Skip to main content

Access levels

Learn how to manage permissions with access levels.

Updated this week

Use access levels to control what your team can see and do. We’ll show you how to use them to set up the right permissions for everyone.

Depending on your company structure, you may need to assign different access levels to different user groups or individual users.

With access levels, you can customize employee information and give any of the three types of users specific rights to view or edit employee profiles.

📌 Note: One access level cannot remove permissions that another access level or a user’s role has granted.

For example, if a custom access level gives an employee “View” access, but the “All Employees” access level for that same information allows “View and Edit,” the “View and Edit” permission takes priority over the custom access level.

User groups

Employees are divided into two main groups, with a third group that combines everyone:

  • Employees themselves: Access to their own data

  • Managers: Access for managers and those higher in the reporting line

  • All employees: Access for everyone in the company

Access level types

There are three types of access levels:

  • View: The user can only see the information.

  • View and edit: The user can see and modify the information.

  • No access: The user cannot see or modify the information.

📌 Note: By default, Administrators have the right to view and edit any information. Employees can only view and edit their personal information.

Custom access levels

You can manage the access levels of specific employees and teams more precisely by adding custom access.

To add a custom access level:

  1. Click Add custom access level.

  2. In the right-hand sidebar, select either Employee or Teams and choose the relevant person or team.

  3. Under Access level, select the relevant level for the user or team.

  4. Optionally, you can restrict access to specific groups or departments.

Click Add custom access level to save your selection. The page will then display a summary of the new access level.

Access levels categories

Access levels are organized by different data categories.

Employee profile data

There are eight defined categories of employee profile data. You can access them by going to People > Employee > Employee profile data.

  • Professional: Essential information about the employee’s role within the company.

  • Employment details: The employee’s details related to the company.

  • Company structure: The employee’s place in the company.

  • Personal: Personal details and contact information.

  • Address: The employee’s personal address.

  • Payroll information: Details for payroll, including tax, social security, insurance, and bank info.

  • Emergency contact: Who to contact in case of an emergency at work.

  • Social network: Personal contact information on social networking apps.

Payroll

There are 2 categories for payroll management:

  • Salary and paysheets: Access to the Salary and Sheets subsections in each employee’s profile.

  • Payroll management: Access to the Payroll module, including the ability to manage pay runs and view employee salary records.

Reports

This access level defines permissions for the Reports module.

  • With View and edit access, users can create new reports and dashboards.

  • With View access, users can browse existing reports but cannot create or change them.

Employee custom modules

Each employee custom module has its own access level. When you create a new one, a new access level section is automatically created and needs to be configured.

There are four default employee custom modules:

  • Assets

  • Access cards

  • Trainings

  • HR notes

This also applies to other areas, like employee documents, company custom modules, and company documents.

📌 Note: Always review and adjust access levels after creating a new module or folder to ensure the right employees have the right permissions.

Journeys

There are four categories:

  • Pre-onboarding

  • Onboarding

  • Offboarding

  • Journeys management

The Journeys management category controls who can manage journey categories and their permissions.

  • Users with view and edit access can create, archive, or delete journey categories and manage access to each category.

  • There is no view-only access for journey management.

When you create a new journey category, the system automatically creates a new access level. You need to set this up to decide who can use it.

Whistleblowing

The Whistleblowing category is unavailable by default. Once you create a Whistleblowing channel, the new category will be created in your Access levels settings.

Birthdays and work milestones

Some events, like birthdays and work anniversaries, are hidden by default and not visible to any user. To make these events visible, an administrator must update the settings for specific access levels.

The following events require changes in the listed access levels:

  • Birthdays → Profile data → Personal

  • Work anniversary → Profile data → Employment details

  • Employment start → Profile data → Employment details

  • Probation end → Profile data → Employment details

  • Employment end → Profile data → Employment details

⚠️ Important: Granting this access level will unlock the entire section of the employee profile, not just the selected field.

For example, if you give a user View access to the Personal section, they will be able to see the complete section in every employee profile.

Did this answer your question?