Sincrio
Start free
Multi-location

Roles and Permissions: Who You Let Touch What as You Grow

· May 5, 2026 ⏱ 6 min
Roles and Permissions: Who You Let Touch What as You Grow

When a restaurant is a single location and the owner is in the kitchen or dining room for every service, management is direct: they approve everything, review everything, and make all decisions. No structure, no permissions, no formal roles.

When the group grows to two, three, or four locations, this management style stops working. The owner cannot be everywhere. You have to delegate. And delegating poorly creates two opposing risks: either too much is delegated, and problems arise (errors, abuses, inconsistencies), or too little is delegated, and the team becomes paralyzed waiting for approvals for everything.

Balance is achieved with a clear structure of roles and permissions.

The Three Typical Levels in Hospitality

Most hospitality groups operate with three levels that provide a good balance between autonomy and control:

1. Administrator (admin). The owner, partners, general manager. Full system access. Can view and modify everything across all locations. Can create and delete users. Can adjust critical settings (reference prices, integrations, tax data).

2. Manager (location manager). The manager of each restaurant. Complete access to their location but not to others. Can approve invoices, manage inventory, hire/terminate local staff, view local reports. Cannot access consolidated group data or modify global settings.

3. Staff (operational employee). Cooks, waiters, dining room managers. Operational access only: upload documents, record waste, clock in/out. Cannot view complete financial data or modify prices.

These three roles cover 90% of needs. There are variations (auditor, accountant, sales), but as a base, they are sufficient.

What Permissions to Assign to Each Role

Admin can:

  • View and edit invoices, delivery notes, products, suppliers across all locations.
  • Configure reference prices.
  • Create, modify, and delete users.
  • Access consolidated group data.
  • Change system configurations.
  • Access all financial reports.

Manager can:

  • View and edit invoices, delivery notes, products, suppliers for their location.
  • Approve/reject invoices with discrepancies (up to a certain amount).
  • Create/modify employees for their location.
  • View operational reports for the location.
  • Cannot view or modify data from other locations.
  • Cannot modify global configurations.

Staff can:

  • Upload documents to the system (mobile photo, email forwarding).
  • Register delivery note entries upon receiving an order.
  • Record waste if operations require it.
  • View the list of products and suppliers for the location.
  • Cannot view prices or complete financial data.
  • Cannot approve payments or modify configurations.

Typical Errors That Arise Without This Structure

Too much staff access. When the entire team has access to prices, margins, and financial data, two things happen: the confidentiality of sensitive information is lost (some employees might share it with competitors), and employees get distracted looking at data that is not their responsibility.

Insufficient manager access. When a location manager cannot approve invoices or has to call the owner for every decision, operations slow down. The owner becomes a bottleneck, and the manager loses autonomy and motivation.

No segregation between locations. In multi-location groups, allowing any manager to view data from any location creates problems: inappropriate comparisons, unsuitable internal conversations, and the risk of leaks. Each manager should only see their own data.

Shared accounts. "This is the location's account." Several employees using it with the same password. Impossible to know who did what. When there's a problem, there's no accountability. Best practice: each user has their own account, even if they are staff.

How to Structure the Transition

If you've been operating without formal permissions for a while and want to introduce them, don't do it overnight. Here are four steps:

Step 1: Document the current situation. Who accesses what today, formally or not. Identify who acts as a "de facto admin" but isn't formalized, and who has passwords they shouldn't.

Step 2: Define the roles your organization needs. Likely the three standard ones (admin, manager, staff). If you have any special cases (an external consultant who occasionally logs in, a sales representative), add a fourth role with specific permissions.

Step 3: Communicate to the team. Before the change, explain to each person what will change for them. Important: emphasize that the change is for organization, not to "control them" more. Poorly communicated, it generates resistance. Well communicated, it builds trust.

Step 4: Implement with room for adjustment. Adjust during the first few weeks. If a manager discovers they need a permission they don't have to do their job, adjust the role. Don't stick with the first "perfect" version.

The Special Case: External Accountants and Agencies

Your accounting firm or tax advisor typically needs "view and export" access: they can see all invoices, download ledgers, and generate accounting reports. But they don't need to modify day-to-day operational data.

Best practice: create a "Consultant" or "Advisor" role with full read-only permissions + the ability to export reports. No editing permissions. Your advisor accesses when needed, without the risk of accidentally modifying anything.

Auditing: What Changes When Roles Are in Place

Once you have defined roles, the system can record who did what:

  • Who uploaded that invoice.
  • Who approved that payment.
  • Who modified that reference price.
  • Who onboarded that employee.

When a problem arises (an invoice approved that shouldn't have been, data modified incorrectly), traceability allows you to reconstruct the path. Not to point fingers, but to understand the process and improve it.

Without roles, everything is "someone did it, I don't know who." With roles, there is clear accountability.

Errors to Avoid

1. Giving someone admin access "to keep things simple." The exception becomes the rule. An unnecessary person with full access is a permanent risk.

2. Not reviewing access when someone leaves the company. An employee who is no longer with the company but still has an active account is a significant risk. You must deactivate it immediately.

3. Sharing passwords within a role. Even if two managers have the same role, each needs their own account. Same authorization, different identifier.

4. Not training the team on the system. If managers have permissions but don't know how to use the system, the structure is useless. Provide initial training and support availability for questions.

Conclusion

The structure of roles and permissions is one of those topics that seems bureaucratic until someone does something they shouldn't have, and you discover that control wasn't in place. Three well-defined levels (admin, manager, staff), consistent permissions, and change traceability cover most needs for small to medium-sized hospitality groups.

The transition from an "everyone has access to everything" model to one with roles requires careful communication, but the result is a more robust organization and an owner who can delegate without losing visibility.

If you manage multiple locations and need a system with integrated multi-organization roles, Sincrio provides it natively.