Decision Site

Search documentation

Search for pages in the documentation

Team Access Control

How ORGANIZATION, TEAM, and OWN settings control Decision Site visibility

Team Access Control is your organization's setting that determines who can access Decision Sites. It's organization-wide and affects all teams.

The Big Picture

Key concept: Your organization has ONE Team Access Control setting. All teams follow this same setting.

You cannot have:

  • One team with ORGANIZATION access
  • Another team with TEAM access
  • A third team with OWN access

It's all or nothing: Pick one setting for your entire organization.

The Three Options

SettingWho Can AccessTeam Membership Matters?
ORGANIZATIONEveryoneNo
TEAMTeam members + ownerYes
OWNOwner onlyNo

ORGANIZATION Access Control

Rule: Team membership doesn't restrict access. Everyone with appropriate organization role can see all Decision Sites.

How It Works

text
Organization Team Access Control: ORGANIZATION

Teams:
├─ Enterprise Team (Sarah, John)
└─ SMB Team (Alex)

Decision Site: Acme Corp Deal
Owner: John
Team: Enterprise Team

Who can access?
✅ Sarah (team member, CREATOR role)
✅ John (owner, CREATOR role)
✅ Alex (not on team, but CREATOR role)
✅ Any other CREATOR or COLLABORATOR
✅ Organization ADMIN (always)
❌ GUEST users (view-only, must be added as contact)

What "Everyone" Means

"Everyone" = All internal users with CREATOR or COLLABORATOR organization role.

Can access:

  • Organization ADMIN (all Decision Sites)
  • CREATOR (all Decision Sites they own or have access to)
  • COLLABORATOR (all Decision Sites shared with them)

Cannot access:

  • GUEST (unless added as contact to specific Decision Site)

When to Use ORGANIZATION

Good for:

  • Small organizations (< 20 people)
  • Full transparency cultures
  • Cross-selling opportunities
  • Flat organizational structures
  • Startups where everyone collaborates

Example scenario:

text
Company: 10-person SaaS startup
Structure: Everyone works on all deals
Goal: Full visibility for cross-selling

Setup:
- Team Access Control: ORGANIZATION
- Teams used only for organization (Sales, Engineering)
- Everyone sees all Decision Sites

What You Gain

Visibility:

  • Anyone can see any deal
  • Easy to find Decision Sites
  • Cross-team collaboration simple

Simplicity:

  • No access confusion
  • Teams are organizational, not restrictive
  • Easy onboarding

What You Lose

Privacy:

  • Cannot hide deals from internal team
  • Regional teams can see each other's deals
  • Sensitive deals visible to all

Structure:

  • No enforced boundaries
  • Teams don't control access
  • May feel chaotic at scale

TEAM Access Control

Rule: Only team members (plus owner) can access Decision Sites assigned to their team.

How It Works

text
Organization Team Access Control: TEAM

Teams:
├─ Enterprise Team (Sarah, John)
└─ SMB Team (Alex)

Decision Site: Acme Corp Deal
Owner: John
Team: Enterprise Team

Who can access?
✅ Sarah (team member)
✅ John (owner + team member)
❌ Alex (different team)
✅ Organization ADMIN (bypass)
✅ Maria (if added as contact)

Access Rules

Can access Decision Site:

  1. Owner (always)
  2. Team members (if Decision Site assigned to their team)
  3. Organization ADMIN (bypasses all restrictions)
  4. Contacts (people explicitly added to the Decision Site)

Cannot access:

  • Members of other teams
  • People not on any team
  • GUEST users (unless added as contact)

When to Use TEAM

Good for:

  • Regional teams (US-East, US-West, EMEA)
  • Product-based teams (Product A, Product B)
  • Confidential deals
  • Structured access requirements
  • Organizations > 20 people

Example scenario:

text
Company: 100-person sales organization
Structure: 4 regional teams
Goal: Reps only see their region's deals

Setup:
- Team Access Control: TEAM
- Teams: US-East, US-West, EMEA, APAC
- Each rep on one regional team
- Can only access their team's Decision Sites

What You Gain

Privacy:

  • Teams can't see each other's deals
  • Confidential deals stay within team
  • Clear boundaries

Structure:

  • Enforced access control
  • Natural organization
  • Clear ownership

Scalability:

  • Works at any size
  • Supports hierarchy
  • Reduces noise (reps don't see irrelevant deals)

What You Lose

Visibility:

  • Cross-team visibility requires adding contacts
  • Harder to find Decision Sites
  • May miss collaboration opportunities

Complexity:

  • Need to manage team membership
  • Access troubleshooting more complex
  • Onboarding requires team assignment

OWN Access Control

Rule: Only the Decision Site owner can access it. Team membership doesn't matter.

How It Works

text
Organization Team Access Control: OWN

Teams:
├─ Enterprise Team (Sarah is OWNER, John is MEMBER)
└─ SMB Team (Alex)

Decision Site: Acme Corp Deal
Owner: John
Team: Enterprise Team

Who can access?
❌ Sarah (even though team OWNER)
✅ John (owner)
❌ Alex (different team)
✅ Organization ADMIN (bypass)
❌ Other team members

Access Rules

Can access Decision Site:

  1. Owner (only the owner)
  2. Organization ADMIN (bypass)
  3. Contacts (if explicitly added)

Cannot access:

  • Team members (even team OWNERs)
  • Other owners
  • Anyone not explicitly added

When to Use OWN

Good for:

  • Consulting firms (each consultant owns their clients)
  • Personal deals
  • Maximum privacy
  • Individual contributor model
  • High confidentiality requirements

Example scenario:

text
Company: Law firm
Structure: Individual partners with clients
Goal: Each attorney only sees their cases

Setup:
- Team Access Control: OWN
- Teams used for firm organization only
- Each attorney can only see their cases

What You Gain

Maximum privacy:

  • Complete isolation
  • No accidental access
  • Clear ownership

Individual control:

  • Each person manages their own
  • No team access issues
  • Simple ownership model

What You Lose

Collaboration:

  • Very hard to collaborate
  • Can't see teammate's work
  • Manager can't see reports' deals (unless ADMIN)

Visibility:

  • Zero cross-visibility
  • Must manually add people as contacts
  • Pipeline visibility requires ADMIN access

Team benefits:

  • Teams don't provide access
  • Team membership meaningless for access
  • Defeats purpose of teams

The Organization ADMIN Bypass

Important: Organization ADMIN can ALWAYS access ALL Decision Sites, regardless of Team Access Control setting.

text
Any Team Access Control Setting:

Decision Site: Acme Corp Deal
Owner: John
Team: Enterprise Team

Organization ADMIN (Sarah):
✅ Can access (bypasses all restrictions)
✅ Can edit (full permissions)
✅ Can delete
✅ Can change ownership

Why: ADMINs manage the organization and need full access for administration.

Changing Team Access Control

Only organization ADMINs can change this setting:

  1. Go to Settings → Organization
  2. Find "Team Access Control"
  3. Select: ORGANIZATION, TEAM, or OWN
  4. Click "Save"

Warning: This affects ALL Decision Sites immediately.

Impact of Changing Setting

ORGANIZATION → TEAM:

  • Suddenly, people lose access to Decision Sites outside their team
  • May cause confusion and complaints
  • Need to communicate change

TEAM → ORGANIZATION:

  • Suddenly, everyone can see all Decision Sites
  • Privacy reduced
  • May expose confidential deals

Any → OWN:

  • Massive access restriction
  • Only owners can see their sites
  • Teams become organizational only
  • Collaboration becomes very difficult

Best practice: Decide your setting early and stick with it. Changing mid-stream causes disruption.

How Team Access Control Interacts with Other Features

With Contacts

You can always add people as contacts to a Decision Site, regardless of Team Access Control:

text
Team Access Control: TEAM
Enterprise Team: Sarah, John
SMB Team: Alex

Decision Site: Acme Corp Deal
Owner: John
Team: Enterprise Team
Contacts: Alex (added explicitly)

Result:
✅ Alex can access (even though different team)

Contacts bypass team restrictions.

With Organization Roles

Team Access Control works with organization roles:

text
Team Access Control: ORGANIZATION

User: John
Organization Role: GUEST
Team: Enterprise Team

Result:
❌ John cannot access most Decision Sites (GUEST is view-only)
✅ John can only access Decision Sites where he's added as contact

Organization role permissions still apply.

With Domain Rules

Domain rules can grant access regardless of teams:

text
Team Access Control: TEAM
Enterprise Team: Sarah
Decision Site: Acme Corp Deal (Enterprise Team)
Domain Rule: anyone@company.com can access

User: alex@company.com (not on Enterprise Team)

Result:
✅ Alex can access (domain rule grants access)

Domain rules can bypass team restrictions.

Common Misunderstandings

"Each team can have its own access control setting"

False. Team Access Control is organization-wide. All teams follow the same setting.

"TEAM access control means team OWNER can see all team Decision Sites"

Only if they're also a team member or owner of the Decision Site. Team OWNER role is for team management, not automatic Decision Site access.

"ORGANIZATION access control means GUEST users can see everything"

False. GUEST users are view-only and must be added as contacts. Organization role permissions still apply.

"I can change access control per Decision Site"

No. Team Access Control is organization-wide. You cannot have different settings for different Decision Sites.

"OWN access control makes teams useless"

Correct for access purposes. With OWN, teams are purely organizational - they don't control access.

Choosing the Right Setting

Decision Framework

Ask yourself:

  1. How many people?

    • < 10: Probably ORGANIZATION
    • 10-50: Probably TEAM

    • 50: Definitely TEAM (or OWN if highly confidential)

  2. Natural team divisions?

    • Yes: TEAM
    • No: ORGANIZATION

  3. Need privacy between teams?

    • Yes: TEAM
    • No: ORGANIZATION

  4. Maximum privacy required?

    • Yes: OWN
    • No: TEAM or ORGANIZATION

  5. Individual contributor model?

    • Yes: OWN
    • No: TEAM or ORGANIZATION

Recommendation by Company Type

Startups/Small Companies:

  • ORGANIZATION (simplicity, transparency)

Sales Organizations:

  • TEAM (regional privacy, structure)

Consulting/Law Firms:

  • OWN (client confidentiality)

Enterprise Companies:

  • TEAM (scale, structure, compliance)

Troubleshooting Access Issues

See Common Issues for detailed troubleshooting.

Quick checks:

  1. What is your Team Access Control?

    • Ask your ADMIN

  2. Are you on the team?

    • Check Settings → Teams

  3. Are you the owner?

    • Check Decision Site details

  4. Are you an organization ADMIN?

    • Check Settings → Profile

  5. Are you added as a contact?

    • Check Decision Site contacts list

Next Steps