By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data. However, using the Data Sharing Rules, you can extend the access rights to users belonging to other roles and groups. Once the data sharing rules are configured, users associated to other roles and groups can gain additional access to the records that belong to other users. 

Key Features

• By default all the modules have a Private option.
  
• If the Organization-wide permission is set as Public Read/Write/Delete, everyone can access and update all the users’ data. Role Hierarchy and Sharing Rules will not be applied in this case.
  
• If the Organization-wide permission is set as Read Only, everyone can only view the other users' records. In this case other users cannot modify the owner's records.
  
• If the Organizational permission is set as Private, Role Hierarchy and Sharing Rules can be applied.
  
• You cannot restrict the accessibility set in Organization's default permissions by writing the Sharing Rules. You can only extend the additional data visibility
  
• In the Import History, records that belong to you and your sub-ordinates (if any) will always be shown.
  
• All the Attachments, Notes, Emails and Competitors belonging to a record are accessible, if you are able to view that record.
  
• Forecasts will always be private.
  
   
  

Managing Default Data Sharing Process

You can provide the following types of access levels to user in Zoho CRM modules:

• Private: Only the record owner and his/her superior can view the record.
  
• Public Read only: Users can view others' records but cannot modify and delete the records.
  
• Public Read/Write/Delete: Other users can view, modify and delete the records.
  

A user who is a forecast manager can view their peers, that is other users in the same role, records even if share data with peers is disabled. 

Permission Required
Users with  Manage Data Sharing selected under the User Management permissions can access this feature.

 

Note

• By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data.
  
• The organization-level data sharing model is not yet implemented for Notes, Reports, Dashboards, and Email modules.
  

To manage default permissions

1. Go to Setup > Users & Control > Security Control > Data Sharing Settings.
   
2. In the Data Sharing Settings page, click Edit All Default Permissions.
   
3. In the  Edit Default Organization Permissions page, update the following Access Privilege for modules:
   
   • Private
     
   • Public Read Only
     
   • Public Read/Write/Delete
     
4. Click Save after updating access privileges for all the modules.
   

Creating Data Sharing Rules

This feature helps you to create rules to provide access to records in various modules.

Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

To create data sharing rules

1. Go to Setup > Users & Control > Security Control > Data Sharing Settings.
   
2. In the Data Sharing Settings page, click New Sharing Rule for the corresponding module.
   
3. In the New Sharing Rule page, do the following:
   
1. Sharing Rule Name - Specify the Rule name.
   
2. Sharing Type - Select how records are shared.
   
1. For Based on Record Owner:
   Records Shared From- Select either the roles, roles and subordinates, or groups, to share records from.
   
   For example, the above preference would share all records owned by users with the Sales Reps role.
2. For Based on Criteria: Set the specific criteria to meet your data sharing requirements.
   Click the + button to add additional criteria.
   Click AND to change the filter condition to OR and vice versa (You can also edit the criteria condition using the Edit Pattern option)
   For example, the above set of criteria would share records that have India as the billing country and fall under the Real Estate Industry.
3. Records Shared To - Select either Roles, Roles and Subordinates, Groups or All Users to share records to.
   For example, records Shared To - Roles and Subordinates - Marketing Associate would share the records with all users who have a Marketing Associate role and their subordinates.
   
4. Permission - Choose the access type: Read Only, Read/Write, or Read/Write/Delete.
   
5. Superiors Allowed - Tick this checkbox to allow access to the shared records with the superiors to the particular role or group with whom the records are shared.
   
4. Click Save.
   

NOTES: 

1. Once a data sharing rule is created, users will not be allowed to edit the rule until the execution is complete.
   
   
2. If a module has 40 lacs or more records, and 60% of them match the set rule criteria, the existing records will not be shared upon saving the rule. The customers have to reach support to share all the existing records that match the criteria. However, new and updated records that match the criteria will be shared.
   
3. Data Sharing Rules are available for the Enterprise and the Ultimate editions only.
   
1. Enterprise - You can create upto 25 Rules/Module
   Up to 10 criteria-based rules can be created.
2. Ultimate - You can create upto 100 Rules/Module
   Up to 15 criteria-based rules can be created.