Permissions are assigned to users at:

Project permissions are currently "opt-in".

Skeddly does not support "opt-out" permissions. For example, you cannot give your users "Full" or "Standard" permissions at the account-level, and then restrict access in some projects.

If you want opt-out permissions, let us know.

For effective access control, minimal permissions should be set at the account level (using the "Basic" role). Then, add additional permissions for the user in each project.

Permissions assigned to a user at the account-level, apply to the user at any time, in any project.

Permissions assigned to a user at the project-level, apply to the user in that project alone. Project permissions are combined with the user's account-level permissions to determine a user's overall permissions inside each project.

Simple: Opt-in permissions are more secure.

With opt-out permissions, if a new project gets created, a user automatically gains access. Maybe this is what you want, maybe not. But it can be a surprise for many.