Roles, responsibilities and notifications
When a user is created in the IT settings, one or more roles can be assigned to them. Depending on the role, users have different rights within the Priverion platform. We will go into this in more detail in this article.
Create a new user
In the IT Settings, under the Identity & Access tab, you will see a list of all users of your Priverion platform. You can edit their details by clicking on an individual user or create a new user login by clicking the Create button. When creating a user, you enter their name and email. If you want to notify the user of his new account and ask him to set a password, select send invite per email. The telephone number is optional. Finally, you assign roles to this user.
Roles
While all registered users (who by default have the employee role) can access the dashboard and user settings and view the dashboard charts, other rights are restricted to specific roles. An additional distinction is made between read-only or read-and-write rights. Below, we provide a list of the rights for each role. You can create new roles under IT Settings > Roles. Name the role and assign permissions by selecting the appropriate checkboxes. Once done, Save your input.
If you want to give access (read or write) to a specific element (such as a ROPA, Vendor, etc.), you can do this via the Manage Access menu in each element on the upper right (the three ...). You can also create audiences for this. Learn more here.
Introduction and Dashboard Access
While all registered users (who by default have the Employee role) can access the dashboard and user settings, other rights are restricted to specific roles. Below is a detailed breakdown of the access rights associated with each role.
You can create new roles under IT Settings > Roles. Name the role and assign permissions by selecting the appropriate checkboxes. If you wish to grant access to specific elements (such as a specific ROPA or Vendor) to a user without changing their global role, use the Manage Access menu on that specific element.
Dashboard Tiles Access The following table shows which dashboard tiles are available to each role. Tiles marked with an asterisk (*) are shown by default to the user.
| Dashboard Tile | System Manager | DP Manager | DP Coord | IT Security Mgr | IT Security Coord | IT Admin | Employee | IGDTA Admin | Workflow Mgr |
|---|---|---|---|---|---|---|---|---|---|
| My overdue Tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Company overdue Tasks | ✓ | ✓ | ✓ | ✓ | |||||
| Group Management overdue Tasks | ✓ | ✓ | |||||||
| My Tasks by deadline | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Company Tasks by deadline | ✓ | ✓ | ✓ | ✓ | |||||
| Group Management Tasks by deadline | ✓ | ✓ | |||||||
| My ROPA distribution by Org Units | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Company ROPA distribution by Org Units | ✓ | ✓ | ✓ | ✓ | |||||
| Group Management ROPA distribution | ✓ | ✓ | |||||||
| Company ROPA Risk overview | ✓ | ✓ | ✓ | ✓ | |||||
| Group Management ROPA Risk overview | ✓ | ✓ | |||||||
| Active / Total Users by Company | ✓ | ✓ | |||||||
| Last 10 Users logged in (Company/Group) | ✓ | ✓ | ✓ | ✓ | |||||
| My assigned items by Status (All types) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| My Tasks by Priority | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
General Settings & Attributes
This section covers the configuration of the data model, including Attributes (e.g., Personal Data types), Laws, and Organizational Units.
Permissions Key: R (Read) | W (Write) | D (Delete)
| Feature | Permission | System Mgr | DP Mgr | DP Coord | IT Sec Mgr | IT Sec Coord | IT Admin | IGDTA Admin |
|---|---|---|---|---|---|---|---|---|
| Attribute(s) (e.g., Personal Data Types) |
Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Delete | ✓ | ✓ | ✓ | ✓ | ||||
| Applicable Laws | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Delete | ✓ | ✓ | ✓ | ✓ | ||||
| Statuses(es) | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Delete | ✓ | ✓ | ✓ | ✓ | ||||
| Organizational Units | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Delete | ✓ | ✓ | ✓ | ✓ | ||||
| General Settings (Misc) | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Delete | ✓ | ✓ | ✓ | ✓ | ||||
| Standard(s) / Control Set(s) | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| Risk Scenarios & Maturity | Read | ✓ | ✓ | ✓ | ✓ | |||
| Write | ✓ | ✓ | ✓ | ✓ | ||||
| IGDTA Configuration | Read | ✓ | ✓ | |||||
| Write | ✓ | ✓ |
Main Modules
This table covers permissions for the core operational modules such as ROPA, Vendors, Assets, and Assessments.
Permissions Key: R (Read) | W (Write) | S (Share) | P (Push) | DL (Download) | D (Delete)
| Module | Sys Mgr | DP Mgr | DP Coord | IT Sec Mgr | IT Sec Coord | Workflow Mgr |
|---|---|---|---|---|---|---|
| ROPA (Record of Processing) | All | All | All | All | R/W/DL | |
| Vendors | All | All | All | All | R/W/DL | |
| Asset Register | All | All | All | All | R/W | |
| Controls | All | All | All | All | R/W | |
| Impact Assessment | All | All | All | All | R/W | |
| Legitimate Interest | All | All | All | All | R/W | |
| Data Collection Points | All | All | All | All | R/W | |
| Questionnaire | R/W/D | R/W/D | R/W/D | R/W/D | R/W | |
| Questionnaire Templates | R/W | R/W | R/W | R/W | R/W | |
| Meetings & Activities | R/W/D | R/W/D | R/W/D | R/W/D | R/W | |
| Retention & Deletion Periods | R/W/D | R/W/D | R/W/D | R/W/D | R/W | |
| Frameworks | R/W | R/W | R/W | R/W | R/W | |
| Report Explorer | R/W | R/W | R/W | R/W | R/W | |
| Automation Templates | R/W/D | R/W/D | R/W/D | R/W/D | R/W | |
| Tasks | R/W/D | R/W/D | R/W/D | R/W/D | R/W | R/W |
| Projects | R/W/D | R/W/D | R/W/D | R/W/D | R/W | R/W |
| Process Risks | R/W | R/W | R/W | R/W | R/W | |
| Risk Treatment Console | R/W | R/W | R/W | R/W | R/W | |
| Data Flow | R/W | R/W | R/W | R/W | R/W |
Note: "All" includes Read, Write, Sharing, Push, Download, and Delete.
React, Resolve & Documents
This section covers Incidents, Data Subject Requests (DSR), and Documents & Policies.
| Feature | Permission | Sys Mgr | DP Mgr | DP Coord | IT Sec Mgr | IT Sec Coord |
|---|---|---|---|---|---|---|
| Incidents & Breaches | Read | ✓ | ✓ | ✓ | ✓ | ✓ |
| Write | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Delete | ✓ | ✓ | ✓ | ✓ | ||
| Data Subject Request | Read | ✓ | ✓ | ✓ | ✓ | ✓ |
| Write | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Delete | ✓ | ✓ | ✓ | ✓ | ||
| Documents & Policies | Read | ✓ | ✓ | ✓ | ✓ | ✓ |
| Write | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Sharing | ✓ | ✓ | ✓ | ✓ | ||
| Push | ✓ | ✓ | ✓ | ✓ | ||
| Download | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Delete | ✓ | ✓ | ✓ | ✓ | ✓ |
Group & IT Settings, Import/Export
This section covers Group Management, User Management, and System Integrations.
| Category & Feature | Permission | Sys Mgr | DP Mgr | DP Coord | IT Sec Mgr | IT Admin |
|---|---|---|---|---|---|---|
| Companies | Read | ✓ | ✓ | ✓ | ||
| Write | ✓ | ✓ | ✓ | |||
| Sharing | Read | ✓ | ✓ | ✓ | ||
| Write | ✓ | ✓ | ✓ | |||
| Filerskeepers | Read | ✓ | ✓ | ✓ | ||
| Write | ✓ | ✓ | ✓ | |||
| Group Settings (General) | Read | ✓ | ✓ | ✓ | ||
| Write | ✓ | ✓ | ✓ | |||
| Delete | ✓ | ✓ | ✓ | |||
| Identity & Access / Users | Read | ✓ | ✓ | ✓ | ✓ | ✓ |
| Write | ✓ | ✓ | ✓ | ✓ | ✓ | |
| External Integrations | Read | ✓ | ✓ | |||
| Write | ✓ | ✓ | ||||
| Antimalware | Read | ✓ | ✓ | |||
| Write | ✓ | ✓ | ||||
| Email Logs | Read | ✓ | ✓ | |||
| Write | ✓ | ✓ | ||||
| Export & Import | ✓ | ✓ | ✓ | ✓ | ✓ | |
Operational & Specialized Roles
The following table details roles designed for specific technical or workflow functions, such as system administration or processing workflows.
Note on Employee Role: The "Employee" role is the default for all users. They have limited visibility to ensure data security.
- Dashboard: Read access to charts.
- User Settings: Manage own profile.
- Modules (ROPA, Tasks, etc.): Access is only granted if the specific element is assigned to the user as the "Responsible Person" or if the user belongs to an Audience that has been explicitly granted access.
| Feature | IT Administrator | Workflow Manager | IGDTA Administrator |
|---|---|---|---|
| Role Focus | Technical setup & Users | Project Management | Inter-group Data Transfer |
| User Management | Read, Write | - | - |
| IT Settings | Read, Write | - | - |
| Tasks & Projects | Read, Write, Delete | Read, Write | - |
| Incidents | - | Read, Write | - |
| IGDTA Config | - | - | Read, Write |
| Core Modules (ROPA, Vendors) | - | - | - |