How to use access control

Our easy Confidentiality Control lets admins set access levels for different users, making it secure and straightforward.

Being an admin, you can change each user’s role, and each role comes with its own access rights. We use clear, adjustable role-based access rules to make sure your team members only see the information they should see.

Confidentiality

We have strict role-based access controls that can be customized to make sure each member of your team only sees data that they are supposed to see.

 

 

Step 1: Navigate to Access Control
Start by clicking on the Home button, then select Access Control.

 

Step 2: View Existing Users
You will see a list of users who already have access to the tool.


 

Step 3: Invite a New User

  • To invite someone new, click on Invite User in the topright corner.
  • Enter the email address of the person you want to invite.
  • Select a role for the user based on their responsibilities.

Step 4: Assign a Role and Send Invite
  • Choose the appropriate role for the user, considering the level of access they need.
  • Click Send Invite to send the invitation. The user will receive an email with instructions to log in


 

Roles

  1. Admin: 
  • Read and write access to all data.
  • Configure reviewers for plans.
  • Override integrations.
  • Access to custom code.

2. Executive:

  • Designed for Clevel executives who need access to all data.
  • Full access to all employee data, including compensation and performance.
  • Can invite others, create scenarios, and review & approve plans.

3. HR/Finance

  • Read only access to all employee data, including salary and performance.
  • Read only access to invited plans.
4. Manager:
  • Suitable for department heads or managers who only need to see their own team’s information.
  • Access to all employees' basic profiles within their team.
  • Limited access to sensitive information like compensation and performance within their team.
  • Can create a plan for their team.
  • Can not invite others.
  • Read only access to the org char

Step 5: Manage User’s Access Scope

Once the invite has been sent, search for their name to start managing their access.
You can customize the user’s Access Scope to control what data they can view or edit:

  • Specific Departments or Orgs: Limit access to certain parts of the organization.
  • Specific Data Fields: Determine whether the user can view, edit, or hide specific fields like salary, performance, etc.



Step 6: Manage User’s Access Scope

  • Basic Profile: Includes nonsensitive fields like name and location. Generally safe to allow edit access. Users will see basic employee details.
  • Salary: Sensitive data. You can set view only, edit, or no access based on the user’s role. Users will see salary information if granted access.
  • Confidential Data: Includes metrics like performance and quotas. Manage access by setting it to view only, edit, or hidden. Users will see sensitive performance data.
  • Custom Fields: Additional nonstandard fields. Control whether they are viewable, editable, or hidden. Users will see any extra fields specific to your organization.
  • Hub: Contains charts. Users can either edit or be restricted from accessing them (view only access will be removed in a future update). Users will see visual data representations.
  • Forecast: Shows department and people costs. You can allow view or edit access. 
  • Management Costs: User would be able to Management's cost. Access can be set to view or edit. Users will see financial data related to management.

Step 7: Multiple Scopes and Deleting Scopes

  • Users can have multiple scopes. For example, a user may have access to the entire company except for certain sensitive data, and then specific access to certain departments' sensitive data.
    If needed, you can delete a scope and reset the access for a user.