Skip to content

Contacts and user accounts

A contact is a person at a company — and, when they can log in, a user account. Contacts hold identity and contact details, a company and branch, a security role, tags, email/digest preferences, and login credentials. The contact profile (/contact?id=…) is where all of this is viewed and managed.

What the profile shows

  • Identity — name, job title, phone/mobile/email, and a photo.
  • Colleagues — other contacts at the same company.
  • Associated agreements — deals this contact is named on.
  • Activity — a feed and a related-tasks panel; on merchant-mode sites, a CRM panel (emails, comments, attachments).
  • Admin controls (same-site, role-gated): Edit, Reset password, Archive/Restore, and — for superusers — Switch to user.

Roles and permissions

A contact's platform access comes from a security role/permission group assigned on their record (stored as group relations). Their effective role tokens — used everywhere permissions are checked — are assembled when the contact is indexed: their security groups, their company name and type (member/supplier), their tags, their email, and cross-site roles matched by email. See the permissions matrix.

New contacts get an auto-generated password; there is no password field on the create form.

Email and digest preferences

Each contact has notification preferences (edited in the settings dialog, also seeded from their company-manager role):

  • Send digest / Tailored digest — receive the daily digest, optionally filtered to their interest areas.
  • Send immediate — receive instant deal emails, filtered by the importance levels they choose.
  • Notification email (figures reminder), turnover emails (per frequency), and PIM digest.
  • Interest areas — the deal categories that tailor their digest and instant emails.

These flags drive who receives which automated email campaigns.

Archiving

Archiving a contact sets their record inactive (active='false') rather than deleting it; restore reverses it. Inactive contacts are excluded from digests, notifyees, and directory listings. A separate hard-delete exists but archiving is the normal path.

Linked accounts

A person with the same email address across accounts is automatically linked, so their accounts are recognized as one person; these auto-links can't be unlinked.

Impersonation ("Switch to user")

Superusers can switch into another user's session to see the platform as them; it mints a login token for the target contact.

Contact score

The profile shows an engagement/activity score.

Why does a contact change unexpectedly

  • They stopped receiving the digest — their sendDigest was turned off, they were archived, or (tailored) nothing matched their interests.
  • Their access changed — their security role/permission group was changed, or their company's membership dates lapsed.
  • They vanished from a directory — they were archived or are outside the viewer's permission scope.

What a contact is not

  • Not a company — contacts belong to a company (Companies).
  • Not a branch — a branch is a location, not a person.

Security note

Passwords are stored both in plain text and as an unsalted SHA-512 hash, and two-factor authentication is not enforced server-side at login (the login endpoints return a valid token before any TOTP check).