Customers are viewing all orders in their account, even not their own
Users (contact persons) can view, in their account after login, orders made by other users, which are linked to the same company.
This creates confusion the least and maybe in some cases violation of purchasing information. This is worse for big companies and public sector with dozens of employees having an account on our webshop.
When we create a new user in Sanastore, we create them with "Account type" = "Contact" and not "Customer". This way they are the only ones receiving the invoice of their purchase, and not the company they are linked to.
But, they can still see all orders made by employees of the same company.
Each user (contact) should view only their own purchases, at least when created as a "Contact" and not "Customer".

1 comment
-
Marloes commented
We've had complaints from customers about this, would be nice if the view was limited. Additional difficulty is that some uses dó need to view purchases from other people.
It would be great if people with Sub-account role could only view their own orders, and people with Accounts Manager role could either see everything, or a group of sub-users (in case of 2 purchases from the same department) because they need to check the purchases of 'their' sub-accounts.