Can client and employee be in the same pool?
Suppose a client wants to be able to create a trusted profile (sort of like a digital signature). The client creates their account, fills out the application and then confirms it so an employee can verify their identity and create the trusted profile.
Is it alright for both the client and employee to be in the same pool, or should they be in distinct pools such that only messages can pass between the two?
Distinct pools. There are several aspects supporting this:
- The client typically does not belong to the same organisation/system, thus it should be modelled as a separate pool.
- The application form is a document that is handed over from the client to the point of confirmation. The semantics of handing over a document or form is equivalent to passing a message to another party. Message passing makes it very explicit, which data is being passed. When using sequence flow, it is less clear (although you could attach a data object to the flow).
Besides of those points, I stumbled upon the first "Logging" task, which seems to be modelled from a very technical perspective. I'd rather model an activity "Check if client account exists", then have a gateway that decides whether an account needs to be created or not and then proceed. The case that the account is not existent is IMO a very valid case from a business perspective and not to be considered an exception/error.