Roles
- What will I find in the "Roles and accesses" section?
- What types of roles exist in Sesame, and what are their characteristics?
- What are the Default General roles?
- What are the Default Specific roles?
- How can I create a role?
- How can I duplicate roles?
- How can I delete roles?
- How can I edit the "Basic information" of a role?
- How can I configure the "Access levels" of a role?
- What are Holders and how can I assign them?
- How can I assign roles if I manage a group of companies?
- What are Managed and how can I assign them?
- How can I see which groups or employees are managed by a role holder?
- What is “Data privacy” for?
- How do the roles granted through "Roles and Accesses" coexist with those granted by sections?
- What is the "Change history"?
- Why are there new roles in my account?
- How can I manage access to employee data?
- Do roles have default data privacy settings?
- What happened to my “Access levels” settings after the migration to “Data privacy”?
What happened to my “Access levels” settings after the migration to “Data privacy”?
To make the transition from "Access levels" to "Data privacy" as smooth as possible, here's how your previous settings were migrated:
If you didn't have any privacy level configured
- General role holders: we enabled the view and edit options for all employee data. You can modify this at any time.
- Specific role holders: we enabled view and edit for Personal data and their Custom fields, you can change this anytime.
If you had one privacy level configured for the entire company
- General role holders: we enabled the view and edit options for all employee data. You can modify this at any time.
-
Specific role holders: we replicated the privacy settings you had in place as follows:
- If a data point was viewable → we enabled view in the Specific role.
- If a data point was editable → we enabled edit in the Specific role.
- If a data point was locked (not viewable or editable) → we left both options disabled.
If you had different privacy levels configured for various employees
Here’s how we migrated your "Access levels" settings to the new "Data privacy" section:
-
General role holders: we enabled the view and edit options for all employee data. You can modify this at any time.
-
Specific role holders: we disabled all view and edit options for employee data. You can modify this as needed.
-
Specific role holders with no configured access level: we created an ad-hoc specific role with the following attributes:
- Name: automatic role with no privacy configuration.
- Description: this role was automatically created during the migration to "Data privacy" in "Roles and accesses".
- Access levels: no access enabled.
- Data privacy: enabled view and edit for Personal data and their Custom fields.
- Holders: employees who previously had no configured access level.
-
Managed: we preserved the entities they were responsible for.
-
Employees who had a configured access level: we created a specific role for each access level you previously had, with the following characteristics:
- Name: automatic role with privacy configuration.
- Description: this role was automatically created during the migration to "Data privacy" in "Roles and accesses".
- Access levels: no access enabled.
-
Data privacy: we replicated the settings from the access level you had configured before:
- If a data point was viewable → we enabled view in the new role.
- If a data point was editable → we enabled edit in the new role.
- If a data point was locked → we left both options disabled.
- Holders: employees who had that same access level were assigned to each new role.
- Managed: we preserved the entities they were responsible for.
What do you need to do? Nothing! During the migration, we analyzed your existing data privacy configuration to ensure the smoothest possible transition. Still, you can review and adjust the privacy settings for any role at any time by going to: Roles and accesses >> [Role name] >> Data privacy.
