Notion Page-Level Access Explained: Control Who Sees What in Your Database
Learn how Notion page-level access controls which database records each user can see—perfect for teams that need private task visibility without multiple databases.
Notion Vendor Portal: Hide Fields and Track Changes
Build a Notion vendor portal without exposing private properties. Learn a safe database split pattern plus an audit log event database to track every status change.
If you share a Notion database with vendors, you will run into two problems fast:
- Vendors can see fields you do not want them to see.
- When a status or vendor assignment changes, you lose the historical record you need for reporting.
This guide shows a practical pattern for building a permission-safe Notion vendor portal that solves both.
Why this happens in Notion
Notion permissions are page-level. If someone can open a database item page, they can usually see the properties on that page. You can filter views, but filtering does not truly hide sensitive fields.
Pattern 1: Split the “person” record into role-specific databases
Instead of one mega database that everyone touches, create:
- People (Internal): full record, internal-only fields (client name, salary, private notes)
- People (Vendor Portal): only vendor-safe fields
- People (HR): HR-specific fields
- People (Legal): legal-specific fields
Then connect them with a relation key (for example, an internal Person ID).
Keeping them in sync
Use automation to sync the shared fields between databases.
- When People (Internal) is created or updated → update the matching record in People (Vendor Portal)
- When a vendor updates allowed fields in the portal → sync those fields back to People (Internal)
Pattern 2: Add an Audit Log (event database) for real analytics
To answer questions like “how many times did status change this year?” you need an event log.
Create a database called Person Events with one row per change.
Recommended properties
- Person (relation)
- Event type (select: Status change, Vendor change, Contract signed, etc.)
- Old value (text)
- New value (text)
- Changed by (created by)
- Changed at (created time)
Now you can build charts and rollups by year, vendor, region, and more.
How to implement the event log
Option A (simpler): create events via Make/Zapier when a field changes.
- Trigger: database item updated
- Action: create a Person Events row with old and new values
Option B (advanced): use API-based webhooks or a custom integration when you need exact diffs.
FAQ
Can I hide properties from someone who can open a page?
Not reliably. Filters change what is shown in a view, but they do not enforce field-level privacy.
Do I have to split into 4 databases?
Not always. Start with Internal + Vendor Portal, then add HR and Legal if needed.
Get help building this
Building a Notion vendor portal usually breaks at the database split — vendors end up seeing fields they should not, or the sync logic quietly fails. If you've hit that wall, book a ZoomFlow session — one of our consultants can walk through your specific setup live and ship the working version in the same call.
Related Posts
How to Structure Notion for a Multi-Department Company
Learn how to organize Notion for companies with multiple teams using master databases, linked views, and team spaces. Best practices from certified Notion experts.
Build a Notion Task Tracker for Small Marketing Teams
Build a Notion task tracker for your marketing team: assign requests, set deadlines, create filtered views, and connect with Slack. No code needed.
