SOP 06 · Access safety

How we handle your access safely

The methods we use across Meta, GHL, and Calendly are all designed around one idea: give us what we need to do good work while leaving you in full control of your accounts, your data, and your ability to walk away.

Trust is the foundation of every campaign we run, which is why every method on this page is the safest available on each platform rather than the fastest. If anything we ask for ever feels excessive, push back and we will find a tighter scope that still works.

Our core principles

Platform-native delegation is the default, edge cases are a conversation

Our default approach across every platform we work with is to use the native delegation method that lets you keep ownership and full control, which is partner access on Meta, sub-account team invites on GHL, and named member seats on Calendly. There are rare situations where a platform does not offer a clean way to grant the scoped access we genuinely need to do the work properly, and when that happens we sit down with you on a call to find the safest possible workaround together, which usually means a single-use password manager share with an auto-expiry timer rather than anything sent through chat or email. The principle is simple: the safe path is always the default, and any exception is always a conversation we have together rather than a request that lands in your inbox.

↓

We always request the lowest role we can work with

On every platform we ask for the smallest permission set that lets us do the work, and we never ask for billing or owner control unless billing management is explicitly part of the engagement you signed for. The exact role we hold on any platform is visible to you at any time, and we are happy to walk you through the panel where you can see it for yourself.

↓

We require 2FA before access is shared

Before you invite anyone from Leadfins, we ask that you turn on 2FA on your own account on Meta, GHL, and Calendly. This single step is the largest jump in account security you can make in 5 minutes, and it protects you against credential theft long after our engagement together ends, which is why we treat it as non-negotiable on every onboarding.

↓

Ownership stays with you, and access can be revoked in seconds

Every method we use leaves you as the registered account owner across partner access on Meta, sub-account team invites on GHL, and member invites on Calendly. Removing our access happens from the same panel where you granted it, the change takes effect immediately on every platform, and we will never object, delay, or ask you for a reason.

↓

Meta Business Manager

Partner access through Business Manager, never personal user

We connect to your Meta Business Manager as a Partner Business, which means the relationship sits between two businesses and survives changes on either side without breaking your access or ours. The role we ask for is Advertiser on the ad account and Advertiser on the Page, which is enough to launch and optimise campaigns while leaving account ownership, billing settings, and asset deletion entirely under your control.

↓

Your ad account always stays on your Business Manager

Running campaigns on your own BM means every dollar of pixel history, custom audience, conversion event, and account warm-up belongs to you and stays with you the day our engagement ends. Some agencies offer to host your ad account inside their own BM because the setup is faster, and the consequence is that all of that data evaporates the moment you switch agencies, which is why we will always insist on running campaigns inside your BM even when the setup costs us a few extra hours.

↓

Go High Level

Sub-account scoped admin invites

In GHL we ask to be added at the sub-account level rather than at the agency level, which scopes our access strictly to your workspace and keeps us out of any other tenant on your stack. Each Leadfins team member who needs access receives an individual invite to their work email and is assigned the Admin role on that sub-account, which gives us what we need to manage campaigns, automations, and pipelines without ever touching billing or account-level settings.

↓

Calendly

Named member invites on the Teams plan

On Calendly we always work as named members on your Teams plan, with each Leadfins user holding their own seat and their own audit trail across event types and integrations. If you are currently on the Standard plan we will recommend upgrading to Teams before granting any access, because that is the only configuration that produces a clean ownership and audit model. For automations we set up the API keys and Zapier connections under your account rather than ours, which means everything keeps running cleanly the day we step away.

↓

Universal hygiene

Anything sensitive moves through a password manager, never chat

If at any point during our engagement we need to exchange anything sensitive, that exchange happens through a password manager with expiring share links such as 1Password or Bitwarden, and never through Slack, email, or text where the value would sit indefinitely. We treat this rule as universal across every client we serve, and we will politely refuse to receive anything that arrives any other way.

↓

Quarterly access audit, every quarter, no exceptions

Every 90 days we run a self-audit across every client account where we hold access, removing any team member who has rolled off the engagement and confirming that every active permission still maps to active work. You will receive a short summary on Slack each quarter listing exactly which Leadfins users currently hold access on which of your platforms, so the access matrix is always documented on both sides.

Two final commitments

If anything we ask for here ever feels excessive, push back. We would rather adjust the scope of access than have you uncomfortable with what we hold on your account.

If you ever want to see exactly which Leadfins team members hold access on which platform, ask on Slack and we will share the full access matrix the same day.