There are several components of account security in Pipedrive: permission sets, visibility groups, security dashboard, and a few others. The two major ones—permission sets and visibility groups—differ in that permission sets determine what specific users in your account can do, while visibility settings determine what specific users in your account can see. However, if you look closely, this distinction can become blurry, as some permissions also control the visibility of certain things. Nonetheless, this does not invalidate the rule.
In this article, we’ll do an in depth analysis of the permission sets you can configure in your account, and give you our recommendations which of the default settings should be changed based on our experience with the clients, and how, of course.
Using permission sets in practice
From the feedback we’ve received from clients we’ve worked with and implemented Pipedrive for, it seems that many of them don’t often explore this part of their Pipedrive account. This is surprising because it is a powerful feature that can help address potentially risky business scenarios, such as an employee taking all your company’s data with them.
In our typical Pipedrive implementation workflow, determining permission sets usually occurs at the end of the process, right before user onboarding.
There are a couple of things worth pointing out here. Pipedrive groups various features of the platform into modules that it refers to as “apps.” A good way to think about permissions in Pipedrive is that each of the Deal/Lead, Campaigns, and Global Features apps comes with its own set of permissions. You can also create your own permission sets, which are bundles of granular permissions.
We’ll start with the default permission sets and then recommend a number of custom permissions you can use to make your account truly secure. As always, recommendations are taken directly from the spec of our Pipedrive Booster 2.0 implementation package.
Pricing plan limits for permission sets
When creating custom permission sets, whether you follow the implementation best practices outlined in this article or develop your own, keep in mind the limits associated with each pricing plan. Here they are:
| Pricing plan limits | Custom permission sets |
| Essential and Advanced | – |
| Professional | 2 |
| Power | 10 |
| Enterprise | Unlimited |
Managing permission sets in Pipedrive
To access the Pipedrive permission sets feature, go to “Manage Users” and select “Permission sets.”
To add your own custom permission set, click “Permission set.”
In order to edit the default permission sets, click “Edit permission set” on the modal that slides in after selecting any of them:
Diving deep into specific permission sets
In the next few sections, we’ll closely examine some of the key permission sets that Pipedrive offers by default, discuss whether you should keep these settings unchanged based on our multiple implementation experiences, and explain how to customize them if needed.
Prerequisite: regular vs admin user
When you navigate to the permission set management page, you’ll see two permission tiers regardless of the permission scope: Admin and Regular User. Admins can do everything, while Regular Users are assigned by default to new users added to your account. Keep this distinction in mind to simplify managing permissions in the future.
Deal/lead permission sets
To continue from the previous paragraph with an example and solidify the key distinction, let’s start by reviewing the permissions of the Deal/Lead module:
- Deals Admin: Users with this permission can view and edit everything related to individual deals, as well as company-wide deal and sales settings, such as pipelines and deal stages.
- Deals Regular User: This is the default permission for new users. They typically have access to all deal and lead information but may have limitations on the activities they can perform.
In our opinion, the default permissions in this critical area of Pipedrive for deals/leads are too permissive for regular users. That’s why in our implementations—where security settings are always a default component regardless of the scope—we typically amend these standard settings to remove editing and deleting permissions for critical entities from regular users.
For example, we believe the default Deals Regular User permission set should not allow modification of lead or deal owners. Permissions to edit deals owned by other users should be delegated to a separate permission set. To avoid a high concentration of permissions for regular deal users and to ensure a cleaner division of responsibilities, we also recommend setting up a dedicated permission set for users focused on managing the LeadBooster components (LiveChat, Prospector).
| Permission | What the permissions allow for | Default deals admin permission set | Default Deals regular user permission set | Our best practice |
|---|---|---|---|---|
| Add deals | Add deals to any accessible pipeline and convert leads into deals. | ✔︎ | ✔︎ | Use default settings for manual input, but strive to implement lead qualification and conversion by a unified logic for all leads. |
| Add leads | Manually add new leads to the Leads Inbox. Automated sources (like web forms) and Prospector can still be used to create leads. Converting deals to leads requires a separate permission. | ✔︎ | ✔︎ | Use default settings for manual input, but strive to add leads to the inbox through the automated process based on centrally set criteria. |
| Edit deals owned by other users | Edit a deal’s core data. Without this permission, users can still manage followers, notes, files, documents, activities, and link emails and projects. However, merging and deleting deals require separate permissions. | ✔︎ | ✔︎ | Create a dedicated, read-only permission set for the Deals app that prevents editing of deal fields, as it can lead to unforeseen consequences. |
| Edit the owner of a deal owned by other users (requires the “Edit deals owned by other users” permission). | Change the owner of other users’ deals. The current owner can always reassign the deal to someone else. | ✔︎ | ✔︎ | Remove the permission to change the default deal owner by other regular users, leaving it only on the deal admin user. |
| Edit leads owned by other users | Edit a lead’s core data. Without this permission, users can still add and edit notes, activities, and link emails. Merging and deleting leads require separate permissions. | ✔︎ | ✔︎ | Use default settings. |
| Edit the owner of a lead owned by other users (requires the “Edit leads owned by other users” permission). | Change the owner of other users’ leads. The current owner can reassign the lead to someone else regardless of this permission. | ✔︎ | ✔︎ | Use default settings. |
| Delete deals | Delete any deals they have access to | ✔︎ | ✔︎ | Remove the permission to delete deals from deal regular users’ deal permission sets. Automate deal deletion through central logic. |
| Delete leads | Delete any leads they have access to | ✔︎ | ✔︎ | Remove the permission to delete leads from regular deal users’ deal permission sets. Automate deal deletion through central logic. |
| Convert deals to leads | Convert any deal they can access. The original deal will be deleted when it is converted to a lead. | ✔︎ | ✔︎ | Remove the permission to delete deals to leads from regular deal users’ deal permission sets. Automate deal conversion process through central logic. |
| Merge deals | Merge two deals in the deal detail view. | ✔︎ | ✔︎ | Use default settings. |
| Merge leads | Merge two leads in the lead detail view. | ✔︎ | ✔︎ | Use default settings. |
| Edit a deal’s won/lost time | Modify the won/lost timestamp of closed deals. This timestamp impacts the account statistics and reporting. Without this permission, users cannot edit this field, even for their own deals. | ✔︎ | ✔︎ | Remove the permission to edit a deal’s won/lost time from regular deal users’ deal permission sets. |
| Visibility | View the number of deals and their total value in pipelines and deal list views. | ✔︎ | ✔︎ | Use default settings. |
| (LeadBooster) Use Live Chat | View, assign, and participate in Live Chat conversations. This permission does not include access to chat setup. | ✔︎ | ✔︎ | Create a separate permission set exclusively for LeadBooster. |
| (LeadBooster) Use Prospector | Access Prospector to search for potential leads in the database. Adding leads to Pipedrive and viewing their full details requires the “Add Prospector leads” permission. | ✔︎ | ✔︎ | Create a separate permission set exclusively for LeadBooster. |
| (LeadBooster) Add Prospector leads | Add leads from Prospector using shared credits. Add leads and link people and organizations, even without the necessary permissions. | ✔︎ | ✔︎ | Create a separate permission set exclusively for LeadBooster. |
Global features permissions
The next major module of Pipedrive to which you can customize permissions is global features permissions and it controls a number of sub-modules, such as:
- Data management: This controls the creation of the Pipedrive account structure, which we’ve covered extensively, along with 100+ examples, in another blog entry.
- Sharing capabilities: This includes account filters and Insights dashboards.
- Integrations and synchronizations: This encompasses API access as well.
- Contact entity.
The default permissions for the above elements are grouped in the familiar admin/regular user format, with a slight variation: the default permission for admins is called the Global Admin permission set, while for regular users, it is called the Global Regular User permission set.
Let’s consider the optimal level of permissions at each level.
Data management
Structuring your Pipedrive account properly is crucial. We believe regular users shouldn’t have broad permissions that impact account structure. Pipedrive supports this approach with limited permissions in the default Global Regular User set, which restricts access to everything except bulk editing and exporting data from list views. While bulk editing is generally low-risk, exporting data can be problematic. We recommend removing this permission, as allowing regular users to download your entire lead list can compromise data security.
| Permission | What the permissions allow for | Default global admin permission set | Default global regular user permission set | Our best practice |
|---|---|---|---|---|
| Set up new custom fields | Add custom fields and groups to the data fields setup. | ✔︎ | Use default settings. | |
| Edit custom fields setup | Edit custom fields and groups to the data fields setup. | ✔︎ | Use default settings. | |
| Delete custom fields from setup | Delete custom fields and groups from the data fields setup. Deleting fields may cause data loss, but deleting a group won’t delete the fields in it. | ✔︎ | Use default settings. | |
| Import data from spreadsheets | Exactly as the permission name suggests. | ✔︎ | Use default settings. | |
| Set up labels | Create (lead) labels. | ✔︎ | Use default settings. | |
| Bulk edit items | Edit items in bulk. | ✔︎ | ✔︎ | Use default settings. |
| Export data from list views | Export list view data. | ✔︎ | ✔︎ | Remove the permission for regular users to export list view data. |
Sharing capabilities
When it comes to user permissions for sharing and editing dashboards and filters across the company, the default settings are generally safe.
| Permission | What the permissions allow for | Default global admin permission set | Default global regular user permission set | Our best practice |
|---|---|---|---|---|
| Share filters with other users | Make their own filters visible to all company users. | ✔︎ | ✔︎ | Use default settings. |
| Edit shared filters of other users | Edit filters created and shared by other users. | ✔︎ | ✔︎ | Use default settings. |
| Share Insights dashboards as public links | Create shareable links from Insights dashboards. | ✔︎ | Use default settings. |
E-mails, Tools and Setup
While limiting permissions for creating Smart Docs templates to the legal team is understandable, we disagree with the default setting that prevents regular users from building automations. Training your team to use Pipedrive automations is one of the highest-ROI goals, so we recommend enabling this permission for regular users if your team is well-trained. Note that automations are covered in our 1-hour free Pipedrive training for the entire team, which is included with any of our Pipedrive implementation plans (yes, including the free plan).
| Permission | What the permissions allow for | Default global admin permission set | Default global regular user permission set | Our best practice |
|---|---|---|---|---|
| Use email tracking | Track if email recipients open emails or click links. | ✔︎ | ✔︎ | Use default settings. |
| Add automations | Add new automations. | ✔︎ | Add the permission for regular users to add new automations. | |
| Access user’s own API token | View their personal API token for integrations. | ✔︎ | ✔︎ | Use default settings. |
| Add and import Smart Docs templates | Add templates and import them from storage. Permissions to use or edit each template are specified individually. | ✔︎ | Use default settings. |
Contacts (People and Organizations) and Products
Contacts, including People and Organizations, are essential for setting up your Pipedrive account. The activities and permissions related to them are generally safe, focusing on adding or editing contacts. However, we believe regular users should not have the ability to change the owner of a contact, organization, or product. Therefore, we recommend removing these permissions from the default global regular user permission set in Pipedrive.
| Permission | What the permissions allow for | Default admin permission set | Default regular user permission set | Our best practice |
|---|---|---|---|---|
| Add people | Add a new person to the contacts | ✔︎ | ✔︎ | Use default settings. |
| Add organizations | Add a new organization to the contacts | ✔︎ | ✔︎ | Use default settings. |
| Add products | Add a product to the catalog. | ✔︎ | ✔︎ | Use default settings. |
| Edit people owned by other users | Edit the core data of a contact person. Without this permission, users can still edit followers, and add and edit notes, files, documents, and activities, as well as link emails and projects. Merging and deleting require separate permissions. | ✔︎ | ✔︎ | Use default settings. |
| Edit the owner on a contact person owned by other users (requires the “Edit people owned by other users” permission). | Change the owner of other users’ contacts. The current owner can always assign the contact to someone else. | ✔︎ | ✔︎ | Remove the permission for regular users to edit the owner of a person owned by other users. |
| Edit organizations owned by other users | Edit the core data of an organization. Without this permission, users can still edit followers, add and edit notes, files, documents, and activities, and link emails and projects. Merging and deleting require separate permissions. | ✔︎ | ✔︎ | Use default settings. |
| Edit the owner on an organization owned by other users (requires the “Edit organizations owned by other users” permission) | Change the owner of other users’ organizations. The current owner can always reassign the organization to someone else. | ✔︎ | ✔︎ | Remove the permission for regular users to edit the owner of an organization owned by other users. |
| Edit products owned by other users | Edit the core data of a product. Without this permission, users can still edit followers. Deleting products and product price variations requires separate permissions. | ✔︎ | ✔︎ | Use default settings. |
| Edit the owner on a product owned by other user (requires the “Edit products owned by other users” permission) | Change the owner of other users’ products. The current owner can always reassign the product to someone else. | ✔︎ | ✔︎ | Remove the permission for regular users to edit the owner of an product owned by other users. |
| Delete people | Delete person records. | ✔︎ | Use default settings. | |
| Delete organizations | Delete organization records | ✔︎ | Use default settings. | |
| Delete products | Delete any product from the catalog. Deleted products cannot be restored. | ✔︎ | Use default settings. | |
| Delete product price variations | Delete price variations from products in the catalog. Deleted price variations cannot be restored. | ✔︎ | Use default settings. | |
| Merge duplicate people | Merge two contacts using the “Merge duplicates” tool. | ✔︎ | Use default settings. | |
| Merge duplicate organizations | Merge two organizations using the “Merge duplicates” tool. | ✔︎ | Use default settings. |
Campaigns permission sets
By default, Campaign module comes with two permission sets:
- Campaigns Admin manages everything related to the campaign configurations, including rather sensitive settings such as sender and domain information, and creates the campaigns.
- Campaigns Limited permission set is the default setting that applies to new user and limits their capabilitieis to accessing reports.
In our experience, this default configuration is generally optimal, and we haven’t found it leading to conflicts or issues in the companies we’ve worked with. Our recommendation, however, would be to create, if your pricing plan allows, a dedicated permission set for the person—typically a marketer—responsible for the practical aspects of campaign creation, even if they cannot send the campaigns. We believe this can potentially improve the flow of campaign creation within companies. In other words, we’re talking about creating a permission set that includes just one permission: Edit campaigns and email templates.
| Permission | What the permissions allow for | Default campaigns admin permission set | Default campaigns limited permission set | Our best practice |
|---|---|---|---|---|
| Manage sender and domain information | Add, edit, and delete sender and domain information. This information will be available to all users who send campaigns. | ✔︎ | Use default settings. | |
| View campaign reports | Access reports that show email campaign performance (open and click rates, top geographical locations, bounces, and more). | ✔︎ | ✔︎ | Use default settings. |
| Send campaigns | Send campaigns to subscribed contacts. Ensure users who send campaigns have editing permissions enabled. | ✔︎ | Use default settings. | |
| Edit campaigns and email templates | Add and edit campaigns and email templates. Note that sending campaigns requires a separate permission. | ✔︎ | Create a dedicated permission set for people who want to create and edit campaign templates. | |
| Delete campaigns and email templates | Delete campaign drafts and email templates. | ✔︎ | Use default settings. |
Projects (only module permissions are managed without individual granular permissions)
| Permission | What the permissions allow for | Default admin user | Our best practice |
|---|---|---|---|
| Module permission | See and edit all project data, manage company-level Projects setup | ✔︎ | Use default settings. |
Learn to respect permissions
Pipedrive permissions are often overlooked, but they are crucial for keeping your account secure and running smoothly. Many users don’t realize the benefits of customizing these settings, which can lead to inefficiencies and security risks. Our article highlights why it’s important to review and adjust your permission sets to fit your business needs.
We encourage you to take a closer look at Pipedrive’s permissions and use our tips as a starting point to create a solid permission structure. As always, reach out to us if you want to maximize your Pipedrive ROI with our Pipedrive implementation plans, which include a free 7-day setup plan.
Photo attribution
As usual, the featured image of the article is a photograph that corresponds with the article’s topic. This time, the shoutout goes to Photo by Pietro Jeng via Unsplash.
