When to read this article
You're either inviting your first teammate and trying to pick the right role, or wondering why a colleague can do something you can't (or vice versa). This article walks through the three-level structure (user → company → role), the five team roles, and where the Tax Advisor invite fits — which is sideways to the team-role system, not part of it.
If you're inviting an external accountant or Steuerberater, you want invite your tax advisor, not a team-member role. Tax advisors don't consume seats and have a tighter scope.
The model in one paragraph
A user is a single person with one email + password (or Google sign-in). A user can belong to one or many companies — each company has its own documents, transactions, sub-processors, billing, and audit log. Within a company, every user has exactly one role that controls what they can see and do. Switching companies (in the company switcher at the top of the app) changes the lens; the same user can be Owner in one company and Member in another.
This is multi-tenancy with per-tenant role. Mentally: one address book of users, many separate businesses each with its own crew, where the same person can wear different hats in different businesses.
The 5 team roles, side by side
| Role | Documents | Invoices/transactions | Matching rules | Team | Billing | Delete company |
|---|---|---|---|---|---|---|
| Owner | Upload, edit, delete | Full edit | Create, edit, delete | Invite, change roles, remove | Full | Yes |
| Admin | Upload, edit, delete | Full edit | Create, edit, delete | Invite, change roles, remove | Read-only | No |
| Bookkeeper | Upload, edit | Full edit | Create, edit, delete | No | No | No |
| Member | Upload (own only) | Read | No | No | No | No |
| Viewer | Read | Read | Read | No | No | No |
And the separate Tax Advisor invite (see invite your tax advisor) — bounded read-only access for external accountants, with one write action: flagging an invoice with a comment for your attention. It is not a team role you assign to your own crew.
Why these five roles, in plain English
- Owner is whoever signed up + owns the subscription. There is always exactly one. If the Owner leaves, ownership has to be transferred before they're removed —
Settings → Team → Transfer ownership. The Owner is the GDPR data controller and the Stripe billing contact. - Admin is for trusted co-leads who do everything except see billing. Think co-founder, head of operations, the second-most-senior person in the company. Admins can invite and remove other team members, change their roles, and act on every document — but the Stripe-Billing tab is hidden from them. Useful when you don't want your team seeing your invoice from us.
- Bookkeeper is the person who actually does the books. The heaviest day-to-day user. Full edit on invoices and transactions, can create matching rules, can run exports. Cannot manage team or see billing. This is the right role for a part-time bookkeeper you've hired or for the team member who has taken on the books.
- Member is the rest of the team who forwards their own receipts and uploads their own expense documents but doesn't touch anyone else's. They see only documents they uploaded themselves; the wider Documents view filters out other people's work. Right role for sales people, engineers, anyone who occasionally has an expense to record.
- Viewer is the audit / investor / silent co-owner who watches but doesn't act. Full read across invoices, transactions, exports — no edit anywhere. Right role for advisors who shouldn't be a tax-advisor-invite (because they're internal) but shouldn't be able to change things either.
How role assignment works in practice
Inviting a new team member: Settings → Team → Invite member. You enter email and pick the role. They get an email; clicking signs them up (or signs them in) and joins your company at the assigned role. The role you pick at invite time is editable later — no migration needed.
Changing someone's role: Settings → Team, click the role pill next to their name, pick a new one. Effective immediately; their next page-load reflects the new permissions. They see a one-line notification "Your role in
Removing a team member: same page, Remove. Their access ends immediately, their seat frees up on your plan, their audit-log entries stay (we don't rewrite history — what they did is still attributed to them). If they had documents-they-uploaded with Member scope, those documents stay in the company; only their access ends.
Per-tenant means per-company
Each company is its own tenant. Concretely:
- Document quota is per-company (so two companies on the same Free plan each get 10 documents/month, totalling 20 — but each from their own quota, with separate counters).
- Team-member count counts per-company (the Free plan's 1-user limit is one user per company, not one user across all your companies).
- Audit log is per-company.
- Billing is per-account (you get one Stripe invoice covering all your companies).
This matters most when you're running multiple small businesses through one account — each gets its own clean separation, but the bill is unified.
Edge cases
I want to change my own role. Owners can change anyone's role including their own. Admins cannot change their own role; only Owner can. To downgrade yourself, ask the Owner to do it (or be the Owner).
There's no Owner anymore. Shouldn't happen — Transfer ownership is the supported path, and the system blocks removing the last Owner. But if you've somehow ended up Owner-less (e.g. Owner deleted their user account before transferring), write to [email protected] from a team email. We verify ownership via the original signup email + billing record and reassign Owner role within 1–3 working days.
Custom matching rules — which roles can create them? Bookkeeper, Admin, Owner. Members and Viewers can see existing rules but not create or edit. See creating a custom matching rule for the rule-creation flow.
I'm the Owner of two companies and want to combine them. Not self-service yet. Both companies stay separate; the unified billing already gives you most of what merging would do. If you genuinely need data-merge (one shared document pool, shared audit history), write to [email protected] for a manual data-migration. We do it for 1–3 working days, but it can't be reversed.
My team-member upload count seems off. Document quota is consumed per-upload, not per-user. The Member who uploaded counts toward the company's quota, not theirs. Look at Settings → Plan → Usage for the company-wide counter and the breakdown by user if you want to see who's uploading what.
Two team members were editing the same invoice simultaneously. Last-save-wins for free-form fields; the audit log shows both edits. We don't currently surface a "another user is editing this" warning. For high-coordination teams, the convention "one bookkeeper per company" is the cleanest workflow.
Can a tax advisor also be a team member? Yes, on different companies. A user with a tax-advisor invite to Company A and a Bookkeeper role on Company B sees both, with the appropriate scope on each. The two roles are independent.
What does the Tax Advisor have access to that a Viewer doesn't? Tax Advisors can flag invoices with a comment (the only write action they have); Viewers can't write at all. Conversely, Viewers can see your team list; Tax Advisors cannot. They're scoped for different purposes — Viewer is internal observation, Tax Advisor is external review.
Related
- Sign up and add your company — Owner role created at signup
- Invite your tax advisor — the separate external-access flow
- The onboarding wizard explained — what the wizard asks
- Creating a custom matching rule — role-gated to Bookkeeper+