# 16.5.1 Global Access Rules The first thing to define is the Sharing Access rule for each of the modules. With what degree of freedom do you want the content of the modules to be accessible to users? The most restrictive approach is Private, which will strictly follow the hierarchical roles (for visibility, creation, modification and deletion). The Public approach has 3 levels of decreasing restrictions, therefore some privileges (visibility and/or creation and/or modification and/or deletion) will no longer be based on hierarchical roles, but will be open.
**Public: read only** | All users can access and view the module data. Only the assignee and users with a higher hierarchical role can publish, modify or delete data. |
**Public: read, create/edit** | All users can view, create and edit the module data. Only the assignee and users with a higher hierarchical role can delete data. |
**Pubblic: read, create/edit, delete** | All users can view, edit and delete data. With this setting the CRM is completely public. |