Setting up Data Sharing Rules

Setting up Data Sharing Rules

By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data. However, using the Data Sharing Rules, you can extend the access rights to users belonging to other roles and groups. Once the data sharing rules are configured, users associated to other roles and groups can gain additional access to the records that belong to other users. 

Key Features

  • By default all the modules have a Private option.
  • If the Organization-wide permission is set as Public Read/Write/Delete or Public Read/Write, everyone can access and update all the users’ data. Role Hierarchy and Sharing Rules will not be applied in this case.
  • If the Organization-wide permission is set as Public Read Only, everyone can only view the other users' records. In this case other users cannot modify the owner's records.
  • If the Organizational permission is set as Private, Role Hierarchy and Sharing Rules can be applied.
  • You cannot restrict the accessibility set in Organization's default permissions by writing the Sharing Rules. You can only extend the additional data visibility
  • In the Import History, records that belong to you and your sub-ordinates (if any) will always be shown.
  • All the Attachments, Notes, and Competitors belonging to a record are accessible, if you are able to view that record.
  • Forecasts will always be private.

Managing Default Data Sharing Process

You can provide the following types of access levels to user in Zoho CRM modules:

  • Private: Only the record owner and his/her superior can view the record.
  • Public Read only: Users can view others' records but cannot modify or delete the records.
  • Public Read/Write: Users can view and modify others' records but cannot delete them.
  • Public Read/Write/Delete: Other users can view, modify and delete the records.
Availability
Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

Note
  • By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data.
  • The organization-level data sharing model is not yet implemented for Notes, Reports, and Dashboards modules.

To manage default permissions

  1. Go to Setup > Security Control > Roles and Sharing Data Sharing Settings.
  2. In the Data Sharing Settings page, click Edit All Default Permissions.
  3. In the Edit Default Organization Permissions page, update the following Access Privilege for modules:
    • Private
    • Public Read Only
    • Public Read/Write
    • Public Read/Write/Delete

  4. Click Save after updating access privileges for all the modules.

Data sharing for emails

For emails sent from Zoho CRM—including individual emails, emails sent using the organization's email address, mass emails, workflow, and others—the default sharing type will be set to Public Read/Write/Delete. You can also choose from Private, Public Read Only, or Public Read/Write for the default access type.
  1. Read: Allows viewing the email.
  2. Write: Allows replying or forwarding the email, and editing drafts or scheduled emails.
  3. Delete: Enables users to delete drafted or scheduled emails.
Here's how the different access types work for emails:
  1. When the access type is set to Private, only the email record owner (the person who sends the email) can view and reply to emails—plus any user higher than them in the role hierarchy. This ensures that those at higher levels in the organization can still access emails when necessary, even if the access type is set to Private.
  2.  In the Public Read Only access type, every user in the organization can view emails sent by others. Additional actions, such as replying, forwarding, editing drafts, or deleting emails, are available only to the email's owner and those above them in the role hierarchy. Users at the same level or below the owner are limited to viewing emails and cannot perform these actions.
  3. In the Public Read/Write setting, every user in the CRM can see all emails as well as reply, forward, and edit both drafts and scheduled emails. However, users aren't able to delete emails.
  4. The Public Read/Write/Delete setting provides the most extensive level of access for emails. All users in the organization can view and reply to all emails, as well as edit and delete drafts or scheduled emails.

Creating Data Sharing Rules

This feature helps you to create rules to provide access or restrict users from viewing your data in various modules.

Availability
Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

To create data sharing rules

  1. Go to Setup > Security Control > Data Sharing Settings.
  2. In the Data Sharing Settings page, click New Sharing Rule for the corresponding module.
  3. In the New Sharing Rule page, do the following:
    1. Sharing Rule Name - Specify the Rule name.

    2. Sharing Type - Select how records are shared.
    3. For Based on Record Owner: 
      Records Shared From- Select either the roles, roles and subordinates, or groups, to share records from.

      For example, the above preference would share all records owned by users with the Sales Reps role.
    4. For Based on Criteria:
      Set the specific criteria to meet your data sharing requirements.
      Click the + button to add additional criteria.
      Click AND to change the filter condition to OR and vice versa (You can also edit the criteria condition using the Edit Pattern option)

      For example, the above set of criteria would share records that have India as the billing country and fall under the Real Estate Industry.
    5. Records Shared To - Select either Roles, Roles and Subordinates, Groups or All Users to share records to. 
      For example, records Shared To - Roles and Subordinates - Marketing Associate would share the records with all users who have a Marketing Associate role and their subordinates.

    6. Permission - Choose the access type: Read Only, Read/Write, or Read/Write/Delete.
    7. Superiors Allowed - Tick this checkbox to allow access to the shared records with the superiors to the particular role or group with whom the records are shared. 
  4. Click Save

Note:
  1. Once a data sharing rule is created, users will not be allowed to edit the rule until the execution is complete.

  2. If a module has 4,000,000 or more records, and 60% of them match the set rule criteria, the existing records will not be shared upon saving the rule. The customers have to reach support to share all the existing records that match the criteria. However, new and updated records that match the criteria will be shared.
Criteria based data sharing rules are not supported for existing users with the Activities module. However, users with activities module split into Tasks, Calls, and Meetings, can use criteria based data sharing rules.
Last updated on: Aug 14th, 2023


    • Related Articles

    • Sharing Records

      Collaboration with team members or others in the organization is integral to any business. For some, collaboration means conducting meetings, having discussions on phone or sending information via email while for some it is sharing data with peers ...

    • Setting up Email Sharing Permissions

      Emails exchanged with customers contain important information that may be required for reference by several other teams who are involved in the business process. For example, a contract agreement exchanged with a firm may be required by the legal ...

    • Setting Assignment Rules

      A sales success is closely coupled with the everyday activities of the reps, such as - number of follow-ups, promptness in getting back to the customers, offering quick answers to their queries, and responding to the support tickets. All these ...

    • Setting up Webforms

      Creating a webform involves three steps: Building the form - Drag and drop fields to build a form and format it easily with the WYSIWYG editor. Specifying the form details - Add details such as form name, landing page URL (where the visitor needs to ...

    • Working with Validation Rules

      Creating and keeping high-quality data is difficult, but it's even harder to identify and fix a dataset full of mistakes. Faulty CRM data can lead to negative consequences for a company, including impeding operations, generating unreliable reports, ...