Log In

VYSUAL LABS LLC

Workspace Access & Collaboration Policy

Last Updated: March 14, 2026

This Workspace Access & Collaboration Policy ("Access Policy") explains how users may grant, manage, and revoke access to Workspaces within the Vysual platform (the "Platform"), and describes the responsibilities of Workspace administrators and users with respect to access management and security.

This Access Policy is incorporated into and subject to the Vysual Terms of Service. In the event of a conflict between this Access Policy and the Terms of Service, the Terms of Service shall control. Capitalized terms not defined here have the meanings given in the Terms of Service.

1. Workspace Ownership

Each Workspace is controlled by the account that created it or the designated Workspace administrator. The Workspace administrator has full authority over permissions within that Workspace, including the ability to invite users, assign roles, restrict access, and remove users.

Where an organization has multiple administrators, each administrator acts with the authority of the organization with respect to that Workspace. Organizations are responsible for designating and managing their administrators and for ensuring that administrator access is revoked promptly when an individual's role changes or their employment or engagement ends.

2. User Roles and Permissions

Workspace administrators may assign the following roles to users. Permissions associated with each role are described below. Administrators may customize permissions within these roles to the extent permitted by the Platform.

Role Typical User Default Permissions
Administrator Account owner, IT manager Full access: manage users, permissions, billing, subscription, all assets, and Workspace settings. Only role with access to billing and account management.
Manager Team lead, department manager Full access to all assets and Workspace features: upload, organize, tag, edit, download, manage users and permissions, and share content. Cannot access billing or subscription settings.
View Only Client, stakeholder, vendor View and share content within the Workspace only. Cannot upload, edit, delete, manage users, or access billing. Sharing is limited to generating links for content they can already view.

Administrators should assign the minimum permissions necessary for each user to perform their function. Granting Manager access to users who only need to view content increases the risk of unauthorized asset modification, deletion, or disclosure.

Best practice: Assign clients, vendors, and external stakeholders the View Only role by default. Elevate to Manager only where operationally necessary, and review access at least every ninety (90) days.

3. Administrator Security Obligations

Workspace administrators are responsible for maintaining the security of their Workspace. By accepting the role of Workspace administrator, you agree to:

  • enable multi-factor authentication (MFA) on your Vysual account where available, and require MFA for all users with Manager or Administrator access
  • use strong, unique credentials for your Vysual account and not share login credentials with other individuals
  • revoke access for any user or collaborator within twenty-four (24) hours of the end of their employment, engagement, or need for access
  • notify Vysual promptly at support@vysual.com upon discovery or reasonable suspicion of unauthorized access to your Workspace
  • review user access permissions at least every ninety (90) days and remove access that is no longer required
  • not grant Administrator or Manager access to external collaborators or vendors except where operationally required and documented

Failure to follow these security obligations does not relieve Vysual of its own security obligations under the Terms of Service, but may affect the allocation of responsibility in the event of a security incident.

4. Authorization and Scope of User Actions

Actions taken by an authorized user within a Workspace are treated as actions taken by the Workspace administrator, to the extent those actions fall within the scope of the permissions granted to that user.

This attribution operates within the following limits:

  • An administrator is responsible for actions taken by users within the scope of the permissions the administrator assigned to them.
  • An administrator is not responsible for actions taken by a user that exceed the permissions granted, provided the administrator did not knowingly authorize or enable the excess.
  • An administrator is not responsible for unauthorized actions taken by a third party who gained access to a user's credentials through a breach or compromise that was not caused by the administrator's failure to follow the security obligations in Section 3, provided the administrator notifies Vysual promptly upon discovery.

Important: If an administrator shares credentials, fails to revoke access after a relationship ends, or grants permissions that foreseeably enabled an unauthorized action, the administrator-is-responsible attribution applies in full. The carve-outs above are not available where the administrator's own conduct created the exposure.

5. External Collaboration

Workspace administrators may grant access to external collaborators — including vendors, agencies, freelancers, and clients — to assist with asset management or review.

When granting access to external collaborators, administrators should:

  • limit access to the specific assets, folders, or collections the collaborator needs
  • assign the View Only role unless upload or editing access is specifically required
  • set an access expiration date where the Platform supports it
  • avoid sharing Workspace-level credentials; use individual user invitations instead
  • brief collaborators on any confidentiality or asset use restrictions that apply

Workspace administrators are responsible for ensuring that external collaborators understand the terms under which they are accessing the Workspace, including any restrictions on downloading, sharing, or using assets. Vysual does not manage or enforce agreements between administrators and their collaborators.

6. Activity Logs and Audit Trail

Vysual maintains access and activity logs for each Workspace for a period of ninety (90) days. These logs record events including:

  • user logins and session activity
  • asset uploads, downloads, edits, and deletions
  • permission changes and user additions or removals
  • asset sharing events and external link generation

Workspace administrators may request a copy of activity logs for their Workspace by submitting a written request to support@vysual.com with the subject line "Activity Log Request" and specifying the Workspace and date range. Vysual will provide the logs within five (5) business days of receiving a valid request.

Activity logs are provided for administrative and investigative purposes. In the event of a suspected unauthorized access incident, administrators are encouraged to request logs promptly, as records older than ninety (90) days are not retained.

Note: If your organization has compliance or legal hold requirements that necessitate longer log retention, contact support@vysual.com to discuss whether extended retention options are available for your account.

7. Responsibility for Access Management

Workspace administrators are solely responsible for:

  • granting and configuring user permissions within their Workspace
  • monitoring collaborator activity and responding to suspicious behavior
  • revoking access when a user's role, employment, or engagement ends
  • maintaining the security of administrator credentials
  • ensuring that users and collaborators are aware of any asset use restrictions

Vysual provides the tools to manage Workspace access but does not independently monitor Workspace activity for policy compliance or security purposes on behalf of administrators. Vysual's security monitoring is limited to platform-level threat detection and does not extend to Workspace-level content or user behavior auditing.

8. Asset Ownership Within Workspaces

User-generated assets uploaded to a Workspace remain the property of the user or organization that uploaded them, subject to the terms of the Vysual Content Ownership & Asset Rights Policy.

Granting Workspace access to a user or collaborator does not transfer ownership of any assets within the Workspace. Access grants permission to interact with assets within the scope of the assigned role — it does not convey any intellectual property rights, license to use assets outside the Platform, or right to retain copies after access is revoked.

Administrators should communicate clearly to collaborators any restrictions on downloading, reproducing, or using assets outside the Platform. Vysual is not a party to agreements between administrators and collaborators regarding asset use rights.

9. Removal of Access

Workspace administrators may remove user access at any time through the Platform's permission management tools. Upon removal:

  • the user will immediately lose the ability to view, upload, edit, download, or manage assets within the Workspace
  • any active sessions for that user will be terminated
  • shared links previously generated by that user will remain active unless separately revoked by an administrator

Administrators are responsible for revoking any shared links or external access tokens associated with a departing user. Vysual does not automatically revoke shared links upon user removal. Shared links can be managed from the asset sharing settings within the Platform.

Access revocation gap: Removing a user from a Workspace does not automatically expire shared links that user created. Review and revoke outstanding shared links separately when offboarding users who had sharing permissions.

10. Platform Neutrality and Dispute Resolution

Vysual provides collaboration infrastructure but is not a party to the relationships between Workspace administrators and their users, employees, contractors, or collaborators. Vysual does not adjudicate disputes between collaborators regarding asset ownership, usage rights, or access decisions.

In the event of a dispute between collaborators that involves Platform data or Workspace assets, the parties should first attempt to resolve the dispute directly. If the dispute cannot be resolved directly, it is subject to the arbitration and governing law provisions of the Vysual Terms of Service.

Upon written request from a Workspace administrator involved in a bona fide legal dispute, Vysual may provide relevant activity logs in accordance with Section 6 to assist with the resolution of the dispute, subject to applicable law and Vysual's privacy obligations.

11. Policy Updates

Vysual may update this Access Policy from time to time. For material changes, Vysual will provide at least thirty (30) days' advance notice via email to Workspace administrators before the changes take effect. Continued use of the Platform after the effective date constitutes acceptance of the revised policy.

12. Contact

Questions regarding this Access Policy, activity log requests, or security incident reports may be directed to:

Vysual Labs LLC
4900 Woodway Dr
Suite 1050
Houston, Texas 77056
Email: support@vysual.com

For activity log requests, use subject line: "Activity Log Request"
For security incidents or unauthorized access reports, use subject line: "Security Incident"

© 2026 Vysual Labs LLC. All rights reserved.