By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data. However, using the Data Sharing Rules, you can extend the access rights to users belonging to other roles and groups. Once the data sharing rules are configured, users associated to other roles and groups can gain additional access to the records that belong to other users. 

Key Features

• By default all the modules have a Private option.
  
• If the Organization-wide permission is set as Public Read/Write/Delete or Public Read/Write, everyone can access and update all the users’ data. Role Hierarchy and Sharing Rules will not be applied in this case.
  
• If the Organization-wide permission is set as Public Read Only, everyone can only view the other users' records. In this case other users cannot modify the owner's records.
  
• If the Organizational permission is set as Private, Role Hierarchy and Sharing Rules can be applied.
  
• You cannot restrict the accessibility set in Organization's default permissions by writing the Sharing Rules. You can only extend the additional data visibility
  
• In the Import History, records that belong to you and your sub-ordinates (if any) will always be shown.
  
• All the Attachments, Notes, Emails and Competitors belonging to a record are accessible, if you are able to view that record.
  
• Forecasts will always be private.
  
   
  

Managing Default Data Sharing Process

You can provide the following types of access levels to user in Zoho CRM modules:

• Private: Only the record owner and his/her superior can view the record.
  
• Public Read only: Users can view others' records but cannot modify or delete the records.
  
• Public Read/Write: Users can view and modify others' records but cannot delete them.
• Public Read/Write/Delete: Other users can view, modify and delete the records.
  

Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

Note

• By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data.
  
• The organization-level data sharing model is not yet implemented for Notes, Reports, Dashboards, and Email modules.
  

To manage default permissions

1. Go to Setup > Security Control > Roles and Sharing > Data Sharing Settings.
   
2. In the Data Sharing Settings page, click Edit All Default Permissions.
   
3. In the Edit Default Organization Permissions page, update the following Access Privilege for modules:
   
   • Private
     
   • Public Read Only
     
   • Public Read/Write
     
   • Public Read/Write/Delete
     
     
4. Click Save after updating access privileges for all the modules.
   

Creating Data Sharing Rules

This feature helps you to create rules to provide access or restrict users from viewing your data in various modules.

Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

To create data sharing rules

1. Go to Setup > Security Control > Data Sharing Settings.
   
2. In the Data Sharing Settings page, click New Sharing Rule for the corresponding module.
   
3. In the New Sharing Rule page, do the following:
   
1. Sharing Rule Name - Specify the Rule name.
   
   
2. Sharing Type - Select how records are shared.
   
3. For Based on Record Owner: 
   Records Shared From- Select either the roles, roles and subordinates, or groups, to share records from.
   
   For example, the above preference would share all records owned by users with the Sales Reps role.
4. For Based on Criteria:
   Set the specific criteria to meet your data sharing requirements.
   Click the + button to add additional criteria.
   Click AND to change the filter condition to OR and vice versa (You can also edit the criteria condition using the Edit Pattern option)
   
   For example, the above set of criteria would share records that have India as the billing country and fall under the Real Estate Industry.
5. Records Shared To - Select either Roles, Roles and Subordinates, Groups or All Users to share records to. 
   For example, records Shared To - Roles and Subordinates - Marketing Associate would share the records with all users who have a Marketing Associate role and their subordinates.
   
   
6. Permission - Choose the access type: Read Only, Read/Write, or Read/Write/Delete.
   
7. Superiors Allowed - Tick this checkbox to allow access to the shared records with the superiors to the particular role or group with whom the records are shared. 
   
4. Click Save. 

Note:

1. Once a data sharing rule is created, users will not be allowed to edit the rule until the execution is complete.
   
   
2. If a module has 40 lacs or more records, and 60% of them match the set rule criteria, the existing records will not be shared upon saving the rule. The customers have to reach support to share all the existing records that match the criteria. However, new and updated records that match the criteria will be shared.

Criteria based data sharing rules are not supported for existing users with the Activities module. However, users with activities module split into Tasks, Calls, and Meetings, can use criteria based data sharing rules.

Last updated on: Aug 14th, 2023