Not every team member should see every client's financials. Per-project access control keeps sensitive work compartmentalized.
Global roles answer the question "what can this person do?" Per-project access answers the question "what can this person see?" Both are necessary for agencies of any meaningful size.
Why project-level access matters
Imagine you bring on a freelance developer for one project. They need access to that project's tickets, files, and maybe time logging. They should not see your other clients' projects, invoices, or contacts. Global roles can't solve this — even a "Contractor" role with limited permissions would show all projects.
Per-project access lets you add someone to Project A with full access while they can't even see that Project B exists. This is essential for confidentiality, especially when working with competing clients in the same industry.
Combining roles and project access
The two systems work together. A person's global role defines their maximum permissions. Their project membership defines which projects they can see. A "Member" added to two projects can work on those two projects with member-level permissions. They can't see the other three projects at all.
This combination — roles for capability, project membership for visibility — covers virtually every access control need in agency work without requiring a complex permission matrix.