By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data. However, using the Data Sharing Rules, you can extend the access rights to users belonging to other roles and groups. Once the data sharing rules are configured, users associated to other roles and groups can gain additional access to the records that belong to other users. 

Note: The capabilities mentioned in this document apply only to org modules. They are not available for team modules.

Key Features

• By default all the modules have a Private option.
  
• If the Organization-wide permission is set as Public Read/Write/Delete or Public Read/Write, everyone can access and update all the users’ data. Role Hierarchy and Sharing Rules will not be applied in this case.
  
• If the Organization-wide permission is set as Public Read Only, everyone can only view the other users' records. In this case other users cannot modify the owner's records.
  
• If the Organizational permission is set as Private, Role Hierarchy and Sharing Rules can be applied.
  
• You cannot restrict the accessibility set in Organization's default permissions by writing the Sharing Rules. You can only extend the additional data visibility
  
• In the Import History, records that belong to you and your sub-ordinates (if any) will always be shown.
  
• All the Attachments, Notes, and Competitors belonging to a record are accessible, if you are able to view that record.
  
• Forecasts will always be private.

Managing Default Data Sharing Process

You can provide the following types of access levels to user in Zoho CRM modules:

• Private: Only the record owner and his/her superior can view the record.
  
• Public Read only: Users can view others' records but cannot modify or delete the records.
  
• Public Read/Write: Users can view and modify others' records but cannot delete them.
• Public Read/Write/Delete: Other users can view, modify and delete the records.

Permission Required
Users with the Manage Data Sharing permission can access this feature.

 

Note

• By default, access rights to CRM records is set as private so that the record owner and his/her manager can oversee the CRM data.
  
• The organization-level data sharing model is not yet implemented for Notes, Reports, and Dashboards modules.
  

To manage default permissions

1. Go to Setup > Security Control > Roles and Sharing > Data Sharing Settings.
2. Click on the Default Organization Permissions tab and navigate to the particular module you want to edit.
3. Click on the drop-down button to change Default Access for the module:
   
1. Private
   
2. Public Read Only
   
3. Public Read/Write
   
4. Public Read/Write/Delete
   
   

Managing Sharing Rules

The Sharing Rules tab under Data Sharing Settings allows you to create and manage custom data-sharing rules for different modules. Apart from creating new rules, in this section, you can activate, deactivate, clone, search, and filter rules efficiently.

1. Shared From – The role, group, or record condition based on which the data is shared.
2. Shared To – The role or group receiving access.
3. Permission Levels – The level of access granted (Read, Write, Delete).
4. Last Modified User & Time – Provides a quick view of:
1. The date and time of the last update.
2. The user who last modified the rule.
5. Status – Indicates whether the rule is active or inactive.
   

Creating Sharing Rules

1. Go to Setup > Security Control > Data Sharing Settings.
   
2. Navigate to the Sharing Rules tab, and click the Create Sharing Rule button.
   
   
3. In the New Sharing Rule page, do the following
1. Select the module from the drop-down.
   
2. Sharing Rule Name - Specify the Rule name.
   
   
3. Sharing Type - Select how records are shared.
   
1. Based on Record Owner:
   Records Shared From- Select either the roles, roles and subordinates, or groups, to share records from.
   
   For example, the above preference would share all records owned by users with the Sales Executive role.
2. Based on Criteria:

   Set the specific criteria to meet your data sharing requirements.

   Click the + button to add additional criteria.

   Click AND to change the filter condition to OR and vice versa (You can also edit the criteria condition using the Edit Pattern option)
   
   For example, the above set of criteria would share records that have New York as the billing city and have Business.
4. Records Shared To - Select either Roles, Roles and Subordinates, Groups, or All Users to share records to. 
   
   
   For example, records Shared To - Roles and Subordinates - Sales Admin would share the records with all users who have a Sales Admin role and their subordinates.
   
5. Permission - Choose the access type: Read Only, Read/Write, or Read/Write/Delete.
   
6. Superiors Allowed - Tick this checkbox to allow access to the shared records with the superiors to the particular role or group with whom the records are shared
   
4. Click Save.

Note:

1. Once a data sharing rule is created, users will not be allowed to edit the rule until the execution is complete.
   
2. If a module has 4,000,000 or more records, and 60% of them match the set rule criteria, the existing records will not be shared upon saving the rule. The customers have to reach support to share all the existing records that match the criteria. However, new and updated records that match the criteria will be shared.
   
3. When you edit an existing sharing rule, on the Edit Sharing Page you can find details of when the rule was first created and when it was modified.
   
   

Activating or deactivating a rule

You can enable or disable a sharing rule using the toggle button available next to each rule. This provides greater flexibility in managing data access without needing to delete and recreate rules.

To activate or deactivate a rule:

1. Navigate to the Sharing Rules tab.
2. Locate the rule you want to modify.
3. Click the toggle button to turn the rule on or off as needed.
   

Once deactivated, the rule will no longer apply to newly added records until it is reactivated.

Cloning a rule

If you need to create a new sharing rule similar to an existing one, you can clone the rule instead of manually configuring a new one. Cloning allows you to duplicate an existing rule within the same module and make necessary modifications.

For example, if you have a rule for sharing leads from the Eastern region, you can clone it and modify the criteria to apply to leads from the Western region.

​

To clone a sharing rule:

1. Navigate to the Sharing Rules tab.
2. Click the three-dot menu (ellipsis) icon next to the rule.
3. Select Clone.
4. Update the rule name and configurations as required.
   
   
5. Click Save to apply the new rule.
   

Searching and filtering sharing rules

The search bar and filters options help you quickly locate specific sharing rules.

​

Searching by rule name

You can simply enter the rule name in the search bar to find matching results. The list updates in real-time as you type.

Filtering rules

You can also refine the rule list using the filter options:

1. Module Filter – View rules for a specific module or across all modules.
   
   
2. Shared From – Filter rules by a specific role or group that is sharing data.
3. Shared To – Select a target role or group that receives shared data.
4. Superiors Inclusion – Include or exclude rules that apply to superior roles.
5. Status – Filter between active and inactive rules.
   
   

To apply a filter:

1. Click the filter icon.
2. Select the desired filter criteria.
   
   
3. Click Apply to refine the results.