(no title)

Anyone who uses it for your made-up use-case is silly, and has no sense of 'segregation of duties' (access).

IMHO2: this is a process/procedure problem, not a technical problem (to quote GDPR's phrase) "..technical and organisational measures necessary to ensure.." this is an organisational problem that you are trying to solve as technical.

I have very recently tried to work with Notion staff in applying basic "compliance" controls, and their input/response was next-to-garbage, with a big "we didn't build it for/like this mate" attitude. E.g. complete lack of "canned reports showing inactive users", "canned reports showing failed login attempts", and so on. One will have to drill though the audit logs, extract the lot, and go excel magic. Other 'within-Notion' solutions are (politely) 'inaccurate'.

Overall it is a GRC/Privacy nightmare and I am happy to not be a user of this any more :)