides are enabled, effective access is determined by the assigned role plus explicit permission grants/restrictions.

6. Asset-Scoped Access

6.1. Access may be restricted to specified assets/features, including but not limited to: (a) farm/workspace settings;
(b) batch/production workflows;
(c) racks/trays and operational entities;
(d) environment logs and related telemetry;
(e) inventory/ERP management;
(f) integration and webhook configuration.

6.2. Owners are responsible for ensuring permissions follow least-privilege principles and business need.

7. Accountability and Auditability

7.1. Actions in multi-user workspaces may be attributable to the acting user via technical/audit logs (e.g., actor identity, action type, entity reference, timestamp, and security metadata).
7.2. Shared credentials are prohibited. Each collaborator must use an individual user account.

8. Access Lifecycle Controls

8.1. Owners (and authorized managers, where applicable) must review memberships regularly and promptly remove or reduce access when no longer required.
8.2. Membership states may include active, invited, and revoked.
8.3. Revoked access may be reactivated only by authorized personnel.
8.4. Access should be removed immediately upon role change, contract termination, or suspected compromise.

9. Security Obligations

9.1. Customers must protect account credentials, tokens, and invitation links from unauthorized disclosure.
9.2. Suspected misuse (including invitation abuse, impersonation, or cross-tenant access attempts) must be reported immediately to support@bloomlightly.com.
9.3. The Service may apply technical controls (including temporary restrictions/suspension) to contain security risk.

10. Customer Responsibilities

10.1. The customer organization (controller) is responsible for deciding who may access each farm workspace and at what permission level.
10.2. The customer must ensure invited collaborators are lawfully authorized and bound by confidentiality/data-protection obligations.
10.3. The customer remains responsible for lawful sharing of personal or operational data with collaborators.

11. Relationship to Other Documents

11.1. This policy complements the Terms of Service, Privacy Policy, and (where applicable) DPA.
11.2. In case of conflict, mandatory law prevails, then DPA terms for processing matters, then the Terms of Service.

12. Policy Updates

12.1. We may update this policy for legal, security, or operational reasons.
12.2. Material updates will be communicated in-product and/or by email.

13. Contact

Questions regarding access governance or abuse reporting: support@bloomlightly.com.