Servicio has four roles, each with a clear scope. We intentionally keep the role model simple — complex permission matrices are where SaaS usually drifts into UX-by-spreadsheet.
Owner
Full admin. Sees every client, visit, invoice, employee, report. Changes settings, templates, commission plans. Multiple owners per tenant are supported — typical for husband-and-wife shops, partner shops, or owner + office manager setups.
Technician
Field worker. Sees their own route, their own clock-in history, and visits they are assigned to. Cannot see other techs' routes, cannot see client financial info, cannot see commissions or reports.
What they CAN see about a client: name, address, phone (for call-ahead), service notes, access details, past visits on the same property (so they can understand service history).
Client
The homeowner receiving service. Sees their own portal: upcoming visits, history, invoices, payment method, notification preferences. Cannot see other clients or any backoffice data.
Super admin
Servicio staff only. Cross-tenant view for support, compliance, and billing. Actions taken as super-admin are logged in both the super-admin audit log and the impersonated tenant's log, so you always have a record of when support was in your account. Super admin can also override a tenant's plan, billing status, and trial length directly from /admin/tenants/{slug} — used to comp customers onto a higher tier, freeze delinquent accounts, or extend a trial. Every plan change writes a structured log entry naming the admin user who made it.
What the roles do NOT include
No "dispatcher-only" role yet. If you need someone who can reassign visits but should not see revenue, give them the owner role and accept the over-privilege for now. Granular sub-owner roles are on the Q4 roadmap.