You can always look at the list of your workspace and know exactly who has access to your data. That includes Moral Fabric employees — we don't get implicit access just because we built the app.
If a Moral Fabric employee needs to look at your data (for support, onboarding, or building something for you), they have to be added as a workspace member. Their name appears in your Members list, with a role, just like anyone else.
Everyone added to the workspace
The data the workspace shares with members (teams, roles, projects, etc.)
Same as members, plus rate fit on roles in their team
Everything in the workspace, including settings and member management
These levels apply equally to your own people and to any Moral Fabric employee you add. There is no hidden "Moral Fabric staff" tier.
Specific data types follow these levels too — for example, 360 feedback responses are visible only to the role-holder and their assigned coach, and role ratings are visible to people who can see the role itself. We never grant ourselves silent access to customer workspaces. There are exactly two ways an MF employee can look at your data:
Same flow as adding anyone else. They show up in your Members list and have only the access their role grants.
For support cases — debugging an issue, fixing data — a superadmin on our team can temporarily impersonate a workspace via our internal admin tool. This is logged and used only when needed for support.
Apps and integrations follow the same rule. The Moral Fabric MCP connector (for Claude / AI tools) only exposes workspaces the signed-in person is a member of. A Moral Fabric employee signing in to the MCP doesn't see customer workspaces they haven't been added to. - If someone isn't on it, they don't have routine access.
- Removing a member — Moral Fabric employee or otherwise — removes their access immediately.
- We've designed the system so that "superadmin" status alone never reads customer data through the regular product surfaces.