The system includes several predefined roles designed to ensure the right balance between access, control, and security. Each role has specific permissions, and all user actions are tracked in audit logs.
Note: Available roles may vary depending on your portal configuration, tier structure, and package.
Role Types
1. Owners
Primary Owner
- Has full access to all vault features, including reminders, unfiled section, and sharing options.
- Depending on the package, can access both company folders (regular or global) and personal folders.
- Can manage permissions for Trusted Collaborators in personal folders.
- Cannot remove Administrative Users from company folders.
Co-Owner
- An additional owner with the same rights as the Primary Owner.
- Access can only be removed by an Administrative User, not by another owner.
2. Administrative Users
Administrative Users are members of the organization that provides the vault. Their role and level of access depend on the tier and portal type.
Administrator (Admin)
- Has automatic access to all company vaults.
- Does not have access to personal folders unless explicitly granted.
- Cannot be removed from company folders by Owners or Collaborators.
Representative (Rep)
- Assigned to specific vaults and folders by an Administrator.
- Has access only to the company folders or features that have been permitted.
- May perform actions such as uploading, moving, or downloading documents within the assigned areas.
- Like Admins, cannot be removed from company folders by Owners or Collaborators.
3. Collaborators
Collaborators are typically external users (e.g., family members, accountants, legal advisors) who are granted controlled access to specific content.
Trusted Collaborator (Regular)
- Granted access by a Vault Owner, Co-Owner or Administrative .
- Can only see the folders, subfolders, or documents that have been explicitly shared.
- Permission can also be set based on Entities.
- Requires an account in the system.
- Access can be modified or removed at any time for one specific vault.
Trusted Collaborator (Global)
- Granted access by an Administrator.
- May be assigned to multiple vaults.
- Permissions can be narrowed to specific areas within the company folder template.
- Requires an account in the system.
- Cannot be combined with a Regular Trusted Collaborator role.
Full Access Collaborator
- Has the same permissions as a Vault Owner.
- Requires an account in the system.
- Access can be removed by a Vault Owner.
4. External Users
- Accesses the vault through a secure one-time link to view, download, or upload specific documents.
- Does not require an account or password.
- Must provide basic identification (name, last name, email) when using the link.
- Access ends when the link expires or is removed.
Role Combinations
- A single individual can hold more than one role, but some combinations are restricted.
- Examples:
- A Trusted Collaborator cannot also be a Global Collaborator.
- An Administrator cannot have a personal vault within the same tier.
| Role | Requires Account | Who Creates / Grants Access | Typical Use Case |
| Primary Owner | Yes | Admin | Original vault holder |
| Co-Owner | Yes | Admin | Secondary vault holder |
| Admin | Yes | Organization | Company administrator |
| Rep | Yes | Admin | Advisor or support staff |
| Trusted Collaborator (Reg) | Yes | Owners, Administrative Users | Professional or family member with limited folder access |
| Trusted Collaborator (Global) | Yes | Admin | External professional with access to multiple vaults |
| Full Access Collaborator | Yes | Vault Owner | An individual requiring full permissions without being an Owner (EA) |
| External User | No | Vault Owner/Admin/Rep / By permission | One-time access via secure link |
| Contact | No | By Permission | Reference profile, no access |