User roles and permissions
Packages: Basic | Standard | Premium
You can control access to your organization's data by assigning user roles. Most members of the organization should be granted the employee role.
All employees have access to the main pages within ChartHop, regardless of role. Only the Technical owner role and the Owner role can view administrative pages. Learn more about ChartHop navigation.
Assigning roles to the members of your organization should be a thoughtful process and follow the principle of granting users only the permissions they need and no more than that. For a number of roles, including members of HR, recruiting, finance, IT, and more, additional permissions may be appropriate, depending on the needs of your organization.
For example, a department head will have access to sensitive data, such as compensation, for all of their reports, and their reports, all the way down the tree -- but would not receive access to peers or those in other departments.
For roles that have access to sensitive data, you can further filter what those with that role can see. For example, you can assign the Org editor role to multiple people in your organization, but filter each person to see only their department.
Only users with sensitive data access can view future-dated org changes, such as unannounced promotions.
ChartHop Basic customers have only two roles to choose from Employee and Owner.
ChartHop Basic and ChartHop Standard users can only use the default roles that ChartHop provides.
ChartHop Premium customers can work with their ChartHop representative to further customize the permissions associated with roles as necessary.
The following roles are deprecated. 
- Time Off Viewer
- Personal Contact Viewer
Access remains unchanged for users who have already been assigned these roles. Although new users cannot be assigned these roles.
Role | Description | Supports custom filters for assigned users |
Employee | Allowed to see their own personal information and the sensitive information of anyone in their reporting line. This is the default access level, appropriate for most organization members. |  |
Employee (no comp data) | The same access as an employee but without permission to view compensation data. |  |
Compensation viewer | Same as an employee but can also see compensation data. | X |
Guest | Can view org public data. Recommended for users outside the organization. Users who are org members can also see their own personal data, but not the sensitive data of individuals in their reporting line. |  |
Org editor | Access to all sensitive data, including compensation, with the ability to edit and make permanent changes to the primary environment. Does not have admin capabilities such as the ability to install applications or change organization-wide settings. | X |
Owner | Allowed full access to everything, including the ability to change user permissions, configure integrations, and alter organization-wide settings. Because of the scope involved, this access should be tightly restricted. | X |
Recruiting Editor | Same as an employee and can view and edit open jobs. |  |
Recruiter | Allowed to view sensitive information about open jobs only, including target compensation levels and viewing all sensitive data. Not allowed to make changes to the primary timeline or access sensitive information about current employees other than those they manage. Can merge scenarios. | X |
Sensitive data viewer (Limited Comp) | Same as an employee but can also see all sensitive data except compensation for those outside of their reporting line. | X |
Sensitive data viewer | Same as an employee but can also see all sensitive data, including for those outside of their reporting line. | X |
Technical owner | Allowed to manage user permissions, configure apps and integrations, update custom fields, and alter organization-wide settings. However, they do not receive direct access to sensitive people data in the application. Because of the ability to configure data access and API keys, a Technical Owner could indirectly establish access to sensitive data (although such activity would be auditable), so this role should be granted with care to appropriate IT, staff. | X |

The following permissions are associated with each built-in role. Customers who have ChartHop Premium can work with ChartHop technical support to customize roles for their organization.
Permission | Description | Associated with role |
Standard access |  | All roles |
Hide compensation | Cannot view any compensation data. | Employee (no comp data) |
Hide all sensitive data | Can't view any sensitive data. Sensitive data includes compensation, personal contact info, and so on. |  |
View time off | Can view time-off information for all employees. |  |
View personal contacts | Can view personal information of all employees. |  |
View cash compensation | Can view cash compensation for all employees. | Compensation viewer |
View equity compensation | Can view equity compensation for all employees. | Compensation viewer |
View all open jobs | Can see all open jobs. | Recruiter |
View and edit all open jobs | Can view and edit all open jobs. | Recruiting editor |
View all sensitive data | Can view all sensitive data for all employees. |
|
Manage fields | Can add, edit, delete, and organize fields. | Technical owner |
Manage apps | Can install, configure, and uninstall apps. | Technical owner |
Manage forms | Can add, edit, and delete forms. | Technical owner |
Manage users | Can add, edit, and delete users. |
|
Manage groups | Can add, edit, and delete groups. |
|
View and edit all org data | Can view and edit all org data for all employees. | Owner |
Merge scenarios | Can merge scenarios. | Recruiting editor |
Administrator | No restrictions. | Owner |