# 16.5 Sharing Access vtenext allows you to set the access privileges of the Roles, defining whether the content of the CRM is generally accessible (public) or with limitations. There are various degrees of limitation. The rules are divided into two blocks: general global access rules and custom rules. The general rules of access are valid as standard for all Roles, but at the same time it is possible to attribute exceptional rules to certain Roles only, in order to cover the most diverse needs of the different company structures. In general, what you will do through Sharing Access is to tell the system which users (based on their hierarchical role) will be able to see and/or modify the data contained in the CRM, module by module. **Warning!** After any changes to the shared rules, **press the Recalculate button** to verify the configuration as a whole, avoid conflicts and make the changes operational. [![16.5 [1].png](https://usermanual.vtenext.com/uploads/images/gallery/2022-06/scaled-1680-/8H316-5-1.png)](https://usermanual.vtenext.com/uploads/images/gallery/2022-06/8H316-5-1.png) The first thing to define is the Sharing Access rule for each of the modules. With what degree of freedom do you want the content of the modules to be accessible to users? The most restrictive approach is private. When this sharing acess rule is applied to a module the visibility, creation, modification and deletion of records will follow the hierarchy that was defined inside the roles. In details the possible cases are shown below: - users with the same roles will be able to see, modify and delete the records that were assigned to them, but they will not be able to make the same actions, mentioned previously, to the users with the same roles; - users that have subordinates in hierarchy will be able to see, modify and delete their own records and the records of their subordinates. The Public approach has 3 levels of decreasing restrictions, therefore some privileges (visibility and/or creation and/or modification and/or deletion) will no longer be based on hierarchical roles, but will be open.
**Public: read only** | All users can access and view the module data. Only the assignee and users with a higher hierarchical role can publish, modify or delete data. |
**Public: read, create/edit** | All users can view, create and edit the module data. Only the assignee and users with a higher hierarchical role can delete data. |
**Pubblic: read, create/edit, delete** | All users can view, edit and delete data. With this setting the CRM is completely public. |