diff --git a/env.d.ts b/env.d.ts
index c14d27e..d92e54c 100644
--- a/env.d.ts
+++ b/env.d.ts
@@ -4,8 +4,8 @@
 /// <reference types="vite/client" />
 
 declare module '@nextcloud/router' {
-	export function generateOcsUrl(path: string): string
-	export function generateUrl(path: string): string
+	export function generateOcsUrl(path: string, params?: object, options?: object): string
+	export function generateUrl(path: string, params?: object, options?: object): string
 }
 
 interface SettingsUserListRow {
diff --git a/img/screenshots/admin-catalog-thumb.png b/img/screenshots/admin-catalog-thumb.png
index 8dbf4db..56ef073 100644
Binary files a/img/screenshots/admin-catalog-thumb.png and b/img/screenshots/admin-catalog-thumb.png differ
diff --git a/img/screenshots/admin-catalog.png b/img/screenshots/admin-catalog.png
index 7d90d97..2eed1de 100644
Binary files a/img/screenshots/admin-catalog.png and b/img/screenshots/admin-catalog.png differ
diff --git a/img/screenshots/personal-settings-thumb.png b/img/screenshots/personal-settings-thumb.png
index 90f2589..8c913cd 100644
Binary files a/img/screenshots/personal-settings-thumb.png and b/img/screenshots/personal-settings-thumb.png differ
diff --git a/img/screenshots/personal-settings.png b/img/screenshots/personal-settings.png
index 1b7de62..b90fdb8 100644
Binary files a/img/screenshots/personal-settings.png and b/img/screenshots/personal-settings.png differ
diff --git a/img/screenshots/user-management-dialog-thumb.png b/img/screenshots/user-management-dialog-thumb.png
index 91e46b8..f4c0b7b 100644
Binary files a/img/screenshots/user-management-dialog-thumb.png and b/img/screenshots/user-management-dialog-thumb.png differ
diff --git a/img/screenshots/workflow-notify-admins-thumb.png b/img/screenshots/workflow-notify-admins-thumb.png
index 9bb15b7..05c7159 100644
Binary files a/img/screenshots/workflow-notify-admins-thumb.png and b/img/screenshots/workflow-notify-admins-thumb.png differ
diff --git a/lib/Controller/FieldDefinitionApiController.php b/lib/Controller/FieldDefinitionApiController.php
index 9810cee..f8585ae 100644
--- a/lib/Controller/FieldDefinitionApiController.php
+++ b/lib/Controller/FieldDefinitionApiController.php
@@ -55,10 +55,8 @@ public function index(): DataResponse {
 	 * @param string $fieldKey Immutable unique key of the field
 	 * @param string $label Human-readable label shown in the UI
 	 * @param string $type Value type accepted by the field
-	 * @param bool $adminOnly Whether only admins can edit values for this field
-	 * @param bool $userEditable Whether the owner can edit the field value
-	 * @param bool $userVisible Whether the owner can see the field in personal settings
-	 * @param string $initialVisibility Initial visibility applied to new values
+	 * @param string $editPolicy Whether values are managed by admins only or by users too
+	 * @param string $exposurePolicy Whether the field is hidden or which default visibility new values receive
 	 * @param int $sortOrder Display order used in admin and profile forms
 	 * @param bool $active Whether the definition is currently active
 	 * @param list<string> $options Allowed values for select fields (ignored for other types)
@@ -72,10 +70,8 @@ public function create(
 		string $fieldKey,
 		string $label,
 		string $type,
-		bool $adminOnly = false,
-		bool $userEditable = false,
-		bool $userVisible = true,
-		string $initialVisibility = 'private',
+		string $editPolicy = 'users',
+		string $exposurePolicy = 'private',
 		int $sortOrder = 0,
 		bool $active = true,
 		array $options = [],
@@ -85,10 +81,8 @@ public function create(
 				'field_key' => $fieldKey,
 				'label' => $label,
 				'type' => $type,
-				'admin_only' => $adminOnly,
-				'user_editable' => $userEditable,
-				'user_visible' => $userVisible,
-				'initial_visibility' => $initialVisibility,
+				'edit_policy' => $editPolicy,
+				'exposure_policy' => $exposurePolicy,
 				'sort_order' => $sortOrder,
 				'active' => $active,
 			];
@@ -111,10 +105,8 @@ public function create(
 	 * @param int $id Identifier of the field definition
 	 * @param string $label Human-readable label shown in the UI
 	 * @param string $type Value type accepted by the field
-	 * @param bool $adminOnly Whether only admins can edit values for this field
-	 * @param bool $userEditable Whether the owner can edit the field value
-	 * @param bool $userVisible Whether the owner can see the field in personal settings
-	 * @param string $initialVisibility Initial visibility applied to new values
+	 * @param string $editPolicy Whether values are managed by admins only or by users too
+	 * @param string $exposurePolicy Whether the field is hidden or which default visibility new values receive
 	 * @param int $sortOrder Display order used in admin and profile forms
 	 * @param bool $active Whether the definition is currently active
 	 * @param list<string> $options Allowed values for select fields (ignored for other types)
@@ -129,10 +121,8 @@ public function update(
 		int $id,
 		string $label,
 		string $type,
-		bool $adminOnly = false,
-		bool $userEditable = false,
-		bool $userVisible = true,
-		string $initialVisibility = 'private',
+		string $editPolicy = 'users',
+		string $exposurePolicy = 'private',
 		int $sortOrder = 0,
 		bool $active = true,
 		array $options = [],
@@ -146,10 +136,8 @@ public function update(
 			$payload = [
 				'label' => $label,
 				'type' => $type,
-				'admin_only' => $adminOnly,
-				'user_editable' => $userEditable,
-				'user_visible' => $userVisible,
-				'initial_visibility' => $initialVisibility,
+				'edit_policy' => $editPolicy,
+				'exposure_policy' => $exposurePolicy,
 				'sort_order' => $sortOrder,
 				'active' => $active,
 			];
diff --git a/lib/Controller/FieldValueApiController.php b/lib/Controller/FieldValueApiController.php
index 6de3417..afd4efc 100644
--- a/lib/Controller/FieldValueApiController.php
+++ b/lib/Controller/FieldValueApiController.php
@@ -11,6 +11,7 @@
 
 use InvalidArgumentException;
 use OCA\ProfileFields\AppInfo\Application;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Service\FieldAccessService;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCA\ProfileFields\Service\FieldValueService;
@@ -58,7 +59,7 @@ public function index(): DataResponse {
 		$editableFields = [];
 
 		foreach ($definitions as $definition) {
-			if (!$definition->getUserVisible()) {
+			if (!FieldExposurePolicy::from($definition->getExposurePolicy())->isUserVisible()) {
 				continue;
 			}
 
diff --git a/lib/Db/FieldDefinition.php b/lib/Db/FieldDefinition.php
index 69f57d4..ec24b93 100644
--- a/lib/Db/FieldDefinition.php
+++ b/lib/Db/FieldDefinition.php
@@ -20,14 +20,10 @@
  * @method void setLabel(string $value)
  * @method string getType()
  * @method void setType(string $value)
- * @method bool getAdminOnly()
- * @method void setAdminOnly(bool $value)
- * @method bool getUserEditable()
- * @method void setUserEditable(bool $value)
- * @method bool getUserVisible()
- * @method void setUserVisible(bool $value)
- * @method string getInitialVisibility()
- * @method void setInitialVisibility(string $value)
+ * @method string getEditPolicy()
+ * @method void setEditPolicy(string $value)
+ * @method string getExposurePolicy()
+ * @method void setExposurePolicy(string $value)
  * @method int getSortOrder()
  * @method void setSortOrder(int $value)
  * @method bool getActive()
@@ -43,10 +39,8 @@ class FieldDefinition extends Entity {
 	protected $fieldKey;
 	protected $label;
 	protected $type;
-	protected $adminOnly;
-	protected $userEditable;
-	protected $userVisible;
-	protected $initialVisibility;
+	protected $editPolicy;
+	protected $exposurePolicy;
 	protected $sortOrder;
 	protected $active;
 	protected $options;
@@ -55,9 +49,6 @@ class FieldDefinition extends Entity {
 
 	public function __construct() {
 		$this->addType('id', 'integer');
-		$this->addType('adminOnly', 'boolean');
-		$this->addType('userEditable', 'boolean');
-		$this->addType('userVisible', 'boolean');
 		$this->addType('sortOrder', 'integer');
 		$this->addType('active', 'boolean');
 		$this->addType('createdAt', 'datetime');
@@ -70,10 +61,8 @@ public function __construct() {
 	 *     field_key: string,
 	 *     label: string,
 	 *     type: string,
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: string,
+	 *     edit_policy: string,
+	 *     exposure_policy: string,
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     options: list<string>|null,
@@ -89,10 +78,8 @@ public function jsonSerialize(): array {
 			'field_key' => $this->getFieldKey(),
 			'label' => $this->getLabel(),
 			'type' => $this->getType(),
-			'admin_only' => $this->getAdminOnly(),
-			'user_editable' => $this->getUserEditable(),
-			'user_visible' => $this->getUserVisible(),
-			'initial_visibility' => $this->getInitialVisibility(),
+			'edit_policy' => $this->getEditPolicy(),
+			'exposure_policy' => $this->getExposurePolicy(),
 			'sort_order' => $this->getSortOrder(),
 			'active' => $this->getActive(),
 			'options' => $rawOptions !== null ? (json_decode($rawOptions, true) ?? null) : null,
diff --git a/lib/Db/FieldDefinitionMapper.php b/lib/Db/FieldDefinitionMapper.php
index 99bad4f..54d4317 100644
--- a/lib/Db/FieldDefinitionMapper.php
+++ b/lib/Db/FieldDefinitionMapper.php
@@ -27,10 +27,8 @@ public function findByFieldKey(string $fieldKey): ?FieldDefinition {
 			'field_key',
 			'label',
 			'type',
-			'admin_only',
-			'user_editable',
-			'user_visible',
-			'initial_visibility',
+			'edit_policy',
+			'exposure_policy',
 			'sort_order',
 			'active',
 			'options',
@@ -54,10 +52,8 @@ public function findById(int $id): ?FieldDefinition {
 			'field_key',
 			'label',
 			'type',
-			'admin_only',
-			'user_editable',
-			'user_visible',
-			'initial_visibility',
+			'edit_policy',
+			'exposure_policy',
 			'sort_order',
 			'active',
 			'options',
@@ -84,10 +80,8 @@ public function findAllOrdered(): array {
 			'field_key',
 			'label',
 			'type',
-			'admin_only',
-			'user_editable',
-			'user_visible',
-			'initial_visibility',
+			'edit_policy',
+			'exposure_policy',
 			'sort_order',
 			'active',
 			'options',
@@ -111,10 +105,8 @@ public function findActiveOrdered(): array {
 			'field_key',
 			'label',
 			'type',
-			'admin_only',
-			'user_editable',
-			'user_visible',
-			'initial_visibility',
+			'edit_policy',
+			'exposure_policy',
 			'sort_order',
 			'active',
 			'options',
diff --git a/lib/Enum/FieldEditPolicy.php b/lib/Enum/FieldEditPolicy.php
new file mode 100644
index 0000000..fd22432
--- /dev/null
+++ b/lib/Enum/FieldEditPolicy.php
@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2026 LibreCode coop and LibreCode contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+declare(strict_types=1);
+
+namespace OCA\ProfileFields\Enum;
+
+enum FieldEditPolicy: string {
+	case ADMINS = 'admins';
+	case USERS = 'users';
+
+	/**
+	 * @return list<string>
+	 */
+	public static function values(): array {
+		return [
+			self::ADMINS->value,
+			self::USERS->value,
+		];
+	}
+
+	public static function isValid(string $value): bool {
+		return self::tryFrom($value) !== null;
+	}
+
+	public function userCanEdit(): bool {
+		return $this === self::USERS;
+	}
+}
diff --git a/lib/Enum/FieldExposurePolicy.php b/lib/Enum/FieldExposurePolicy.php
new file mode 100644
index 0000000..7167494
--- /dev/null
+++ b/lib/Enum/FieldExposurePolicy.php
@@ -0,0 +1,45 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2026 LibreCode coop and LibreCode contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+declare(strict_types=1);
+
+namespace OCA\ProfileFields\Enum;
+
+enum FieldExposurePolicy: string {
+	case HIDDEN = 'hidden';
+	case PRIVATE = 'private';
+	case USERS = 'users';
+	case PUBLIC = 'public';
+
+	/**
+	 * @return list<string>
+	 */
+	public static function values(): array {
+		return [
+			self::HIDDEN->value,
+			self::PRIVATE->value,
+			self::USERS->value,
+			self::PUBLIC->value,
+		];
+	}
+
+	public static function isValid(string $value): bool {
+		return self::tryFrom($value) !== null;
+	}
+
+	public function isUserVisible(): bool {
+		return $this !== self::HIDDEN;
+	}
+
+	public function initialVisibility(): FieldVisibility {
+		return match ($this) {
+			self::HIDDEN, self::PRIVATE => FieldVisibility::PRIVATE,
+			self::USERS => FieldVisibility::USERS,
+			self::PUBLIC => FieldVisibility::PUBLIC,
+		};
+	}
+}
diff --git a/lib/Migration/Version1000Date20260309120000.php b/lib/Migration/Version1000Date20260309120000.php
index 04c7882..c01ee42 100644
--- a/lib/Migration/Version1000Date20260309120000.php
+++ b/lib/Migration/Version1000Date20260309120000.php
@@ -41,16 +41,11 @@ public function changeSchema(IOutput $output, Closure $schemaClosure, array $opt
 			$table->addColumn('type', Types::STRING, [
 				'length' => 32,
 			]);
-			$table->addColumn('admin_only', Types::BOOLEAN, [
-				'default' => false,
-			]);
-			$table->addColumn('user_editable', Types::BOOLEAN, [
-				'default' => false,
-			]);
-			$table->addColumn('user_visible', Types::BOOLEAN, [
-				'default' => true,
+			$table->addColumn('edit_policy', Types::STRING, [
+				'length' => 32,
+				'default' => 'users',
 			]);
-			$table->addColumn('initial_visibility', Types::STRING, [
+			$table->addColumn('exposure_policy', Types::STRING, [
 				'length' => 32,
 				'default' => 'private',
 			]);
diff --git a/lib/ResponseDefinitions.php b/lib/ResponseDefinitions.php
index e40b6e0..28fec42 100644
--- a/lib/ResponseDefinitions.php
+++ b/lib/ResponseDefinitions.php
@@ -12,14 +12,14 @@
 /**
  * @psalm-type ProfileFieldsType = 'text'|'number'|'select'
  * @psalm-type ProfileFieldsVisibility = 'private'|'users'|'public'
+ * @psalm-type ProfileFieldsEditPolicy = 'admins'|'users'
+ * @psalm-type ProfileFieldsExposurePolicy = 'hidden'|'private'|'users'|'public'
  * @psalm-type ProfileFieldsDefinitionInput = array{
  *     field_key?: string,
  *     label?: string,
  *     type?: string,
- *     admin_only?: bool,
- *     user_editable?: bool,
- *     user_visible?: bool,
- *     initial_visibility?: string,
+ *     edit_policy?: ProfileFieldsEditPolicy,
+ *     exposure_policy?: ProfileFieldsExposurePolicy,
  *     sort_order?: int,
  *     active?: bool,
  *     options?: list<string>,
@@ -29,10 +29,8 @@
  *     field_key: non-empty-string,
  *     label: non-empty-string,
  *     type: ProfileFieldsType,
- *     admin_only: bool,
- *     user_editable: bool,
- *     user_visible: bool,
- *     initial_visibility: ProfileFieldsVisibility,
+ *     edit_policy: ProfileFieldsEditPolicy,
+ *     exposure_policy: ProfileFieldsExposurePolicy,
  *     sort_order: int,
  *     active: bool,
  *     options: list<string>|null,
diff --git a/lib/Search/ProfileFieldDirectorySearchService.php b/lib/Search/ProfileFieldDirectorySearchService.php
index cc2fac1..cf63b5a 100644
--- a/lib/Search/ProfileFieldDirectorySearchService.php
+++ b/lib/Search/ProfileFieldDirectorySearchService.php
@@ -12,6 +12,7 @@
 use InvalidArgumentException;
 use OCA\ProfileFields\Db\FieldValue;
 use OCA\ProfileFields\Db\FieldValueMapper;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCP\IGroupManager;
@@ -72,7 +73,7 @@ public function search(?IUser $actor, string $term, int $limit, int $offset): ar
 				continue;
 			}
 
-			if (!$this->isSearchableForActor($definition->getUserVisible(), $value->getCurrentVisibility(), $actorIsAdmin, $actorUid !== null)) {
+			if (!$this->isSearchableForActor(FieldExposurePolicy::from($definition->getExposurePolicy()), $value->getCurrentVisibility(), $actorIsAdmin, $actorUid !== null)) {
 				continue;
 			}
 
@@ -123,12 +124,12 @@ private function extractScalarValue(FieldValue $value): ?string {
 		return trim((string)$scalar);
 	}
 
-	private function isSearchableForActor(bool $fieldIsUserVisible, string $currentVisibility, bool $actorIsAdmin, bool $actorIsAuthenticated): bool {
+	private function isSearchableForActor(FieldExposurePolicy $exposurePolicy, string $currentVisibility, bool $actorIsAdmin, bool $actorIsAuthenticated): bool {
 		if ($actorIsAdmin) {
 			return true;
 		}
 
-		if (!$fieldIsUserVisible) {
+		if (!$exposurePolicy->isUserVisible()) {
 			return false;
 		}
 
diff --git a/lib/Service/DataImportService.php b/lib/Service/DataImportService.php
index 9971469..1c3cd42 100644
--- a/lib/Service/DataImportService.php
+++ b/lib/Service/DataImportService.php
@@ -70,10 +70,8 @@ public function import(array $payload, bool $dryRun = false): array {
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     created_at?: non-empty-string,
@@ -151,10 +149,8 @@ private function collectValueSummary(array $values, array &$summary): void {
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     created_at?: non-empty-string,
@@ -253,10 +249,8 @@ private function persistValues(array $values, array $definitionsByFieldKey, arra
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     created_at?: non-empty-string,
diff --git a/lib/Service/FieldAccessService.php b/lib/Service/FieldAccessService.php
index 25e4579..a702061 100644
--- a/lib/Service/FieldAccessService.php
+++ b/lib/Service/FieldAccessService.php
@@ -10,6 +10,8 @@
 namespace OCA\ProfileFields\Service;
 
 use OCA\ProfileFields\Db\FieldDefinition;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldVisibility;
 
 class FieldAccessService {
@@ -38,15 +40,11 @@ public function canEditValue(?string $actorUid, string $ownerUid, FieldDefinitio
 			return false;
 		}
 
-		if (!$definition->getUserVisible()) {
+		if (!FieldExposurePolicy::from($definition->getExposurePolicy())->isUserVisible()) {
 			return false;
 		}
 
-		if ($definition->getAdminOnly()) {
-			return false;
-		}
-
-		return $definition->getUserEditable();
+		return FieldEditPolicy::from($definition->getEditPolicy())->userCanEdit();
 	}
 
 	public function canChangeVisibility(?string $actorUid, string $ownerUid, bool $actorIsAdmin): bool {
diff --git a/lib/Service/FieldDefinitionService.php b/lib/Service/FieldDefinitionService.php
index 5a64b79..fcf758b 100644
--- a/lib/Service/FieldDefinitionService.php
+++ b/lib/Service/FieldDefinitionService.php
@@ -39,10 +39,8 @@ public function create(array $definition): FieldDefinition {
 		$entity->setFieldKey($validated['field_key']);
 		$entity->setLabel($validated['label']);
 		$entity->setType($validated['type']);
-		$entity->setAdminOnly($validated['admin_only']);
-		$entity->setUserEditable($validated['user_editable']);
-		$entity->setUserVisible($validated['user_visible']);
-		$entity->setInitialVisibility($validated['initial_visibility']);
+		$entity->setEditPolicy($validated['edit_policy']);
+		$entity->setExposurePolicy($validated['exposure_policy']);
 		$entity->setSortOrder($validated['sort_order']);
 		$entity->setActive($validated['active']);
 		try {
@@ -71,10 +69,8 @@ public function update(FieldDefinition $existing, array $definition): FieldDefin
 
 		$existing->setLabel($validated['label']);
 		$existing->setType($validated['type']);
-		$existing->setAdminOnly($validated['admin_only']);
-		$existing->setUserEditable($validated['user_editable']);
-		$existing->setUserVisible($validated['user_visible']);
-		$existing->setInitialVisibility($validated['initial_visibility']);
+		$existing->setEditPolicy($validated['edit_policy']);
+		$existing->setExposurePolicy($validated['exposure_policy']);
 		$existing->setSortOrder($validated['sort_order']);
 		$existing->setActive($validated['active']);
 		try {
diff --git a/lib/Service/FieldDefinitionValidator.php b/lib/Service/FieldDefinitionValidator.php
index eccf9fb..c0e81cf 100644
--- a/lib/Service/FieldDefinitionValidator.php
+++ b/lib/Service/FieldDefinitionValidator.php
@@ -10,8 +10,9 @@
 namespace OCA\ProfileFields\Service;
 
 use InvalidArgumentException;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
-use OCA\ProfileFields\Enum\FieldVisibility;
 
 class FieldDefinitionValidator {
 	/**
@@ -19,10 +20,8 @@ class FieldDefinitionValidator {
 	 *     field_key?: string,
 	 *     label?: string,
 	 *     type?: string,
-	 *     admin_only?: bool,
-	 *     user_editable?: bool,
-	 *     user_visible?: bool,
-	 *     initial_visibility?: string,
+	 *     edit_policy?: string,
+	 *     exposure_policy?: string,
 	 *     sort_order?: int,
 	 *     active?: bool,
 	 *     options?: list<string>,
@@ -31,10 +30,8 @@ class FieldDefinitionValidator {
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number'|'select',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     options: list<string>|null,
@@ -52,19 +49,14 @@ public function validate(array $definition): array {
 			throw new InvalidArgumentException('type is not supported');
 		}
 
-		$visibility = (string)($definition['initial_visibility'] ?? FieldVisibility::PRIVATE->value);
-		if (!FieldVisibility::isValid($visibility)) {
-			throw new InvalidArgumentException('initial_visibility is not supported');
+		$editPolicy = (string)($definition['edit_policy'] ?? FieldEditPolicy::USERS->value);
+		if (!FieldEditPolicy::isValid($editPolicy)) {
+			throw new InvalidArgumentException('edit_policy is not supported');
 		}
 
-		$adminOnly = (bool)($definition['admin_only'] ?? false);
-		$userEditable = (bool)($definition['user_editable'] ?? false);
-		$userVisible = (bool)($definition['user_visible'] ?? true);
-		if ($adminOnly && $userEditable) {
-			throw new InvalidArgumentException('admin_only and user_editable cannot both be enabled');
-		}
-		if (!$userVisible && $userEditable) {
-			throw new InvalidArgumentException('user_editable cannot be enabled when the field is hidden from users');
+		$exposurePolicy = (string)($definition['exposure_policy'] ?? FieldExposurePolicy::PRIVATE->value);
+		if (!FieldExposurePolicy::isValid($exposurePolicy)) {
+			throw new InvalidArgumentException('exposure_policy is not supported');
 		}
 
 		$options = $this->validateOptions($type, $definition['options'] ?? null);
@@ -73,10 +65,8 @@ public function validate(array $definition): array {
 			'field_key' => $fieldKey,
 			'label' => $label,
 			'type' => $type,
-			'admin_only' => $adminOnly,
-			'user_editable' => $userEditable,
-			'user_visible' => $userVisible,
-			'initial_visibility' => $visibility,
+			'edit_policy' => $editPolicy,
+			'exposure_policy' => $exposurePolicy,
 			'sort_order' => (int)($definition['sort_order'] ?? 0),
 			'active' => (bool)($definition['active'] ?? true),
 			'options' => $options,
@@ -117,10 +107,8 @@ private function validateOptions(string $type, mixed $options): ?array {
 	 *     field_key?: string,
 	 *     label?: string,
 	 *     type?: string,
-	 *     admin_only?: bool,
-	 *     user_editable?: bool,
-	 *     user_visible?: bool,
-	 *     initial_visibility?: string,
+	 *     edit_policy?: string,
+	 *     exposure_policy?: string,
 	 *     sort_order?: int,
 	 *     active?: bool,
 	 *     options?: list<string>,
diff --git a/lib/Service/FieldValueService.php b/lib/Service/FieldValueService.php
index c34b2d4..f527f4b 100644
--- a/lib/Service/FieldValueService.php
+++ b/lib/Service/FieldValueService.php
@@ -16,6 +16,7 @@
 use OCA\ProfileFields\Db\FieldDefinition;
 use OCA\ProfileFields\Db\FieldValue;
 use OCA\ProfileFields\Db\FieldValueMapper;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
 use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Workflow\Event\ProfileFieldValueCreatedEvent;
@@ -48,7 +49,7 @@ public function upsert(
 	): FieldValue {
 		$normalizedValue = $this->normalizeValue($definition, $rawValue);
 		$valueJson = $this->encodeValue($normalizedValue);
-		$visibility = $currentVisibility ?? $definition->getInitialVisibility();
+		$visibility = $currentVisibility ?? FieldExposurePolicy::from($definition->getExposurePolicy())->initialVisibility()->value;
 		if (!FieldVisibility::isValid($visibility)) {
 			throw new InvalidArgumentException('current_visibility is not supported');
 		}
diff --git a/lib/Service/ImportPayloadValidator.php b/lib/Service/ImportPayloadValidator.php
index 323c6e6..b164cb8 100644
--- a/lib/Service/ImportPayloadValidator.php
+++ b/lib/Service/ImportPayloadValidator.php
@@ -33,10 +33,8 @@ public function __construct(
 	 *         field_key: non-empty-string,
 	 *         label: non-empty-string,
 	 *         type: 'text'|'number',
-	 *         admin_only: bool,
-	 *         user_editable: bool,
-	 *         user_visible: bool,
-	 *         initial_visibility: 'private'|'users'|'public',
+	 *         edit_policy: 'admins'|'users',
+	 *         exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *         sort_order: int,
 	 *         active: bool,
 	 *         created_at?: non-empty-string,
@@ -74,10 +72,8 @@ public function validate(array $payload): array {
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     created_at?: non-empty-string,
@@ -124,10 +120,8 @@ private function validateDefinitions(array $definitions): array {
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 *     created_at?: non-empty-string,
@@ -262,19 +256,15 @@ private function normalizeOptionalDate(array $payload, string $key, string $mess
 	 *     field_key: non-empty-string,
 	 *     label: non-empty-string,
 	 *     type: 'text'|'number',
-	 *     admin_only: bool,
-	 *     user_editable: bool,
-	 *     user_visible: bool,
-	 *     initial_visibility: 'private'|'users'|'public',
+	 *     edit_policy: 'admins'|'users',
+	 *     exposure_policy: 'hidden'|'private'|'users'|'public',
 	 *     sort_order: int,
 	 *     active: bool,
 	 * } $definition
 	 */
 	private function isCompatibleDefinition(FieldDefinition $existingDefinition, array $definition): bool {
 		return $existingDefinition->getType() === $definition['type']
-			&& $existingDefinition->getAdminOnly() === $definition['admin_only']
-			&& $existingDefinition->getUserEditable() === $definition['user_editable']
-			&& $existingDefinition->getUserVisible() === $definition['user_visible']
-			&& $existingDefinition->getInitialVisibility() === $definition['initial_visibility'];
+			&& $existingDefinition->getEditPolicy() === $definition['edit_policy']
+			&& $existingDefinition->getExposurePolicy() === $definition['exposure_policy'];
 	}
 }
diff --git a/openapi-administration.json b/openapi-administration.json
index ac4e54e..256cd6c 100644
--- a/openapi-administration.json
+++ b/openapi-administration.json
@@ -27,10 +27,8 @@
                     "field_key",
                     "label",
                     "type",
-                    "admin_only",
-                    "user_editable",
-                    "user_visible",
-                    "initial_visibility",
+                    "edit_policy",
+                    "exposure_policy",
                     "sort_order",
                     "active",
                     "options",
@@ -53,17 +51,11 @@
                     "type": {
                         "$ref": "#/components/schemas/Type"
                     },
-                    "admin_only": {
-                        "type": "boolean"
-                    },
-                    "user_editable": {
-                        "type": "boolean"
-                    },
-                    "user_visible": {
-                        "type": "boolean"
+                    "edit_policy": {
+                        "$ref": "#/components/schemas/EditPolicy"
                     },
-                    "initial_visibility": {
-                        "$ref": "#/components/schemas/Visibility"
+                    "exposure_policy": {
+                        "$ref": "#/components/schemas/ExposurePolicy"
                     },
                     "sort_order": {
                         "type": "integer",
@@ -87,6 +79,22 @@
                     }
                 }
             },
+            "EditPolicy": {
+                "type": "string",
+                "enum": [
+                    "admins",
+                    "users"
+                ]
+            },
+            "ExposurePolicy": {
+                "type": "string",
+                "enum": [
+                    "hidden",
+                    "private",
+                    "users",
+                    "public"
+                ]
+            },
             "LookupField": {
                 "type": "object",
                 "required": [
@@ -355,25 +363,15 @@
                                         "type": "string",
                                         "description": "Value type accepted by the field"
                                     },
-                                    "adminOnly": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether only admins can edit values for this field"
-                                    },
-                                    "userEditable": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether the owner can edit the field value"
-                                    },
-                                    "userVisible": {
-                                        "type": "boolean",
-                                        "default": true,
-                                        "description": "Whether the owner can see the field in personal settings"
+                                    "editPolicy": {
+                                        "type": "string",
+                                        "default": "users",
+                                        "description": "Whether values are managed by admins only or by users too"
                                     },
-                                    "initialVisibility": {
+                                    "exposurePolicy": {
                                         "type": "string",
                                         "default": "private",
-                                        "description": "Initial visibility applied to new values"
+                                        "description": "Whether the field is hidden or which default visibility new values receive"
                                     },
                                     "sortOrder": {
                                         "type": "integer",
@@ -518,25 +516,15 @@
                                         "type": "string",
                                         "description": "Value type accepted by the field"
                                     },
-                                    "adminOnly": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether only admins can edit values for this field"
-                                    },
-                                    "userEditable": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether the owner can edit the field value"
-                                    },
-                                    "userVisible": {
-                                        "type": "boolean",
-                                        "default": true,
-                                        "description": "Whether the owner can see the field in personal settings"
+                                    "editPolicy": {
+                                        "type": "string",
+                                        "default": "users",
+                                        "description": "Whether values are managed by admins only or by users too"
                                     },
-                                    "initialVisibility": {
+                                    "exposurePolicy": {
                                         "type": "string",
                                         "default": "private",
-                                        "description": "Initial visibility applied to new values"
+                                        "description": "Whether the field is hidden or which default visibility new values receive"
                                     },
                                     "sortOrder": {
                                         "type": "integer",
diff --git a/openapi-full.json b/openapi-full.json
index 728d488..9160a38 100644
--- a/openapi-full.json
+++ b/openapi-full.json
@@ -27,10 +27,8 @@
                     "field_key",
                     "label",
                     "type",
-                    "admin_only",
-                    "user_editable",
-                    "user_visible",
-                    "initial_visibility",
+                    "edit_policy",
+                    "exposure_policy",
                     "sort_order",
                     "active",
                     "options",
@@ -53,17 +51,11 @@
                     "type": {
                         "$ref": "#/components/schemas/Type"
                     },
-                    "admin_only": {
-                        "type": "boolean"
-                    },
-                    "user_editable": {
-                        "type": "boolean"
-                    },
-                    "user_visible": {
-                        "type": "boolean"
+                    "edit_policy": {
+                        "$ref": "#/components/schemas/EditPolicy"
                     },
-                    "initial_visibility": {
-                        "$ref": "#/components/schemas/Visibility"
+                    "exposure_policy": {
+                        "$ref": "#/components/schemas/ExposurePolicy"
                     },
                     "sort_order": {
                         "type": "integer",
@@ -99,17 +91,11 @@
                     "type": {
                         "type": "string"
                     },
-                    "admin_only": {
-                        "type": "boolean"
+                    "edit_policy": {
+                        "$ref": "#/components/schemas/EditPolicy"
                     },
-                    "user_editable": {
-                        "type": "boolean"
-                    },
-                    "user_visible": {
-                        "type": "boolean"
-                    },
-                    "initial_visibility": {
-                        "type": "string"
+                    "exposure_policy": {
+                        "$ref": "#/components/schemas/ExposurePolicy"
                     },
                     "sort_order": {
                         "type": "integer",
@@ -126,6 +112,13 @@
                     }
                 }
             },
+            "EditPolicy": {
+                "type": "string",
+                "enum": [
+                    "admins",
+                    "users"
+                ]
+            },
             "EditableField": {
                 "type": "object",
                 "required": [
@@ -146,6 +139,15 @@
                     }
                 }
             },
+            "ExposurePolicy": {
+                "type": "string",
+                "enum": [
+                    "hidden",
+                    "private",
+                    "users",
+                    "public"
+                ]
+            },
             "LookupField": {
                 "type": "object",
                 "required": [
@@ -436,25 +438,15 @@
                                         "type": "string",
                                         "description": "Value type accepted by the field"
                                     },
-                                    "adminOnly": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether only admins can edit values for this field"
-                                    },
-                                    "userEditable": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether the owner can edit the field value"
-                                    },
-                                    "userVisible": {
-                                        "type": "boolean",
-                                        "default": true,
-                                        "description": "Whether the owner can see the field in personal settings"
+                                    "editPolicy": {
+                                        "type": "string",
+                                        "default": "users",
+                                        "description": "Whether values are managed by admins only or by users too"
                                     },
-                                    "initialVisibility": {
+                                    "exposurePolicy": {
                                         "type": "string",
                                         "default": "private",
-                                        "description": "Initial visibility applied to new values"
+                                        "description": "Whether the field is hidden or which default visibility new values receive"
                                     },
                                     "sortOrder": {
                                         "type": "integer",
@@ -599,25 +591,15 @@
                                         "type": "string",
                                         "description": "Value type accepted by the field"
                                     },
-                                    "adminOnly": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether only admins can edit values for this field"
-                                    },
-                                    "userEditable": {
-                                        "type": "boolean",
-                                        "default": false,
-                                        "description": "Whether the owner can edit the field value"
-                                    },
-                                    "userVisible": {
-                                        "type": "boolean",
-                                        "default": true,
-                                        "description": "Whether the owner can see the field in personal settings"
+                                    "editPolicy": {
+                                        "type": "string",
+                                        "default": "users",
+                                        "description": "Whether values are managed by admins only or by users too"
                                     },
-                                    "initialVisibility": {
+                                    "exposurePolicy": {
                                         "type": "string",
                                         "default": "private",
-                                        "description": "Initial visibility applied to new values"
+                                        "description": "Whether the field is hidden or which default visibility new values receive"
                                     },
                                     "sortOrder": {
                                         "type": "integer",
diff --git a/openapi.json b/openapi.json
index c66314f..fa66e1d 100644
--- a/openapi.json
+++ b/openapi.json
@@ -27,10 +27,8 @@
                     "field_key",
                     "label",
                     "type",
-                    "admin_only",
-                    "user_editable",
-                    "user_visible",
-                    "initial_visibility",
+                    "edit_policy",
+                    "exposure_policy",
                     "sort_order",
                     "active",
                     "options",
@@ -53,17 +51,11 @@
                     "type": {
                         "$ref": "#/components/schemas/Type"
                     },
-                    "admin_only": {
-                        "type": "boolean"
+                    "edit_policy": {
+                        "$ref": "#/components/schemas/EditPolicy"
                     },
-                    "user_editable": {
-                        "type": "boolean"
-                    },
-                    "user_visible": {
-                        "type": "boolean"
-                    },
-                    "initial_visibility": {
-                        "$ref": "#/components/schemas/Visibility"
+                    "exposure_policy": {
+                        "$ref": "#/components/schemas/ExposurePolicy"
                     },
                     "sort_order": {
                         "type": "integer",
@@ -87,6 +79,13 @@
                     }
                 }
             },
+            "EditPolicy": {
+                "type": "string",
+                "enum": [
+                    "admins",
+                    "users"
+                ]
+            },
             "EditableField": {
                 "type": "object",
                 "required": [
@@ -107,6 +106,15 @@
                     }
                 }
             },
+            "ExposurePolicy": {
+                "type": "string",
+                "enum": [
+                    "hidden",
+                    "private",
+                    "users",
+                    "public"
+                ]
+            },
             "OCSMeta": {
                 "type": "object",
                 "required": [
diff --git a/package.json b/package.json
index 4834997..ef7fbff 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,7 @@
     "build": "NODE_ENV=production vite --mode production build",
     "dev": "NODE_ENV=development vite --mode development build",
     "screenshots:refresh": "node playwright/generate-screenshots.mjs",
-    "typescript:generate": "mkdir -p src/types/openapi && npx openapi-typescript openapi.json -o src/types/openapi/openapi.ts && npx openapi-typescript openapi-administration.json -o src/types/openapi/openapi-administration.ts && npx openapi-typescript openapi-full.json -o src/types/openapi/openapi-full.ts",
+    "typescript:generate": "npx openapi-typescript -t",
     "watch": "NODE_ENV=development vite --mode development build --watch",
     "test": "vitest run",
     "test:watch": "vitest",
diff --git a/playwright/e2e/profile-fields.spec.ts b/playwright/e2e/profile-fields.spec.ts
index 4e77673..8a4a0ae 100644
--- a/playwright/e2e/profile-fields.spec.ts
+++ b/playwright/e2e/profile-fields.spec.ts
@@ -111,6 +111,159 @@ test('admin can create, update, and delete a field definition', async ({ page })
 	await deleteDefinitionByFieldKey(page.request, fieldKey)
 })
 
+test('admin uses a modal editor on compact layout', async ({ page }) => {
+	const suffix = Date.now()
+	const existingFieldKey = `playwright_mobile_existing_${suffix}`
+	const existingLabel = `Playwright mobile existing ${suffix}`
+	const createdFieldKey = `playwright_mobile_created_${suffix}`
+	const createdLabel = `Playwright mobile created ${suffix}`
+
+	await deleteDefinitionByFieldKey(page.request, existingFieldKey)
+	await deleteDefinitionByFieldKey(page.request, createdFieldKey)
+	await createDefinition(page.request, {
+		fieldKey: existingFieldKey,
+		label: existingLabel,
+	})
+
+	try {
+		await page.setViewportSize({ width: 768, height: 1180 })
+		await page.goto('./settings/admin/profile_fields')
+		await expect(page.getByTestId('profile-fields-admin')).toBeVisible()
+		await expect(page.getByText('No field selected')).toHaveCount(0)
+
+		await page.getByTestId(`profile-fields-admin-definition-${existingFieldKey}`).click()
+		const editDialog = page.getByRole('dialog', { name: 'Edit field' })
+		await expect(editDialog).toBeVisible()
+		await expect(editDialog.locator('#profile-fields-admin-label')).toHaveValue(existingLabel)
+
+		const dialogBox = await editDialog.boundingBox()
+		const saveBox = await editDialog.getByTestId('profile-fields-admin-save').boundingBox()
+		expect(dialogBox).not.toBeNull()
+		expect(saveBox).not.toBeNull()
+		expect(dialogBox!.y + dialogBox!.height - (saveBox!.y + saveBox!.height)).toBeGreaterThan(16)
+
+		await editDialog.getByRole('button', { name: /close/i }).click()
+		await expect(editDialog).toBeHidden()
+
+		await page.getByTestId('profile-fields-admin-new-field').click()
+		const createDialog = page.getByRole('dialog', { name: 'Create field' })
+		await expect(createDialog).toBeVisible()
+		await createDialog.locator('#profile-fields-admin-field-key').fill(createdFieldKey)
+		await createDialog.locator('#profile-fields-admin-label').fill(createdLabel)
+		await createDialog.getByTestId('profile-fields-admin-save').click()
+
+		await expect(page.getByTestId('profile-fields-admin-success')).toContainText('Field definition created.')
+		await expect(page.getByTestId(`profile-fields-admin-definition-${createdFieldKey}`)).toBeVisible()
+		await expect(createDialog).toBeHidden()
+	} finally {
+		await deleteDefinitionByFieldKey(page.request, existingFieldKey)
+		await deleteDefinitionByFieldKey(page.request, createdFieldKey)
+	}
+})
+
+test('admin can reorder field definitions by dragging the list handles', async ({ page }) => {
+	const suffix = Date.now()
+	const firstFieldKey = `playwright_order_first_${suffix}`
+	const secondFieldKey = `playwright_order_second_${suffix}`
+	const firstLabel = `Playwright order first ${suffix}`
+	const secondLabel = `Playwright order second ${suffix}`
+
+	await deleteDefinitionByFieldKey(page.request, firstFieldKey)
+	await deleteDefinitionByFieldKey(page.request, secondFieldKey)
+	await createDefinition(page.request, {
+		fieldKey: firstFieldKey,
+		label: firstLabel,
+		sortOrder: 0,
+	})
+	await createDefinition(page.request, {
+		fieldKey: secondFieldKey,
+		label: secondLabel,
+		sortOrder: 1,
+	})
+
+	try {
+		await page.goto('./settings/admin/profile_fields')
+		await expect(page.getByTestId('profile-fields-admin')).toBeVisible()
+
+		const firstHandle = page.getByTestId(`profile-fields-admin-definition-handle-${firstFieldKey}`)
+		const secondHandle = page.getByTestId(`profile-fields-admin-definition-handle-${secondFieldKey}`)
+		const verticalOrder = async() => {
+			const firstBox = await firstHandle.boundingBox()
+			const secondBox = await secondHandle.boundingBox()
+			expect(firstBox).not.toBeNull()
+			expect(secondBox).not.toBeNull()
+			return {
+				firstY: firstBox!.y,
+				secondY: secondBox!.y,
+			}
+		}
+
+		let order = await verticalOrder()
+		expect(order.firstY).toBeLessThan(order.secondY)
+
+		await secondHandle.dragTo(firstHandle)
+
+		await expect.poll(verticalOrder).toEqual(expect.objectContaining({
+			firstY: expect.any(Number),
+			secondY: expect.any(Number),
+		}))
+		order = await verticalOrder()
+		expect(order.secondY).toBeLessThan(order.firstY)
+
+		await page.reload()
+		await expect(page.getByTestId('profile-fields-admin')).toBeVisible()
+		order = await verticalOrder()
+		expect(order.secondY).toBeLessThan(order.firstY)
+	} finally {
+		await deleteDefinitionByFieldKey(page.request, firstFieldKey)
+		await deleteDefinitionByFieldKey(page.request, secondFieldKey)
+	}
+})
+
+test('admin shows native status chip, actions menu, and drag handle in the expected order', async ({ page }) => {
+	const suffix = Date.now()
+	const fieldKey = `playwright_layout_${suffix}`
+	const label = `Playwright layout ${suffix}`
+
+	await deleteDefinitionByFieldKey(page.request, fieldKey)
+	await createDefinition(page.request, {
+		fieldKey,
+		label,
+		active: true,
+	})
+
+	try {
+		await page.goto('./settings/admin/profile_fields')
+		await expect(page.getByTestId('profile-fields-admin')).toBeVisible()
+
+		const row = page.getByTestId(`profile-fields-admin-definition-${fieldKey}`)
+		const fieldKeyText = row.getByText(fieldKey, { exact: true })
+		const statusChip = row.getByText('Active', { exact: true })
+		const actionsButton = row.getByRole('button', { name: `Actions for ${label}` })
+		const dragHandle = page.getByTestId(`profile-fields-admin-definition-handle-${fieldKey}`)
+
+		await expect(fieldKeyText).toBeVisible()
+		await expect(statusChip).toBeVisible()
+		await expect(actionsButton).toBeVisible()
+		await expect(dragHandle).toBeVisible()
+
+		const fieldKeyBox = await fieldKeyText.boundingBox()
+		const statusBox = await statusChip.boundingBox()
+		const actionsBox = await actionsButton.boundingBox()
+		const dragHandleBox = await dragHandle.boundingBox()
+
+		expect(fieldKeyBox).not.toBeNull()
+		expect(statusBox).not.toBeNull()
+		expect(actionsBox).not.toBeNull()
+		expect(dragHandleBox).not.toBeNull()
+		expect(fieldKeyBox!.x).toBeLessThan(statusBox!.x)
+		expect(statusBox!.x).toBeLessThan(actionsBox!.x)
+		expect(actionsBox!.x).toBeLessThan(dragHandleBox!.x)
+	} finally {
+		await deleteDefinitionByFieldKey(page.request, fieldKey)
+	}
+})
+
 test('admin gets an initial select option row and can remove empty rows by keyboard', async ({ page }) => {
 	const suffix = Date.now()
 	const fieldKey = `playwright_select_create_${suffix}`
@@ -322,9 +475,8 @@ test('embedded personal settings autosave a user-visible field', async ({ page }
 	const definition = await createDefinition(page.request, {
 		fieldKey,
 		label,
-		userEditable: true,
-		userVisible: true,
-		initialVisibility: 'private',
+		editPolicy: 'users',
+		exposurePolicy: 'private',
 	})
 
 	try {
diff --git a/playwright/e2e/workflow.spec.ts b/playwright/e2e/workflow.spec.ts
index e7fcbac..425b4f3 100644
--- a/playwright/e2e/workflow.spec.ts
+++ b/playwright/e2e/workflow.spec.ts
@@ -83,9 +83,8 @@ const createWorkflowFieldDefinition = async(page: Page, fieldKey: string, label:
 	await createDefinition(page.request, {
 		fieldKey,
 		label,
-		userEditable: true,
-		userVisible: true,
-		initialVisibility: 'users',
+		editPolicy: 'users',
+		exposurePolicy: 'users',
 	})
 }
 
diff --git a/playwright/generate-screenshots.mjs b/playwright/generate-screenshots.mjs
index 20a94ab..ef4c29c 100644
--- a/playwright/generate-screenshots.mjs
+++ b/playwright/generate-screenshots.mjs
@@ -91,6 +91,14 @@ async function uploadCurrentUserAvatar(api, imagePath) {
 	}
 }
 
+const waitForAvatarImage = async(page) => {
+	await page.waitForFunction(() => {
+		const avatarImages = [...document.querySelectorAll('img')]
+			.filter((img) => img.src.includes('/avatar/'))
+		return avatarImages.some((img) => img.complete && img.naturalWidth > 0)
+	}, { timeout: 60_000 })
+}
+
 async function appRequest(api, method, path, body) {
 	const headers = {
 		'OCS-APIRequest': 'true',
@@ -173,6 +181,9 @@ const hideNonShowcaseAdminDefinitions = async(page) => {
 		const allowedKeys = new Set(keys)
 		document.querySelectorAll('[data-testid^="profile-fields-admin-definition-"]').forEach((element) => {
 			const testId = element.getAttribute('data-testid') ?? ''
+			if (testId.startsWith('profile-fields-admin-definition-handle-')) {
+				return
+			}
 			const fieldKey = testId.replace('profile-fields-admin-definition-', '')
 			const row = element.closest('li')
 			if (row instanceof HTMLElement && !allowedKeys.has(fieldKey)) {
@@ -304,6 +315,8 @@ const run = async() => {
 		await createDemoUser(api)
 		demoApi = await loginApi(demoUser.id, demoUser.password)
 		await uploadCurrentUserAvatar(demoApi, demoAvatarPath)
+		await demoApi.dispose()
+		demoApi = await loginApi(demoUser.id, demoUser.password)
 
 		for (const field of showcaseFields) {
 			const definition = await appRequest(api, 'POST', './ocs/v2.php/apps/profile_fields/api/v1/definitions', {
@@ -351,6 +364,7 @@ const run = async() => {
 
 		const personalPage = await demoContext.newPage()
 		await personalPage.goto('./settings/user/personal-info')
+		await waitForAvatarImage(personalPage)
 		await personalPage.getByTestId('profile-fields-personal-field-showcase_support_region').waitFor({ state: 'visible', timeout: 60_000 })
 		await seedPedroPotiAccountProfile(personalPage)
 		await hideNonShowcasePersonalFields(personalPage)
diff --git a/playwright/support/profile-fields.ts b/playwright/support/profile-fields.ts
index 82562ed..c899572 100644
--- a/playwright/support/profile-fields.ts
+++ b/playwright/support/profile-fields.ts
@@ -5,6 +5,8 @@ import type { APIRequestContext } from '@playwright/test'
 
 type FieldType = 'text' | 'number' | 'select'
 type FieldVisibility = 'private' | 'users' | 'public'
+type FieldEditPolicy = 'admins' | 'users'
+type FieldExposurePolicy = 'hidden' | FieldVisibility
 
 type FieldDefinition = {
 	id: number
@@ -12,10 +14,8 @@ type FieldDefinition = {
 	label: string
 	type: FieldType
 	options: string[] | null
-	admin_only: boolean
-	user_editable: boolean
-	user_visible: boolean
-	initial_visibility: FieldVisibility
+	edit_policy: FieldEditPolicy
+	exposure_policy: FieldExposurePolicy
 	sort_order: number
 	active: boolean
 	created_at: string
@@ -38,10 +38,8 @@ type DefinitionPayload = {
 	label: string
 	type?: FieldType
 	options?: string[]
-	adminOnly?: boolean
-	userEditable?: boolean
-	userVisible?: boolean
-	initialVisibility?: FieldVisibility
+	editPolicy?: FieldEditPolicy
+	exposurePolicy?: FieldExposurePolicy
 	sortOrder?: number
 	active?: boolean
 }
@@ -105,10 +103,8 @@ export async function createDefinition(
 		label: payload.label,
 		type: payload.type ?? 'text',
 		...(payload.type === 'select' ? { options: payload.options ?? [] } : {}),
-		adminOnly: payload.adminOnly ?? false,
-		userEditable: payload.userEditable ?? true,
-		userVisible: payload.userVisible ?? true,
-		initialVisibility: payload.initialVisibility ?? 'private',
+		editPolicy: payload.editPolicy ?? 'users',
+		exposurePolicy: payload.exposurePolicy ?? 'private',
 		sortOrder: payload.sortOrder ?? 0,
 		active: payload.active ?? true,
 	})
diff --git a/redocly.yaml b/redocly.yaml
new file mode 100644
index 0000000..c43685d
--- /dev/null
+++ b/redocly.yaml
@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: 2026 LibreCode coop and contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+apis:
+    openapi@v1:
+        root: ./openapi.json
+        x-openapi-ts:
+            output: ./src/types/openapi/openapi.ts
+    openapi-administration@v1:
+        root: ./openapi-administration.json
+        x-openapi-ts:
+            output: ./src/types/openapi/openapi-administration.ts
+    openapi-full@v1:
+        root: ./openapi-full.json
+        x-openapi-ts:
+            output: ./src/types/openapi/openapi-full.ts
diff --git a/src/components/AdminUserFieldsDialog.vue b/src/components/AdminUserFieldsDialog.vue
index 671d179..def5b99 100644
--- a/src/components/AdminUserFieldsDialog.vue
+++ b/src/components/AdminUserFieldsDialog.vue
@@ -108,6 +108,7 @@ import { computed, defineComponent, reactive, ref, watch } from 'vue'
 import NcAvatar from '@nextcloud/vue/components/NcAvatar'
 import { NcButton, NcDialog, NcEmptyContent, NcInputField, NcLoadingIcon, NcNoteCard, NcSelect } from '@nextcloud/vue'
 import { listAdminUserValues, listDefinitions, upsertAdminUserValue } from '../api'
+import { definitionDefaultVisibility } from '../types'
 import type { AdminEditableField, FieldDefinition, FieldType, FieldValueRecord, FieldVisibility } from '../types'
 import { buildAdminEditableFields } from '../utils/adminFieldValues.js'
 import { visibilityOptions } from '../utils/visibilityOptions.js'
@@ -248,7 +249,7 @@ export default defineComponent({
 			const currentValue = field.value?.value
 			userDraftValues[field.definition.id] = currentValue?.value?.toString() ?? ''
 
-			userDraftVisibilities[field.definition.id] = field.value?.current_visibility ?? field.definition.initial_visibility
+			userDraftVisibilities[field.definition.id] = field.value?.current_visibility ?? definitionDefaultVisibility(field.definition)
 			delete userValueErrors[field.definition.id]
 		}
 
@@ -364,7 +365,7 @@ export default defineComponent({
 		const currentPayload = (field: AdminEditableField) => {
 			return {
 				value: field.value?.value?.value ?? null,
-				visibility: field.value?.current_visibility ?? field.definition.initial_visibility,
+				visibility: field.value?.current_visibility ?? definitionDefaultVisibility(field.definition),
 			}
 		}
 
diff --git a/src/tests/utils/adminFieldValues.spec.ts b/src/tests/utils/adminFieldValues.spec.ts
index 459beea..9dc64db 100644
--- a/src/tests/utils/adminFieldValues.spec.ts
+++ b/src/tests/utils/adminFieldValues.spec.ts
@@ -11,12 +11,11 @@ const definition = (id: number, sortOrder: number, active = true): FieldDefiniti
 	field_key: `field_${id}`,
 	label: `Field ${id}`,
 	type: 'text',
-	admin_only: false,
-	user_editable: true,
-	user_visible: true,
-	initial_visibility: 'private',
+	edit_policy: 'users',
+	exposure_policy: 'private',
 	sort_order: sortOrder,
 	active,
+	options: null,
 	created_at: '2026-03-10T00:00:00+00:00',
 	updated_at: '2026-03-10T00:00:00+00:00',
 })
diff --git a/src/tests/utils/fieldOrder.spec.ts b/src/tests/utils/fieldOrder.spec.ts
index 8b5b3ae..b1338ee 100644
--- a/src/tests/utils/fieldOrder.spec.ts
+++ b/src/tests/utils/fieldOrder.spec.ts
@@ -11,12 +11,11 @@ const definition = (id: number, sortOrder: number): FieldDefinition => ({
 	field_key: `field_${id}`,
 	label: `Field ${id}`,
 	type: 'text',
-	admin_only: false,
-	user_editable: true,
-	user_visible: true,
-	initial_visibility: 'private',
+	edit_policy: 'users',
+	exposure_policy: 'private',
 	sort_order: sortOrder,
 	active: true,
+	options: null,
 	created_at: '2026-03-10T00:00:00+00:00',
 	updated_at: '2026-03-10T00:00:00+00:00',
 })
diff --git a/src/types/index.ts b/src/types/index.ts
index 7b2a4ba..7ee701e 100644
--- a/src/types/index.ts
+++ b/src/types/index.ts
@@ -21,7 +21,15 @@ type ApiRequestJsonBody<TOperation> = ApiJsonBody<ApiOperationRequestBody<TOpera
 
 export type FieldType = ApiComponents['schemas']['Type']
 export type FieldVisibility = ApiComponents['schemas']['Visibility']
-export type FieldDefinition = ApiComponents['schemas']['Definition']
+export type FieldEditPolicy = 'admins' | 'users'
+export type FieldExposurePolicy = 'hidden' | FieldVisibility
+
+type ApiFieldDefinition = ApiComponents['schemas']['Definition']
+
+export type FieldDefinition = Omit<ApiFieldDefinition, 'admin_only' | 'user_editable' | 'user_visible' | 'initial_visibility'> & {
+	edit_policy: FieldEditPolicy
+	exposure_policy: FieldExposurePolicy
+}
 
 // openapi-typescript collapses the loose `value: mixed` schema to Record<string, never>.
 // Keep the surrounding contract generated and widen only this payload leaf for frontend use.
@@ -43,8 +51,25 @@ export type LookupResult = Omit<ApiComponents['schemas']['LookupResult'], 'field
 	fields: Record<string, LookupField>
 }
 
-export type CreateDefinitionPayload = ApiRequestJsonBody<ApiOperations['field_definition_api-create']>
-export type UpdateDefinitionPayload = ApiRequestJsonBody<ApiOperations['field_definition_api-update']>
+export type CreateDefinitionPayload = {
+	fieldKey: string
+	label: string
+	type: FieldType
+	editPolicy?: FieldEditPolicy
+	exposurePolicy?: FieldExposurePolicy
+	sortOrder?: number
+	active?: boolean
+	options?: string[]
+}
+export type UpdateDefinitionPayload = {
+	label: string
+	type: FieldType
+	editPolicy?: FieldEditPolicy
+	exposurePolicy?: FieldExposurePolicy
+	sortOrder?: number
+	active?: boolean
+	options?: string[]
+}
 export type UpsertOwnValuePayload = ApiRequestJsonBody<ApiOperations['field_value_api-upsert']>
 export type UpdateOwnVisibilityPayload = ApiRequestJsonBody<ApiOperations['field_value_api-update-visibility']>
 export type UpsertAdminUserValuePayload = ApiRequestJsonBody<ApiOperations['field_value_admin_api-upsert']>
@@ -57,3 +82,14 @@ export type AdminEditableField = {
 export type ApiError = {
 	message: string
 }
+
+export const definitionDefaultVisibility = (definition: Pick<FieldDefinition, 'exposure_policy'>): FieldVisibility => {
+	switch (definition.exposure_policy) {
+	case 'public':
+		return 'public'
+	case 'users':
+		return 'users'
+	default:
+		return 'private'
+	}
+}
diff --git a/src/types/openapi/openapi-administration.ts b/src/types/openapi/openapi-administration.ts
index 53aeb9a..d050176 100644
--- a/src/types/openapi/openapi-administration.ts
+++ b/src/types/openapi/openapi-administration.ts
@@ -3,7 +3,7 @@
  * Do not make direct changes to the file.
  */
 
-export interface paths {
+export type paths = {
     "/ocs/v2.php/apps/profile_fields/api/v1/definitions": {
         parameters: {
             query?: never;
@@ -140,9 +140,9 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-}
+};
 export type webhooks = Record<string, never>;
-export interface components {
+export type components = {
     schemas: {
         Definition: {
             /** Format: int64 */
@@ -150,10 +150,8 @@ export interface components {
             field_key: string;
             label: string;
             type: components["schemas"]["Type"];
-            admin_only: boolean;
-            user_editable: boolean;
-            user_visible: boolean;
-            initial_visibility: components["schemas"]["Visibility"];
+            edit_policy: components["schemas"]["EditPolicy"];
+            exposure_policy: components["schemas"]["ExposurePolicy"];
             /** Format: int64 */
             sort_order: number;
             active: boolean;
@@ -161,6 +159,10 @@ export interface components {
             created_at: string;
             updated_at: string;
         };
+        /** @enum {string} */
+        EditPolicy: "admins" | "users";
+        /** @enum {string} */
+        ExposurePolicy: "hidden" | "private" | "users" | "public";
         LookupField: {
             definition: components["schemas"]["Definition"];
             value: components["schemas"]["ValueRecord"];
@@ -214,7 +216,7 @@ export interface components {
     requestBodies: never;
     headers: never;
     pathItems: never;
-}
+};
 export type $defs = Record<string, never>;
 export interface operations {
     "field_definition_api-index": {
@@ -265,25 +267,15 @@ export interface operations {
                     /** @description Value type accepted by the field */
                     type: string;
                     /**
-                     * @description Whether only admins can edit values for this field
-                     * @default false
-                     */
-                    adminOnly?: boolean;
-                    /**
-                     * @description Whether the owner can edit the field value
-                     * @default false
-                     */
-                    userEditable?: boolean;
-                    /**
-                     * @description Whether the owner can see the field in personal settings
-                     * @default true
+                     * @description Whether values are managed by admins only or by users too
+                     * @default users
                      */
-                    userVisible?: boolean;
+                    editPolicy?: string;
                     /**
-                     * @description Initial visibility applied to new values
+                     * @description Whether the field is hidden or which default visibility new values receive
                      * @default private
                      */
-                    initialVisibility?: string;
+                    exposurePolicy?: string;
                     /**
                      * Format: int64
                      * @description Display order used in admin and profile forms
@@ -357,25 +349,15 @@ export interface operations {
                     /** @description Value type accepted by the field */
                     type: string;
                     /**
-                     * @description Whether only admins can edit values for this field
-                     * @default false
-                     */
-                    adminOnly?: boolean;
-                    /**
-                     * @description Whether the owner can edit the field value
-                     * @default false
-                     */
-                    userEditable?: boolean;
-                    /**
-                     * @description Whether the owner can see the field in personal settings
-                     * @default true
+                     * @description Whether values are managed by admins only or by users too
+                     * @default users
                      */
-                    userVisible?: boolean;
+                    editPolicy?: string;
                     /**
-                     * @description Initial visibility applied to new values
+                     * @description Whether the field is hidden or which default visibility new values receive
                      * @default private
                      */
-                    initialVisibility?: string;
+                    exposurePolicy?: string;
                     /**
                      * Format: int64
                      * @description Display order used in admin and profile forms
diff --git a/src/types/openapi/openapi-full.ts b/src/types/openapi/openapi-full.ts
index a11fa2e..1603a5e 100644
--- a/src/types/openapi/openapi-full.ts
+++ b/src/types/openapi/openapi-full.ts
@@ -3,7 +3,7 @@
  * Do not make direct changes to the file.
  */
 
-export interface paths {
+export type paths = {
     "/ocs/v2.php/apps/profile_fields/api/v1/definitions": {
         parameters: {
             query?: never;
@@ -200,9 +200,9 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-}
+};
 export type webhooks = Record<string, never>;
-export interface components {
+export type components = {
     schemas: {
         Definition: {
             /** Format: int64 */
@@ -210,10 +210,8 @@ export interface components {
             field_key: string;
             label: string;
             type: components["schemas"]["Type"];
-            admin_only: boolean;
-            user_editable: boolean;
-            user_visible: boolean;
-            initial_visibility: components["schemas"]["Visibility"];
+            edit_policy: components["schemas"]["EditPolicy"];
+            exposure_policy: components["schemas"]["ExposurePolicy"];
             /** Format: int64 */
             sort_order: number;
             active: boolean;
@@ -225,20 +223,22 @@ export interface components {
             field_key?: string;
             label?: string;
             type?: string;
-            admin_only?: boolean;
-            user_editable?: boolean;
-            user_visible?: boolean;
-            initial_visibility?: string;
+            edit_policy?: components["schemas"]["EditPolicy"];
+            exposure_policy?: components["schemas"]["ExposurePolicy"];
             /** Format: int64 */
             sort_order?: number;
             active?: boolean;
             options?: string[];
         };
+        /** @enum {string} */
+        EditPolicy: "admins" | "users";
         EditableField: {
             definition: components["schemas"]["Definition"];
             value: components["schemas"]["ValueRecord"];
             can_edit: boolean;
         };
+        /** @enum {string} */
+        ExposurePolicy: "hidden" | "private" | "users" | "public";
         LookupField: {
             definition: components["schemas"]["Definition"];
             value: components["schemas"]["ValueRecord"];
@@ -299,7 +299,7 @@ export interface components {
     requestBodies: never;
     headers: never;
     pathItems: never;
-}
+};
 export type $defs = Record<string, never>;
 export interface operations {
     "field_definition_api-index": {
@@ -350,25 +350,15 @@ export interface operations {
                     /** @description Value type accepted by the field */
                     type: string;
                     /**
-                     * @description Whether only admins can edit values for this field
-                     * @default false
-                     */
-                    adminOnly?: boolean;
-                    /**
-                     * @description Whether the owner can edit the field value
-                     * @default false
-                     */
-                    userEditable?: boolean;
-                    /**
-                     * @description Whether the owner can see the field in personal settings
-                     * @default true
+                     * @description Whether values are managed by admins only or by users too
+                     * @default users
                      */
-                    userVisible?: boolean;
+                    editPolicy?: string;
                     /**
-                     * @description Initial visibility applied to new values
+                     * @description Whether the field is hidden or which default visibility new values receive
                      * @default private
                      */
-                    initialVisibility?: string;
+                    exposurePolicy?: string;
                     /**
                      * Format: int64
                      * @description Display order used in admin and profile forms
@@ -442,25 +432,15 @@ export interface operations {
                     /** @description Value type accepted by the field */
                     type: string;
                     /**
-                     * @description Whether only admins can edit values for this field
-                     * @default false
-                     */
-                    adminOnly?: boolean;
-                    /**
-                     * @description Whether the owner can edit the field value
-                     * @default false
-                     */
-                    userEditable?: boolean;
-                    /**
-                     * @description Whether the owner can see the field in personal settings
-                     * @default true
+                     * @description Whether values are managed by admins only or by users too
+                     * @default users
                      */
-                    userVisible?: boolean;
+                    editPolicy?: string;
                     /**
-                     * @description Initial visibility applied to new values
+                     * @description Whether the field is hidden or which default visibility new values receive
                      * @default private
                      */
-                    initialVisibility?: string;
+                    exposurePolicy?: string;
                     /**
                      * Format: int64
                      * @description Display order used in admin and profile forms
diff --git a/src/types/openapi/openapi.ts b/src/types/openapi/openapi.ts
index 1ab2e3d..aa0db2a 100644
--- a/src/types/openapi/openapi.ts
+++ b/src/types/openapi/openapi.ts
@@ -3,7 +3,7 @@
  * Do not make direct changes to the file.
  */
 
-export interface paths {
+export type paths = {
     "/ocs/v2.php/apps/profile_fields/api/v1/me/values": {
         parameters: {
             query?: never;
@@ -64,9 +64,9 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-}
+};
 export type webhooks = Record<string, never>;
-export interface components {
+export type components = {
     schemas: {
         Definition: {
             /** Format: int64 */
@@ -74,10 +74,8 @@ export interface components {
             field_key: string;
             label: string;
             type: components["schemas"]["Type"];
-            admin_only: boolean;
-            user_editable: boolean;
-            user_visible: boolean;
-            initial_visibility: components["schemas"]["Visibility"];
+            edit_policy: components["schemas"]["EditPolicy"];
+            exposure_policy: components["schemas"]["ExposurePolicy"];
             /** Format: int64 */
             sort_order: number;
             active: boolean;
@@ -85,11 +83,15 @@ export interface components {
             created_at: string;
             updated_at: string;
         };
+        /** @enum {string} */
+        EditPolicy: "admins" | "users";
         EditableField: {
             definition: components["schemas"]["Definition"];
             value: components["schemas"]["ValueRecord"];
             can_edit: boolean;
         };
+        /** @enum {string} */
+        ExposurePolicy: "hidden" | "private" | "users" | "public";
         OCSMeta: {
             status: string;
             statuscode: number;
@@ -121,7 +123,7 @@ export interface components {
     requestBodies: never;
     headers: never;
     pathItems: never;
-}
+};
 export type $defs = Record<string, never>;
 export interface operations {
     "field_value_api-index": {
diff --git a/src/views/AdminSettings.vue b/src/views/AdminSettings.vue
index 6a965d7..c5dce41 100644
--- a/src/views/AdminSettings.vue
+++ b/src/views/AdminSettings.vue
@@ -10,7 +10,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 			<div>
 				<h2>Field catalog administration</h2>
 				<p>
-					Create the global field catalog, control who can edit each field and tune the default visibility used when a value is first stored.
+					Create the global field catalog, choose who can edit each field, and define how exposed new values are by default.
 				</p>
 			</div>
 			<div class="profile-fields-admin__hero-meta">
@@ -22,9 +22,11 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 		<NcNoteCard v-if="errorMessage" type="error" data-testid="profile-fields-admin-error">
 			{{ errorMessage }}
 		</NcNoteCard>
-		<NcNoteCard v-if="successMessage" type="success" data-testid="profile-fields-admin-success">
-			{{ successMessage }}
-		</NcNoteCard>
+		<span
+			class="profile-fields-admin__success-announcement"
+			data-testid="profile-fields-admin-success"
+			aria-live="polite"
+			aria-atomic="true">{{ successMessage }}</span>
 
 		<div v-if="isLoading" class="profile-fields-admin__loading">
 			<NcLoadingIcon :size="32" />
@@ -35,7 +37,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 				<div class="profile-fields-admin__panel-header">
 					<div>
 						<h3>Defined fields</h3>
-						<p>Pick an existing definition to edit its rules or start a fresh field.</p>
+						<p>Pick a field to edit it or create a new one.</p>
 					</div>
 					<NcButton variant="secondary" data-testid="profile-fields-admin-new-field" @click="startCreatingField">
 						New field
@@ -44,48 +46,104 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 
 				<NcEmptyContent v-if="sortedDefinitions.length === 0" name="No fields yet" description="The catalog is empty. Create the first field to make it available to users." />
 
-				<ul v-else class="profile-fields-admin__list">
-					<li v-for="definition in sortedDefinitions" :key="definition.id">
-						<button
-							class="profile-fields-admin__list-item"
-							:class="{ 'is-selected': definition.id === selectedId }"
-							:data-testid="`profile-fields-admin-definition-${definition.field_key}`"
-							@click="populateForm(definition)">
-							<div>
-								<strong>{{ definition.label }}</strong>
-								<span>{{ definition.field_key }}</span>
-							</div>
-							<div class="profile-fields-admin__list-item-meta">
-								<span>{{ definition.type }}</span>
-								<span :class="definition.active ? 'is-active' : 'is-inactive'">{{ definition.active ? 'Active' : 'Inactive' }}</span>
-							</div>
-						</button>
-					</li>
-				</ul>
+				<Draggable
+					v-else
+					:model-value="sortedDefinitions"
+					tag="ul"
+					class="profile-fields-admin__list"
+					item-key="id"
+					handle=".profile-fields-admin__definition-handle"
+					ghost-class="profile-fields-admin__list-row--ghost"
+					chosen-class="profile-fields-admin__list-row--chosen"
+					:animation="180"
+					:disabled="isSaving"
+					@change="reorderDefinitions">
+					<template #item="{ element: definition }">
+						<li class="profile-fields-admin__list-row" :class="{ 'is-disabled': isSaving }">
+							<NcListItem
+								class="profile-fields-admin__list-item"
+								:class="{ 'is-selected': definition.id === selectedId, 'is-just-saved': definition.id === justSavedId }"
+								:data-testid="`profile-fields-admin-definition-${definition.field_key}`"
+								:name="definition.label"
+								:active="definition.id === selectedId"
+								compact
+								:link-aria-label="`Edit field ${definition.label}`"
+								@click="handleDefinitionClick(definition)">
+								<template #subname>
+									<span class="profile-fields-admin__list-item-subname">{{ definition.field_key }}</span>
+								</template>
+								<template #extra-actions>
+									<NcChip
+										class="profile-fields-admin__definition-status"
+										:text="definition.active ? 'Active' : 'Inactive'"
+										:variant="definition.active ? 'success' : 'secondary'"
+										:no-close="true" />
+									<NcActions
+										class="profile-fields-admin__definition-actions"
+										:aria-label="`Actions for ${definition.label}`">
+										<NcActionButton :disabled="isSaving" @click="openDefinition(definition)">
+											<template #icon>
+												<NcIconSvgWrapper :path="mdiPencilOutline" :size="18" />
+											</template>
+											Edit field
+										</NcActionButton>
+										<NcActionButton :disabled="isSaving" @click="toggleDefinitionActive(definition)">
+											<template #icon>
+												<NcIconSvgWrapper :path="definition.active ? mdiEyeOffOutline : mdiEyeOutline" :size="18" />
+											</template>
+											{{ definition.active ? 'Deactivate field' : 'Activate field' }}
+										</NcActionButton>
+										<NcActionButton :disabled="isSaving" @click="removeDefinitionByItem(definition)">
+											<template #icon>
+												<NcIconSvgWrapper :path="mdiDeleteOutline" :size="18" />
+											</template>
+											Delete field
+										</NcActionButton>
+									</NcActions>
+									<NcButton
+										class="profile-fields-admin__definition-handle"
+										:data-testid="`profile-fields-admin-definition-handle-${definition.field_key}`"
+										aria-label="Drag to reorder field"
+										variant="tertiary-no-background"
+										:disabled="isSaving"
+										tabindex="-1"
+										@click.stop>
+										<template #icon>
+											<NcIconSvgWrapper :path="mdiDragVertical" :size="18" />
+										</template>
+									</NcButton>
+								</template>
+							</NcListItem>
+						</li>
+					</template>
+				</Draggable>
 			</aside>
 
-			<div class="profile-fields-admin__editor">
+			<component
+				:is="editorShellComponent"
+				v-bind="editorShellProps"
+				class="profile-fields-admin__editor-shell"
+				@update:open="updateEditorDialogOpen">
+				<div
+					class="profile-fields-admin__editor"
+					:class="{ 'profile-fields-admin__editor--dialog': isCompactLayout }">
 				<template v-if="isEditorVisible">
 					<div class="profile-fields-admin__panel-header">
 						<div>
 							<h3>{{ isEditing ? 'Edit field' : 'Create field' }}</h3>
-							<p>Configure the label, storage rules and who is allowed to manage the value.</p>
+							<p>{{ editorDescription }}</p>
 						</div>
 						<div class="profile-fields-admin__editor-actions">
-							<NcButton variant="secondary" :disabled="!canMoveUp || isSaving" @click="moveDefinition(-1)">
-								Move up
-							</NcButton>
-							<NcButton variant="secondary" :disabled="!canMoveDown || isSaving" @click="moveDefinition(1)">
-								Move down
-							</NcButton>
+							<NcCheckboxRadioSwitch v-model="form.active" type="switch" class="profile-fields-admin__header-switch">
+								Active
+							</NcCheckboxRadioSwitch>
 						</div>
 					</div>
 
-					<form class="profile-fields-admin__form" data-testid="profile-fields-admin-form" @submit.prevent="persistDefinition">
+					<form id="profile-fields-admin-form" class="profile-fields-admin__form" data-testid="profile-fields-admin-form" @submit.prevent="persistDefinition">
 					<section class="profile-fields-admin__form-section profile-fields-admin__form-section--identity">
 						<div class="profile-fields-admin__section-heading">
 							<h4>Identity</h4>
-							<p>The key is immutable after creation and should stay API-safe.</p>
 						</div>
 
 						<div class="profile-fields-admin__grid profile-fields-admin__grid--identity">
@@ -116,50 +174,69 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 
 					<section class="profile-fields-admin__form-section">
 						<div class="profile-fields-admin__section-heading">
-							<h4>Behavior</h4>
-							<p>Choose how the field is stored, displayed and exposed by default.</p>
-							<p>Fields visible to users can appear in global search when stored values are public or visible to authenticated users. Hidden fields and private values stay searchable only for administrators.</p>
+							<h4>Rules</h4>
 						</div>
 
-						<div class="profile-fields-admin__grid">
+						<div class="profile-fields-admin__grid profile-fields-admin__grid--rules">
 							<div class="profile-fields-admin__field">
-								<label for="profile-fields-admin-type">Type</label>
+								<label for="profile-fields-admin-edit-policy">Edit policy</label>
 								<NcSelect
-									data-testid="profile-fields-admin-type-select"
-									input-id="profile-fields-admin-type"
-									v-model="selectedTypeOption"
-									input-label="Type"
+									input-id="profile-fields-admin-edit-policy"
+									v-model="selectedEditPolicyOption"
+									input-label="Edit policy"
 									label-outside
 									:clearable="false"
 									:searchable="false"
-									:options="fieldTypeOptions"
+									:options="editPolicyOptions"
 									label="label"
-									placeholder="Choose a field type"
+									placeholder="Choose edit policy"
 								/>
+								<p class="profile-fields-admin__field-helper">{{ editPolicyDescription }}</p>
 							</div>
 
 							<div class="profile-fields-admin__field">
-								<label for="profile-fields-admin-visibility">Initial visibility</label>
+								<label for="profile-fields-admin-visibility-policy">Visibility</label>
 								<NcSelect
-									input-id="profile-fields-admin-visibility"
-									v-model="selectedVisibilityOption"
-									input-label="Initial visibility"
+									input-id="profile-fields-admin-visibility-policy"
+									v-model="selectedExposurePolicyOption"
+									input-label="Visibility"
 									label-outside
 									:clearable="false"
 									:searchable="false"
-									:options="visibilityOptions"
+									:options="exposurePolicyOptions"
 									label="label"
-									placeholder="Choose default visibility"
+									placeholder="Choose visibility"
+								/>
+								<p class="profile-fields-admin__field-helper">{{ exposurePolicyDescription }}</p>
+							</div>
+
+							<div class="profile-fields-admin__field">
+								<label for="profile-fields-admin-type">Type</label>
+								<NcSelect
+									data-testid="profile-fields-admin-type-select"
+									input-id="profile-fields-admin-type"
+									v-model="selectedTypeOption"
+									input-label="Type"
+									label-outside
+									:clearable="false"
+									:searchable="false"
+									:options="fieldTypeOptions"
+									label="label"
+									placeholder="Choose a field type"
 								/>
 							</div>
 						</div>
 					</section>
 
 					<section v-if="form.type === 'select'" class="profile-fields-admin__form-section">
-						<div class="profile-fields-admin__section-heading">
-							<h4>Options</h4>
-							<p>Define the values users and admins can pick from this field.</p>
-							<p class="profile-fields-admin__section-hint">Press Enter to create the next option. Empty rows are reused, removed on blur, and Backspace or Delete removes an empty row. Use Add multiple options to paste one option per line.</p>
+						<div class="profile-fields-admin__section-heading profile-fields-admin__section-heading--split">
+							<div>
+								<h4>Options</h4>
+							</div>
+							<div class="profile-fields-admin__options-meta">
+								<strong>{{ normalizedOptionCount }}</strong>
+								<span>{{ normalizedOptionCount === 1 ? 'option' : 'options' }}</span>
+							</div>
 						</div>
 
 						<Draggable
@@ -237,42 +314,8 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 						</div>
 					</section>
 
-					<section class="profile-fields-admin__form-section">
-						<div class="profile-fields-admin__section-heading">
-							<h4>Permissions</h4>
-							<p>Control whether users can write the field directly and whether the definition stays active.</p>
-						</div>
-
-						<div class="profile-fields-admin__toggles">
-							<NcCheckboxRadioSwitch v-model="form.adminOnly" type="switch" class="profile-fields-admin__toggle-card">
-								Admin-only editing
-								<template #description>
-									Only administrators can update stored values. Enabling this turns off user self-service editing.
-								</template>
-							</NcCheckboxRadioSwitch>
-							<NcCheckboxRadioSwitch v-model="form.userEditable" type="switch" class="profile-fields-admin__toggle-card" :disabled="!form.userVisible">
-								User self-service editing
-								<template #description>
-									Expose the field in the personal settings page. Enabling this turns off admin-only editing.
-								</template>
-							</NcCheckboxRadioSwitch>
-							<NcCheckboxRadioSwitch v-model="form.userVisible" type="switch" class="profile-fields-admin__toggle-card">
-								Visible to users
-								<template #description>
-									{{ userVisibleDescription }}
-								</template>
-							</NcCheckboxRadioSwitch>
-							<NcCheckboxRadioSwitch v-model="form.active" type="switch" class="profile-fields-admin__toggle-card">
-								Field is active
-								<template #description>
-									Inactive fields stay defined but disappear from the UX.
-								</template>
-							</NcCheckboxRadioSwitch>
-						</div>
-					</section>
-
-					<div class="profile-fields-admin__submit-row">
-						<NcButton type="submit" variant="primary" data-testid="profile-fields-admin-save" :disabled="isSaving || !isFormDirty || hasDuplicateOptions">
+					<div v-if="!isCompactLayout" class="profile-fields-admin__submit-row">
+						<NcButton type="submit" variant="primary" data-testid="profile-fields-admin-save" :disabled="isSaveDisabled">
 							{{ isSaving ? 'Saving...' : (isEditing ? 'Save changes' : 'Create field') }}
 						</NcButton>
 						<NcButton v-if="isEditing" variant="error" data-testid="profile-fields-admin-delete" :disabled="isSaving" @click.prevent="removeDefinition">
@@ -282,13 +325,30 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 					</form>
 				</template>
 
-				<div v-else class="profile-fields-admin__empty-editor">
-					<NcEmptyContent :name="editorEmptyState.title" :description="editorEmptyState.description" />
-					<NcButton variant="primary" @click="startCreatingField">
-						New field
-					</NcButton>
+				<div v-else-if="!isCompactLayout" class="profile-fields-admin__empty-editor">
+					<div class="profile-fields-admin__empty-editor-card">
+						<h3>{{ editorEmptyState.title }}</h3>
+						<p>{{ editorEmptyState.description }}</p>
+						<div class="profile-fields-admin__empty-editor-actions">
+							<NcButton variant="primary" @click="startCreatingField">
+								New field
+							</NcButton>
+						</div>
+					</div>
 				</div>
 			</div>
+				<template v-if="isCompactLayout && isEditorVisible" #actions>
+					<NcButton :disabled="isSaving" @click="closeEditor">
+						Cancel
+					</NcButton>
+					<NcButton v-if="isEditing" variant="error" data-testid="profile-fields-admin-delete" :disabled="isSaving" @click.prevent="removeDefinition">
+						Delete field
+					</NcButton>
+					<NcButton type="submit" form="profile-fields-admin-form" variant="primary" data-testid="profile-fields-admin-save" :disabled="isSaveDisabled">
+						{{ isSaving ? 'Saving...' : (isEditing ? 'Save changes' : 'Create field') }}
+					</NcButton>
+				</template>
+			</component>
 		</div>
 
 		<NcDialog
@@ -328,18 +388,16 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 </template>
 
 <script setup lang="ts">
-import { mdiArrowDown, mdiArrowUp, mdiClose, mdiDragVertical } from '@mdi/js'
-import { computed, nextTick, onMounted, reactive, ref, watch } from 'vue'
+import { mdiArrowDown, mdiArrowUp, mdiClose, mdiDeleteOutline, mdiDragVertical, mdiEyeOffOutline, mdiEyeOutline, mdiPencilOutline } from '@mdi/js'
+import { computed, nextTick, onBeforeUnmount, onMounted, reactive, ref, watch } from 'vue'
 import NcDialog from '@nextcloud/vue/components/NcDialog'
 import NcTextArea from '@nextcloud/vue/components/NcTextArea'
 import Draggable from 'vuedraggable'
-import { NcActionButton, NcActions, NcButton, NcCheckboxRadioSwitch, NcEmptyContent, NcIconSvgWrapper, NcInputField, NcLoadingIcon, NcNoteCard, NcSelect } from '@nextcloud/vue'
+import { NcActionButton, NcActions, NcButton, NcCheckboxRadioSwitch, NcChip, NcEmptyContent, NcIconSvgWrapper, NcInputField, NcListItem, NcLoadingIcon, NcNoteCard, NcSelect } from '@nextcloud/vue'
 import { createDefinition, deleteDefinition, listDefinitions, updateDefinition } from '../api'
-import type { FieldDefinition, FieldType, FieldVisibility } from '../types'
-import { buildFieldOrderUpdates } from '../utils/fieldOrder.js'
+import type { FieldDefinition, FieldEditPolicy, FieldExposurePolicy, FieldType } from '../types'
 import { createEditableSelectOptions, extractEditableSelectOptionValues, moveEditableSelectOption, normalizeEditableSelectOptionValue, parseEditableSelectOptionValues } from '../utils/selectFieldOptions.js'
 import type { EditableSelectOption } from '../utils/selectFieldOptions.js'
-import { visibilityOptions } from '../utils/visibilityOptions.js'
 
 const fieldTypeOptions: Array<{ value: FieldType, label: string }> = [
 	{ value: 'text', label: 'Text' },
@@ -347,16 +405,55 @@ const fieldTypeOptions: Array<{ value: FieldType, label: string }> = [
 	{ value: 'select', label: 'Select' },
 ]
 
+const editPolicyOptions: Array<{ value: FieldEditPolicy, label: string }> = [
+	{ value: 'users', label: 'Users can edit' },
+	{ value: 'admins', label: 'Admins only' },
+]
+
+const exposurePolicyOptions: Array<{ value: FieldExposurePolicy, label: string }> = [
+	{ value: 'hidden', label: 'Hidden from users' },
+	{ value: 'private', label: 'Visible to users, private by default' },
+	{ value: 'users', label: 'Visible to users, shared with users by default' },
+	{ value: 'public', label: 'Visible to everyone by default' },
+]
+
 const definitions = ref<FieldDefinition[]>([])
 const isLoading = ref(true)
 const isSaving = ref(false)
 const errorMessage = ref('')
-const successMessage = ref('')
 const selectedId = ref<number | null>(null)
+const justSavedId = ref<number | null>(null)
+let justSavedTimeout: ReturnType<typeof setTimeout> | null = null
+const successMessage = ref('')
+let successMessageTimeout: ReturnType<typeof setTimeout> | null = null
+
+const setSuccessMessage = (message: string) => {
+	if (successMessageTimeout !== null) {
+		clearTimeout(successMessageTimeout)
+	}
+	successMessage.value = message
+	successMessageTimeout = setTimeout(() => {
+		successMessage.value = ''
+		successMessageTimeout = null
+	}, 4000)
+}
+
+const markJustSaved = (id: number) => {
+	if (justSavedTimeout !== null) {
+		clearTimeout(justSavedTimeout)
+	}
+	justSavedId.value = id
+	justSavedTimeout = setTimeout(() => {
+		justSavedId.value = null
+		justSavedTimeout = null
+	}, 2000)
+}
 const isCreatingNew = ref(false)
 const isBulkOptionsDialogOpen = ref(false)
+const isCompactLayout = ref(false)
 const bulkOptionInput = ref('')
 let nextOptionId = 0
+let compactLayoutMediaQuery: MediaQueryList | null = null
 
 const createOptionId = () => `option-${nextOptionId++}`
 
@@ -364,26 +461,44 @@ const form = reactive({
 	fieldKey: '',
 	label: '',
 	type: 'text' as FieldType,
-	adminOnly: false,
-	userEditable: true,
-	userVisible: true,
-	initialVisibility: 'private' as FieldVisibility,
+	editPolicy: 'users' as FieldEditPolicy,
+	exposurePolicy: 'private' as FieldExposurePolicy,
 	sortOrder: 0,
 	active: true,
 	options: createEditableSelectOptions([], createOptionId),
 })
 
-
-const userVisibleDescription = computed(() => form.userVisible
-	? 'Show the field in admin and personal user-facing settings.'
-	: 'Hide system-managed fields from user-facing settings.')
+const editPolicyDescription = computed(() => form.editPolicy === 'admins'
+	? 'Only administrators can create or update stored values for this field.'
+	: 'Users can maintain their own value for this field from personal settings.')
+const exposurePolicyDescription = computed(() => {
+	switch (form.exposurePolicy) {
+	case 'hidden':
+		return 'The field stays out of personal settings and regular global search.'
+	case 'users':
+		return 'The field appears in personal settings. New values are shared with logged-in users.'
+	case 'public':
+		return 'The field appears in personal settings. New values are public.'
+	default:
+		return 'The field appears in personal settings. New values start private.'
+	}
+})
+const editorDescription = computed(() => isEditing.value
+	? 'Update the selected field and its policies.'
+	: 'Define the field and its policies.')
 const selectedDefinition = computed(() => definitions.value.find((definition: FieldDefinition) => definition.id === selectedId.value) ?? null)
 const sortedDefinitions = computed(() => [...definitions.value].sort((left, right) => left.sort_order - right.sort_order || left.id - right.id))
 const isEditing = computed(() => selectedDefinition.value !== null)
 const isEditorVisible = computed(() => isCreatingNew.value || isEditing.value)
-const selectedDefinitionIndex = computed(() => sortedDefinitions.value.findIndex((definition: FieldDefinition) => definition.id === selectedId.value))
-const canMoveUp = computed(() => isEditing.value && selectedDefinitionIndex.value > 0)
-const canMoveDown = computed(() => isEditing.value && selectedDefinitionIndex.value > -1 && selectedDefinitionIndex.value < sortedDefinitions.value.length - 1)
+const editorShellComponent = computed(() => isCompactLayout.value ? NcDialog : 'div')
+const editorShellProps = computed(() => isCompactLayout.value
+	? {
+		open: isEditorVisible.value,
+		name: isEditing.value ? 'Edit field' : 'Create field',
+		size: 'large',
+		contentClasses: 'profile-fields-admin__editor-dialog',
+	}
+	: {})
 const editorEmptyState = computed(() => sortedDefinitions.value.length === 0
 	? {
 		title: 'No fields yet',
@@ -398,10 +513,8 @@ const buildFormState = () => ({
 	fieldKey: form.fieldKey,
 	label: form.label,
 	type: form.type,
-	adminOnly: form.adminOnly,
-	userEditable: form.userEditable,
-	userVisible: form.userVisible,
-	initialVisibility: form.initialVisibility,
+	editPolicy: form.editPolicy,
+	exposurePolicy: form.exposurePolicy,
 	sortOrder: Number(form.sortOrder),
 	active: form.active,
 	options: form.type === 'select' ? extractEditableSelectOptionValues(form.options).filter((optionValue: string) => optionValue.trim() !== '') : [],
@@ -413,10 +526,8 @@ const buildDefinitionState = (definition: FieldDefinition | null) => {
 			fieldKey: '',
 			label: '',
 			type: 'text' as FieldType,
-			adminOnly: false,
-			userEditable: true,
-			userVisible: true,
-			initialVisibility: 'private' as FieldVisibility,
+			editPolicy: 'users' as FieldEditPolicy,
+			exposurePolicy: 'private' as FieldExposurePolicy,
 			sortOrder: definitions.value.length,
 			active: true,
 			options: [],
@@ -427,10 +538,8 @@ const buildDefinitionState = (definition: FieldDefinition | null) => {
 		fieldKey: definition.field_key,
 		label: definition.label,
 		type: definition.type,
-		adminOnly: definition.admin_only,
-		userEditable: definition.user_editable,
-		userVisible: definition.user_visible,
-		initialVisibility: definition.initial_visibility,
+		editPolicy: definition.edit_policy,
+		exposurePolicy: definition.exposure_policy,
 		sortOrder: definition.sort_order,
 		active: definition.active,
 		options: definition.type === 'select' ? (definition.options ?? []) : [],
@@ -463,6 +572,19 @@ const hasOptionValue = (index: number) => form.options[index]?.value.trim() !==
 const canMoveOptionUp = (index: number) => index > 0
 const canMoveOptionDown = (index: number) => index < form.options.length - 1
 const bulkOptionValues = computed(() => parseEditableSelectOptionValues(bulkOptionInput.value))
+const normalizedOptionCount = computed(() => extractEditableSelectOptionValues(form.options).filter((optionValue: string) => optionValue.trim() !== '').length)
+const hasRequiredFields = computed(() => {
+	if (form.fieldKey.trim() === '' || form.label.trim() === '') {
+		return false
+	}
+
+	if (form.type === 'select' && normalizedOptionCount.value === 0) {
+		return false
+	}
+
+	return true
+})
+const isSaveDisabled = computed(() => isSaving.value || !isFormDirty.value || hasDuplicateOptions.value || !hasRequiredFields.value)
 
 const focusOptionInput = async(index: number) => {
 	await nextTick()
@@ -482,11 +604,19 @@ const selectedTypeOption = computed({
 		}
 	},
 })
-const selectedVisibilityOption = computed({
-	get: () => visibilityOptions.find((option) => option.value === form.initialVisibility) ?? visibilityOptions[0],
-	set: (option: { value: FieldVisibility, label: string } | null) => {
+const selectedEditPolicyOption = computed({
+	get: () => editPolicyOptions.find((option) => option.value === form.editPolicy) ?? editPolicyOptions[0],
+	set: (option: { value: FieldEditPolicy, label: string } | null) => {
+		if (option !== null) {
+			form.editPolicy = option.value
+		}
+	},
+})
+const selectedExposurePolicyOption = computed({
+	get: () => exposurePolicyOptions.find((option) => option.value === form.exposurePolicy) ?? exposurePolicyOptions[0],
+	set: (option: { value: FieldExposurePolicy, label: string } | null) => {
 		if (option !== null) {
-			form.initialVisibility = option.value
+			form.exposurePolicy = option.value
 		}
 	},
 })
@@ -496,30 +626,81 @@ const resetForm = () => {
 	form.fieldKey = ''
 	form.label = ''
 	form.type = 'text'
-	form.adminOnly = false
-	form.userEditable = true
-	form.userVisible = true
-	form.initialVisibility = 'private'
+	form.editPolicy = 'users'
+	form.exposurePolicy = 'private'
 	form.sortOrder = definitions.value.length
 	form.active = true
 	form.options = createEditableSelectOptions([], createOptionId)
 }
 
+const closeEditor = () => {
+	isCreatingNew.value = false
+	resetForm()
+}
+
 const startCreatingField = () => {
 	isCreatingNew.value = true
 	resetForm()
 }
 
+const openDefinition = (definition: FieldDefinition) => {
+	populateForm(definition)
+}
+
+const handleDefinitionClick = (definition: FieldDefinition) => {
+	if (isSaving.value) {
+		return
+	}
+
+	openDefinition(definition)
+}
+
+const updateEditorDialogOpen = (open: boolean) => {
+	if (!open && isCompactLayout.value) {
+		closeEditor()
+	}
+}
+
+const updateCompactLayout = (matches: boolean) => {
+	isCompactLayout.value = matches
+}
+
+const handleCompactLayoutChange = (event: MediaQueryListEvent) => {
+	updateCompactLayout(event.matches)
+}
+
+const buildDefinitionUpdatePayload = (definition: FieldDefinition, sortOrder: number) => ({
+	label: definition.label,
+	type: definition.type,
+	editPolicy: definition.edit_policy,
+	exposurePolicy: definition.exposure_policy,
+	sortOrder,
+	active: definition.active,
+	...(definition.type === 'select' ? { options: definition.options ?? [] } : {}),
+})
+
+const replaceDefinitionInState = (definition: FieldDefinition) => {
+	const existingIndex = definitions.value.findIndex((candidate: FieldDefinition) => candidate.id === definition.id)
+	if (existingIndex === -1) {
+		definitions.value = [...definitions.value, definition]
+		return
+	}
+
+	definitions.value = definitions.value.map((candidate: FieldDefinition) => candidate.id === definition.id ? definition : candidate)
+}
+
+const removeDefinitionFromState = (definitionId: number) => {
+	definitions.value = definitions.value.filter((definition: FieldDefinition) => definition.id !== definitionId)
+}
+
 const populateForm = (definition: FieldDefinition) => {
 	isCreatingNew.value = false
 	selectedId.value = definition.id
 	form.fieldKey = definition.field_key
 	form.label = definition.label
 	form.type = definition.type
-	form.adminOnly = definition.admin_only
-	form.userEditable = definition.user_editable
-	form.userVisible = definition.user_visible
-	form.initialVisibility = definition.initial_visibility
+	form.editPolicy = definition.edit_policy
+	form.exposurePolicy = definition.exposure_policy
 	form.sortOrder = definition.sort_order
 	form.active = definition.active
 	form.options = definition.type === 'select'
@@ -551,16 +732,13 @@ const persistDefinition = async() => {
 
 	isSaving.value = true
 	errorMessage.value = ''
-	successMessage.value = ''
 
 	const payload = {
 		fieldKey: form.fieldKey,
 		label: form.label,
 		type: form.type,
-		adminOnly: form.adminOnly,
-		userEditable: form.userEditable,
-		userVisible: form.userVisible,
-		initialVisibility: form.initialVisibility,
+		editPolicy: form.editPolicy,
+		exposurePolicy: form.exposurePolicy,
 		sortOrder: Number(form.sortOrder),
 		active: form.active,
 		...(form.type === 'select'
@@ -571,23 +749,29 @@ const persistDefinition = async() => {
 	try {
 		if (selectedDefinition.value === null) {
 			const created = await createDefinition(payload)
+			replaceDefinitionInState(created)
 			selectedId.value = created.id
-			successMessage.value = 'Field definition created.'
+			populateForm(created)
+			markJustSaved(created.id)
+			setSuccessMessage('Field definition created.')
 		} else {
-			await updateDefinition(selectedDefinition.value.id, {
+			const updated = await updateDefinition(selectedDefinition.value.id, {
 				label: payload.label,
 				type: payload.type,
-				adminOnly: payload.adminOnly,
-				userEditable: payload.userEditable,
-				userVisible: payload.userVisible,
-				initialVisibility: payload.initialVisibility,
+				editPolicy: payload.editPolicy,
+				exposurePolicy: payload.exposurePolicy,
 				sortOrder: payload.sortOrder,
 				active: payload.active,
 				...(payload.type === 'select' ? { options: payload.options } : {}),
 			})
-			successMessage.value = 'Field definition updated.'
+			replaceDefinitionInState(updated)
+			populateForm(updated)
+			markJustSaved(updated.id)
+			setSuccessMessage('Field definition updated.')
+		}
+		if (isCompactLayout.value) {
+			closeEditor()
 		}
-		await loadDefinitions()
 	} catch (error: any) {
 		errorMessage.value = error?.response?.data?.ocs?.data?.message ?? error?.message ?? 'Failed to save field definition.'
 	} finally {
@@ -602,13 +786,12 @@ const removeDefinition = async() => {
 
 	isSaving.value = true
 	errorMessage.value = ''
-	successMessage.value = ''
 	try {
 		await deleteDefinition(selectedDefinition.value.id)
-		successMessage.value = 'Field definition deleted.'
+		removeDefinitionFromState(selectedDefinition.value.id)
 		isCreatingNew.value = false
 		resetForm()
-		await loadDefinitions()
+		setSuccessMessage('Field definition deleted.')
 	} catch (error: any) {
 		errorMessage.value = error?.response?.data?.ocs?.data?.message ?? error?.message ?? 'Failed to delete field definition.'
 	} finally {
@@ -616,48 +799,49 @@ const removeDefinition = async() => {
 	}
 }
 
-const moveDefinition = async(direction: -1 | 1) => {
-	if (selectedDefinition.value === null) {
+const reorderDefinitions = async(event: { moved?: { oldIndex: number, newIndex: number } }) => {
+	if (event.moved === undefined || event.moved.oldIndex === event.moved.newIndex) {
 		return
 	}
 
-	const updates = buildFieldOrderUpdates(definitions.value, selectedDefinition.value.id, direction)
+	const reordered = [...sortedDefinitions.value]
+	const [movedDefinition] = reordered.splice(event.moved.oldIndex, 1)
+	if (movedDefinition === undefined) {
+		return
+	}
+	reordered.splice(event.moved.newIndex, 0, movedDefinition)
+
+	const updates = reordered
+		.map((definition, index) => ({ definition, sortOrder: index }))
+		.filter(({ definition, sortOrder }) => definition.sort_order !== sortOrder)
+
 	if (updates.length === 0) {
 		return
 	}
 
 	isSaving.value = true
 	errorMessage.value = ''
-	successMessage.value = ''
+	const previousDefinitions = definitions.value
 
 	try {
-		const current = selectedDefinition.value
-		await Promise.all(updates.map(({ id, sortOrder }) => {
-			const definition = definitions.value.find((candidate: FieldDefinition) => candidate.id === id)
-			if (definition === undefined) {
-				return Promise.resolve(null)
-			}
-
-			return updateDefinition(id, {
-				label: definition.label,
-				type: definition.type,
-				adminOnly: definition.admin_only,
-				userEditable: definition.user_editable,
-				userVisible: definition.user_visible,
-				initialVisibility: definition.initial_visibility,
-				sortOrder,
-				active: definition.active,
-				...(definition.type === 'select' ? { options: definition.options ?? [] } : {}),
-			})
+		definitions.value = reordered.map((definition, index) => ({
+			...definition,
+			sort_order: index,
 		}))
+		const persistedDefinitions = await Promise.all(updates.map(({ definition, sortOrder }) => updateDefinition(
+			definition.id,
+			buildDefinitionUpdatePayload(definition, sortOrder),
+		)))
+		persistedDefinitions.forEach((definition) => replaceDefinitionInState(definition))
 
-		const nextSortOrder = updates.find((update) => update.id === current.id)?.sortOrder
-		if (nextSortOrder !== undefined) {
-			form.sortOrder = nextSortOrder
+		if (selectedDefinition.value !== null) {
+			const currentDefinition = reordered.find((definition) => definition.id === selectedDefinition.value?.id)
+			if (currentDefinition !== undefined) {
+				form.sortOrder = currentDefinition.sort_order
+			}
 		}
-		successMessage.value = 'Field order updated.'
-		await loadDefinitions()
 	} catch (error: any) {
+		definitions.value = previousDefinitions
 		errorMessage.value = error?.response?.data?.ocs?.data?.message ?? error?.message ?? 'Failed to reorder field definitions.'
 	} finally {
 		isSaving.value = false
@@ -766,6 +950,43 @@ const removeOption = (index: number) => {
 	form.options.splice(index, 1)
 }
 
+const toggleDefinitionActive = async(definition: FieldDefinition) => {
+	isSaving.value = true
+	errorMessage.value = ''
+	try {
+		const updated = await updateDefinition(definition.id, {
+			...buildDefinitionUpdatePayload(definition, definition.sort_order),
+			active: !definition.active,
+		})
+		replaceDefinitionInState(updated)
+		markJustSaved(updated.id)
+		if (selectedDefinition.value?.id === definition.id) {
+			populateForm(updated)
+		}
+	} catch (error: any) {
+		errorMessage.value = error?.response?.data?.ocs?.data?.message ?? error?.message ?? 'Failed to update field definition.'
+	} finally {
+		isSaving.value = false
+	}
+}
+
+const removeDefinitionByItem = async(definition: FieldDefinition) => {
+	isSaving.value = true
+	errorMessage.value = ''
+	try {
+		await deleteDefinition(definition.id)
+		removeDefinitionFromState(definition.id)
+		if (selectedDefinition.value?.id === definition.id) {
+			isCreatingNew.value = false
+			resetForm()
+		}
+	} catch (error: any) {
+		errorMessage.value = error?.response?.data?.ocs?.data?.message ?? error?.message ?? 'Failed to delete field definition.'
+	} finally {
+		isSaving.value = false
+	}
+}
+
 watch(() => form.type, (newType: FieldType) => {
 	if (newType === 'select') {
 		if (form.options.length === 0) {
@@ -779,29 +1000,27 @@ watch(() => form.type, (newType: FieldType) => {
 	}
 })
 
-watch(() => form.userVisible, (userVisible: boolean) => {
-	if (!userVisible) {
-		form.userEditable = false
-	}
+onMounted(() => {
+	loadDefinitions()
+	compactLayoutMediaQuery = window.matchMedia('(max-width: 1024px)')
+	updateCompactLayout(compactLayoutMediaQuery.matches)
+	compactLayoutMediaQuery.addEventListener('change', handleCompactLayoutChange)
 })
 
-watch(() => form.adminOnly, (adminOnly: boolean) => {
-	if (adminOnly) {
-		form.userEditable = false
+onBeforeUnmount(() => {
+	compactLayoutMediaQuery?.removeEventListener('change', handleCompactLayoutChange)
+	if (justSavedTimeout !== null) {
+		clearTimeout(justSavedTimeout)
 	}
-})
-
-watch(() => form.userEditable, (userEditable: boolean) => {
-	if (userEditable) {
-		form.adminOnly = false
+	if (successMessageTimeout !== null) {
+		clearTimeout(successMessageTimeout)
 	}
 })
-
-onMounted(loadDefinitions)
 </script>
 
 <style scoped lang="scss">
 .profile-fields-admin {
+	position: relative;
 	display: grid;
 	gap: 18px;
 	color: var(--color-main-text);
@@ -810,45 +1029,48 @@ onMounted(loadDefinitions)
 		display: flex;
 		justify-content: space-between;
 		gap: 24px;
-		padding: 24px;
+		padding: 20px 22px;
 		border-radius: 20px;
 		background:
-			radial-gradient(circle at top right, color-mix(in srgb, var(--color-primary-element) 20%, transparent), transparent 34%),
-			linear-gradient(135deg, color-mix(in srgb, var(--color-background-darker) 72%, var(--color-main-background) 28%), color-mix(in srgb, var(--color-main-background) 90%, var(--color-primary-element) 10%));
+			radial-gradient(circle at top right, color-mix(in srgb, var(--color-primary-element) 14%, transparent), transparent 34%),
+			linear-gradient(135deg, color-mix(in srgb, var(--color-background-darker) 76%, var(--color-main-background) 24%), color-mix(in srgb, var(--color-main-background) 94%, var(--color-primary-element) 6%));
 		border: 1px solid color-mix(in srgb, var(--color-primary-element) 24%, var(--color-border-default) 76%);
-		box-shadow: 0 18px 48px rgba(15, 23, 42, 0.14);
+		box-shadow: 0 12px 32px rgba(15, 23, 42, 0.1);
 
 		> div:first-child {
-			padding-inline-start: clamp(28px, 4vw, 44px);
+			padding-inline-start: clamp(18px, 2.4vw, 28px);
 		}
 
 		h2 {
 			margin: 0 0 8px;
-			font-size: 28px;
+			font-size: 24px;
 		}
 
 		p {
 			margin: 0;
-			max-width: 62ch;
+			max-width: 58ch;
+			font-size: 14px;
 			color: color-mix(in srgb, var(--color-main-text) 82%, transparent);
 		}
 	}
 
 	&__hero-meta {
-		display: grid;
-		align-content: center;
-		justify-items: end;
-		min-width: 140px;
-		padding: 14px 16px;
-		border-radius: 16px;
-		background: color-mix(in srgb, var(--color-main-background) 86%, transparent);
+		display: flex;
+		flex-direction: column;
+		align-items: flex-end;
+		justify-content: center;
+		min-width: 120px;
+		padding: 12px 14px;
+		border-radius: 14px;
+		background: color-mix(in srgb, var(--color-main-background) 90%, transparent);
 
 		strong {
-			font-size: 40px;
+			font-size: 32px;
 			line-height: 1;
 		}
 
 		span {
+			font-size: 12px;
 			color: var(--color-text-maxcontrast);
 		}
 	}
@@ -859,6 +1081,11 @@ onMounted(loadDefinitions)
 		gap: 20px;
 	}
 
+	&__field-helper {
+		margin: 8px 0 0;
+		color: var(--color-text-maxcontrast);
+	}
+
 	&__list-panel,
 	&__editor {
 		min-width: 0;
@@ -869,6 +1096,26 @@ onMounted(loadDefinitions)
 		box-shadow: 0 12px 32px rgba(15, 23, 42, 0.08);
 	}
 
+	&__editor {
+		display: grid;
+		justify-content: center;
+
+		> * {
+			width: min(100%, 980px);
+		}
+
+		&--dialog {
+			padding: 6px 0 12px;
+			border: 0;
+			background: transparent;
+			box-shadow: none;
+
+			> * {
+				width: 100%;
+			}
+		}
+	}
+
 	&__panel-header {
 		display: flex;
 		justify-content: space-between;
@@ -898,9 +1145,25 @@ onMounted(loadDefinitions)
 	&__editor-actions {
 		display: flex;
 		gap: 8px;
+		align-items: center;
 		flex: 0 0 auto;
 	}
 
+	&__header-switch {
+		padding: 6px 10px;
+		border-radius: 999px;
+		border: 1px solid color-mix(in srgb, var(--color-border-default) 84%, transparent);
+		background: color-mix(in srgb, var(--color-main-background) 98%, var(--color-background-hover) 2%);
+
+		:deep(.checkbox-content__description) {
+			display: none;
+		}
+
+		:deep(.checkbox-content__text) {
+			font-weight: 600;
+		}
+	}
+
 	&__list-type-tag {
 		align-self: start;
 		padding: 4px 8px;
@@ -919,66 +1182,103 @@ onMounted(loadDefinitions)
 		gap: 10px;
 	}
 
-	&__list-item {
-		width: 100%;
-		padding: 14px;
-		border-radius: 16px;
-		border: 1px solid var(--color-border-default);
-		background: color-mix(in srgb, var(--color-main-background) 92%, var(--color-background-hover) 8%);
-		display: flex;
-		justify-content: space-between;
-		gap: 12px;
-		text-align: left;
-		cursor: pointer;
-		transition: border-color 120ms ease, transform 120ms ease, background 120ms ease;
+	&__list-row {
+		display: block;
+
+		&.is-disabled {
+			opacity: 0.72;
+		}
+
+		&--ghost {
+			:deep(.list-item) {
+				opacity: 0.5;
+			}
+		}
 
-		&:hover {
-			transform: translateY(-1px);
-			border-color: color-mix(in srgb, var(--color-primary-element) 28%, var(--color-border-default) 72%);
+		&--chosen {
+			:deep(.list-item) {
+				box-shadow: 0 8px 18px color-mix(in srgb, var(--color-box-shadow) 55%, transparent);
+			}
 		}
+	}
+
+	&__list-item {
+		min-width: 0;
 
 		&.is-selected {
-			border-color: var(--color-primary-element);
-			box-shadow: 0 0 0 2px color-mix(in srgb, var(--color-primary-element) 20%, transparent);
+			:deep(.list-item) {
+				box-shadow: 0 0 0 2px color-mix(in srgb, var(--color-primary-element) 20%, transparent);
+			}
 		}
 
-		strong,
-		span {
-			display: block;
+		&.is-just-saved {
+			:deep(.list-item) {
+				box-shadow: 0 0 0 2px color-mix(in srgb, var(--color-success) 22%, transparent);
+				transition: box-shadow 0.3s ease;
+			}
 		}
 
-		span {
+		:deep(.list-item) {
+			min-height: 72px;
+			transition: box-shadow 0.2s ease, background-color 0.2s ease;
+		}
+
+		:deep(.list-item-content__main) {
+			min-width: 0;
+		}
+
+		:deep(.list-item-content__name),
+		:deep(.list-item-content__subname) {
+			overflow: hidden;
+			text-overflow: ellipsis;
+			white-space: nowrap;
+		}
+
+		:deep(.list-item-content__subname) {
 			font-size: 12px;
 			color: var(--color-text-maxcontrast);
 		}
 	}
 
-	&__list-item-meta {
-		display: grid;
-		justify-items: end;
-		align-content: start;
-		gap: 6px;
+	&__definition-status {
+		flex: 0 0 auto;
+	}
 
-		span:first-child {
-			padding: 4px 8px;
-			border-radius: 999px;
-			background: color-mix(in srgb, var(--color-primary-element) 12%, transparent);
-			color: var(--color-main-text);
-			text-transform: capitalize;
-		}
+	&__definition-actions {
+		flex: 0 0 auto;
 	}
 
-	.is-active {
-		color: #0b7a38 !important;
+	&__definition-handle {
+		cursor: grab;
+		user-select: none;
+		opacity: 0.72;
+
+		&:active {
+			cursor: grabbing;
+		}
+
+		&:hover,
+		&:focus-visible {
+			opacity: 1;
+		}
 	}
 
-	.is-inactive {
-		color: #9b3d16 !important;
+	&__list-item-subname {
+		display: block;
+		min-width: 0;
+		overflow: hidden;
+		text-overflow: ellipsis;
+		white-space: nowrap;
 	}
 
 	&__form {
 		display: grid;
 		gap: 16px;
+		justify-items: stretch;
+
+		> * {
+			width: 100%;
+		}
 	}
 
 	&__form-section {
@@ -995,16 +1295,34 @@ onMounted(loadDefinitions)
 			margin: 0;
 			font-size: 16px;
 		}
+	}
 
-		p {
-			margin: 6px 0 0;
-			color: var(--color-text-maxcontrast);
-		}
+	&__section-heading--split {
+		display: flex;
+		justify-content: space-between;
+		align-items: flex-start;
+		gap: 16px;
 	}
 
-	&__section-hint {
-		font-size: 12px;
-		line-height: 1.4;
+	&__options-meta {
+		display: inline-flex;
+		align-items: center;
+		gap: 8px;
+		min-width: auto;
+		padding: 6px 10px;
+		border-radius: 999px;
+		background: color-mix(in srgb, var(--color-main-background) 88%, var(--color-background-hover) 12%);
+		border: 1px solid color-mix(in srgb, var(--color-border-default) 86%, transparent);
+
+		strong {
+			font-size: 14px;
+			line-height: 1;
+		}
+
+		span {
+			font-size: 12px;
+			color: var(--color-text-maxcontrast);
+		}
 	}
 
 	&__bulk-options-content {
@@ -1042,19 +1360,21 @@ onMounted(loadDefinitions)
 
 	&__grid {
 		display: grid;
-		grid-template-columns: repeat(auto-fit, minmax(min(100%, 220px), 1fr));
+		grid-template-columns: repeat(auto-fit, minmax(min(100%, 320px), 420px));
 		gap: 14px;
 		align-items: start;
+		justify-content: start;
 
 		&--identity {
-			grid-template-columns: repeat(auto-fit, minmax(min(100%, 260px), 1fr));
+			grid-template-columns: repeat(auto-fit, minmax(min(100%, 320px), 420px));
 		}
-	}
 
-	&__toggles {
-		display: grid;
-		grid-template-columns: repeat(auto-fit, minmax(min(100%, 260px), 1fr));
-		gap: 10px 16px;
+		&--rules {
+			grid-template-columns: repeat(2, minmax(min(100%, 280px), 420px));
+			max-width: 980px;
+			column-gap: 18px;
+			row-gap: 18px;
+		}
 	}
 
 	&__toggle-card {
@@ -1084,6 +1404,8 @@ onMounted(loadDefinitions)
 			color: var(--color-text-maxcontrast);
 			font-size: 12px;
 			line-height: 1.4;
+			display: block;
+			min-block-size: calc(1.4em * 3);
 		}
 	}
 
@@ -1092,6 +1414,7 @@ onMounted(loadDefinitions)
 		gap: 10px;
 		justify-content: flex-end;
 		padding-top: 4px;
+		width: 100%;
 	}
 
 	&__option-toolbar {
@@ -1162,13 +1485,45 @@ onMounted(loadDefinitions)
 
 	&__empty-editor {
 		display: grid;
-		justify-items: start;
-		gap: 18px;
-		padding: 28px 8px;
+		place-items: center;
+		min-height: 320px;
+		padding: 24px 8px;
+	}
+
+	&__empty-editor-card {
+		display: grid;
+		justify-items: center;
+		gap: 12px;
+		max-width: 440px;
+		text-align: center;
 
-		:deep(.empty-content) {
+		h3 {
 			margin: 0;
+			font-size: 18px;
 		}
+
+		p {
+			margin: 0;
+			color: var(--color-text-maxcontrast);
+		}
+	}
+
+	&__empty-editor-actions {
+		display: flex;
+		justify-content: center;
+		padding-top: 4px;
+	}
+
+	&__success-announcement {
+		position: absolute;
+		width: 1px;
+		height: 1px;
+		padding: 0;
+		margin: -1px;
+		overflow: hidden;
+		clip: rect(0, 0, 0, 0);
+		white-space: nowrap;
+		border: 0;
 	}
 
 	&__loading {
@@ -1176,6 +1531,18 @@ onMounted(loadDefinitions)
 		justify-content: center;
 		padding: 40px 0;
 	}
+
+	:deep(.profile-fields-admin__editor-dialog) {
+		width: min(100vw - 20px, 880px);
+		max-width: 100%;
+		padding-top: 8px;
+		padding-bottom: 8px;
+	}
+
+	:deep(.profile-fields-admin__editor-dialog ~ .modal-container__buttons),
+	:deep(.profile-fields-admin__editor-dialog + .modal-container__buttons) {
+		padding-top: 8px;
+	}
 }
 
 @media (max-width: 1360px) {
@@ -1191,12 +1558,21 @@ onMounted(loadDefinitions)
 
 		&__panel-header {
 			align-items: flex-start;
+			flex-direction: column;
 		}
 
 		&__editor-actions {
 			flex-wrap: wrap;
 			justify-content: flex-start;
 		}
+
+		&__section-heading--split {
+			flex-direction: column;
+		}
+
+		&__options-meta {
+			justify-items: start;
+		}
 	}
 }
 
@@ -1212,7 +1588,7 @@ onMounted(loadDefinitions)
 	.profile-fields-admin {
 		&__layout,
 		&__grid--identity,
-		&__toggles {
+		&__grid--rules {
 			grid-template-columns: 1fr;
 		}
 
@@ -1240,10 +1616,10 @@ onMounted(loadDefinitions)
 @media (max-width: 720px) {
 	.profile-fields-admin {
 		&__hero {
-			padding: 20px;
+			padding: 18px;
 
 			> div:first-child {
-				padding-inline-start: 36px;
+				padding-inline-start: 28px;
 			}
 		}
 	}
diff --git a/src/views/PersonalSettings.vue b/src/views/PersonalSettings.vue
index b63568c..8a9262b 100644
--- a/src/views/PersonalSettings.vue
+++ b/src/views/PersonalSettings.vue
@@ -198,6 +198,7 @@ import { mdiLockOutline, mdiInformationOutline } from '@mdi/js'
 import { computed, inject, onBeforeUnmount, onMounted, reactive, ref } from 'vue'
 import { NcButton, NcEmptyContent, NcIconSvgWrapper, NcInputField, NcLoadingIcon, NcNoteCard, NcPopover, NcSelect } from '@nextcloud/vue'
 import { listEditableFields, upsertOwnValue } from '../api'
+import { definitionDefaultVisibility } from '../types'
 import type { EditableField, FieldType, FieldVisibility } from '../types'
 import { visibilityOptions } from '../utils/visibilityOptions.js'
 
@@ -258,7 +259,7 @@ const placeholderForField = (field: EditableField) => {
 const normaliseEditableField = (field: EditableField) => {
 	const existingValue = field.value?.value
 	draftValues[field.definition.id] = existingValue?.value?.toString() ?? ''
-	draftVisibilities[field.definition.id] = field.value?.current_visibility ?? field.definition.initial_visibility
+	draftVisibilities[field.definition.id] = field.value?.current_visibility ?? definitionDefaultVisibility(field.definition)
 	delete fieldErrors[field.definition.id]
 }
 
@@ -371,7 +372,7 @@ const hasFieldChanges = (field: EditableField) => {
 		return false
 	}
 
-	const visibilityChanged = draftVisibilities[field.definition.id] !== (field.value?.current_visibility ?? field.definition.initial_visibility)
+	const visibilityChanged = draftVisibilities[field.definition.id] !== (field.value?.current_visibility ?? definitionDefaultVisibility(field.definition))
 	return visibilityChanged || currentDraftValue(field) !== currentStoredValue(field)
 }
 
diff --git a/tests/integration/features/api/profile_fields.feature b/tests/integration/features/api/profile_fields.feature
index f2cbd3f..c116817 100644
--- a/tests/integration/features/api/profile_fields.feature
+++ b/tests/integration/features/api/profile_fields.feature
@@ -18,10 +18,8 @@ Feature: profile fields API
       | fieldKey          | employee_code |
       | label             | Employee code |
       | type              | text          |
-      | adminOnly         | false         |
-      | userEditable      | true          |
-      | userVisible       | true          |
-      | initialVisibility | users         |
+      | editPolicy        | users         |
+      | exposurePolicy    | users         |
       | sortOrder         | 10            |
       | active            | true          |
     Then the response should have a status code 201
@@ -29,16 +27,14 @@ Feature: profile fields API
       | key                              | value         |
       | (jq).ocs.data.field_key          | employee_code |
       | (jq).ocs.data.label              | Employee code |
-      | (jq).ocs.data.user_editable      | true          |
-      | (jq).ocs.data.initial_visibility | users         |
+      | (jq).ocs.data.edit_policy        | users         |
+      | (jq).ocs.data.exposure_policy    | users         |
     And fetch field "(FIELD_DEFINITION_ID)(jq).ocs.data.id" from previous JSON response
     When sending "put" to ocs "/apps/profile_fields/api/v1/definitions/<FIELD_DEFINITION_ID>"
       | label             | Employee ID |
       | type              | text        |
-      | adminOnly         | true        |
-      | userEditable      | false       |
-      | userVisible       | true        |
-      | initialVisibility | private     |
+      | editPolicy        | admins      |
+      | exposurePolicy    | private     |
       | sortOrder         | 30          |
       | active            | true        |
     Then the response should have a status code 200
@@ -46,9 +42,8 @@ Feature: profile fields API
       | key                              | value                 |
       | (jq).ocs.data.id                 | <FIELD_DEFINITION_ID> |
       | (jq).ocs.data.label              | Employee ID           |
-      | (jq).ocs.data.admin_only         | true                  |
-      | (jq).ocs.data.user_editable      | false                 |
-      | (jq).ocs.data.initial_visibility | private               |
+      | (jq).ocs.data.edit_policy        | admins                |
+      | (jq).ocs.data.exposure_policy    | private               |
     When sending "get" to ocs "/apps/profile_fields/api/v1/definitions"
     Then the response should have a status code 200
     And the response should be a JSON array with the following mandatory values
@@ -56,9 +51,8 @@ Feature: profile fields API
       | (jq).ocs.data[0].id                 | <FIELD_DEFINITION_ID> |
       | (jq).ocs.data[0].field_key          | employee_code         |
       | (jq).ocs.data[0].label              | Employee ID           |
-      | (jq).ocs.data[0].admin_only         | true                  |
-      | (jq).ocs.data[0].user_editable      | false                 |
-      | (jq).ocs.data[0].initial_visibility | private               |
+      | (jq).ocs.data[0].edit_policy        | admins                |
+      | (jq).ocs.data[0].exposure_policy    | private               |
     When sending "delete" to ocs "/apps/profile_fields/api/v1/definitions/<FIELD_DEFINITION_ID>"
     Then the response should have a status code 200
     And the response should be a JSON array with the following mandatory values
@@ -77,10 +71,8 @@ Feature: profile fields API
       | fieldKey          | nickname |
       | label             | Nickname |
       | type              | text     |
-      | adminOnly         | false    |
-      | userEditable      | true     |
-      | userVisible       | true     |
-      | initialVisibility | users    |
+      | editPolicy        | users    |
+      | exposurePolicy    | users    |
       | sortOrder         | 10       |
       | active            | true     |
     Then the response should have a status code 201
@@ -89,10 +81,8 @@ Feature: profile fields API
       | fieldKey          | employee_id |
       | label             | Employee ID |
       | type              | text        |
-      | adminOnly         | true        |
-      | userEditable      | false       |
-      | userVisible       | true        |
-      | initialVisibility | users       |
+      | editPolicy        | admins      |
+      | exposurePolicy    | users       |
       | sortOrder         | 20          |
       | active            | true        |
     Then the response should have a status code 201
@@ -157,10 +147,8 @@ Feature: profile fields API
       | fieldKey          | cpf |
       | label             | CPF |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 10 |
       | active            | true |
     Then the response should have a status code 201
@@ -169,10 +157,8 @@ Feature: profile fields API
       | fieldKey          | health_plan_type |
       | label             | Health plan type |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 20 |
       | active            | true |
     Then the response should have a status code 201
@@ -181,10 +167,8 @@ Feature: profile fields API
       | fieldKey          | health_plan_installment |
       | label             | Health plan installment |
       | type              | number |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 30 |
       | active            | true |
     Then the response should have a status code 201
@@ -193,10 +177,8 @@ Feature: profile fields API
       | fieldKey          | social_capital_recurring |
       | label             | Social capital recurring |
       | type              | number |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 40 |
       | active            | true |
     Then the response should have a status code 201
@@ -205,10 +187,8 @@ Feature: profile fields API
       | fieldKey          | corporate_mobile_plan |
       | label             | Corporate mobile plan |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 50 |
       | active            | true |
     Then the response should have a status code 201
@@ -254,10 +234,8 @@ Feature: profile fields API
       | fieldKey          | cpf |
       | label             | CPF |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 10 |
       | active            | true |
     Then the response should have a status code 201
@@ -286,10 +264,8 @@ Feature: profile fields API
       | fieldKey          | region |
       | label             | Region |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 10 |
       | active            | true |
     Then the response should have a status code 201
@@ -326,10 +302,8 @@ Feature: profile fields API
       | fieldKey          | region |
       | label             | Region |
       | type              | text |
-      | adminOnly         | false |
-      | userEditable      | false |
-      | userVisible       | true |
-      | initialVisibility | private |
+      | editPolicy        | admins |
+      | exposurePolicy    | private |
       | sortOrder         | 10 |
       | active            | true |
     Then the response should have a status code 201
diff --git a/tests/integration/features/api/profile_fields_unified_search.feature b/tests/integration/features/api/profile_fields_unified_search.feature
index a6c7e62..2f44df0 100644
--- a/tests/integration/features/api/profile_fields_unified_search.feature
+++ b/tests/integration/features/api/profile_fields_unified_search.feature
@@ -13,10 +13,8 @@ Feature: profile fields unified search
       | fieldKey          | unified_region_admin |
       | label             | Unified Region Admin |
       | type              | text                 |
-      | adminOnly         | false                |
-      | userEditable      | false                |
-      | userVisible       | true                 |
-      | initialVisibility | private              |
+      | editPolicy        | admins               |
+      | exposurePolicy    | private              |
       | sortOrder         | 10                   |
       | active            | true                 |
     Then the response should have a status code 201
@@ -58,10 +56,8 @@ Feature: profile fields unified search
       | fieldKey          | unified_region_visibility |
       | label             | Unified Region Visibility |
       | type              | text                      |
-      | adminOnly         | false                     |
-      | userEditable      | false                     |
-      | userVisible       | true                      |
-      | initialVisibility | private                   |
+      | editPolicy        | admins                    |
+      | exposurePolicy    | private                   |
       | sortOrder         | 10                        |
       | active            | true                      |
     Then the response should have a status code 201
@@ -97,10 +93,8 @@ Feature: profile fields unified search
       | fieldKey          | unified_region_hidden     |
       | label             | Unified Region Hidden     |
       | type              | text                      |
-      | adminOnly         | false                     |
-      | userEditable      | false                     |
-      | userVisible       | false                     |
-      | initialVisibility | public                    |
+      | editPolicy        | admins                    |
+      | exposurePolicy    | hidden                    |
       | sortOrder         | 10                        |
       | active            | true                      |
     Then the response should have a status code 201
@@ -113,10 +107,8 @@ Feature: profile fields unified search
       | fieldKey          | unified_region_private    |
       | label             | Unified Region Private    |
       | type              | text                      |
-      | adminOnly         | false                     |
-      | userEditable      | false                     |
-      | userVisible       | true                      |
-      | initialVisibility | private                   |
+      | editPolicy        | admins                    |
+      | exposurePolicy    | private                   |
       | sortOrder         | 20                        |
       | active            | true                      |
     Then the response should have a status code 201
diff --git a/tests/integration/features/workflow/profile_fields_workflow.feature b/tests/integration/features/workflow/profile_fields_workflow.feature
index 0445c7a..a11859a 100644
--- a/tests/integration/features/workflow/profile_fields_workflow.feature
+++ b/tests/integration/features/workflow/profile_fields_workflow.feature
@@ -11,10 +11,8 @@ Feature: profile field workflows
       | fieldKey          | workflow_notify_department |
       | label             | Workflow Notify Department |
       | type              | text                       |
-      | adminOnly         | false                      |
-      | userEditable      | true                       |
-      | userVisible       | true                       |
-      | initialVisibility | users                      |
+      | editPolicy        | users                      |
+      | exposurePolicy    | users                      |
       | sortOrder         | 10                         |
       | active            | true                       |
     Then the response should have a status code 201
@@ -22,10 +20,8 @@ Feature: profile field workflows
     When sending "put" to ocs "/apps/profile_fields/api/v1/definitions/<WORKFLOW_NOTIFY_FIELD_ID>"
       | label             | Workflow Notify Department <WORKFLOW_NOTIFY_FIELD_ID> |
       | type              | text                                                  |
-      | adminOnly         | false                                                 |
-      | userEditable      | true                                                  |
-      | userVisible       | true                                                  |
-      | initialVisibility | users                                                 |
+      | editPolicy        | users                                                 |
+      | exposurePolicy    | users                                                 |
       | sortOrder         | 10                                                    |
       | active            | true                                                  |
     Then the response should have a status code 200
@@ -72,10 +68,8 @@ Feature: profile field workflows
       | fieldKey          | workflow_log_department |
       | label             | Workflow Log Department |
       | type              | text                    |
-      | adminOnly         | false                   |
-      | userEditable      | true                    |
-      | userVisible       | true                    |
-      | initialVisibility | users                   |
+      | editPolicy        | users                   |
+      | exposurePolicy    | users                   |
       | sortOrder         | 20                      |
       | active            | true                    |
     Then the response should have a status code 201
@@ -135,10 +129,8 @@ Feature: profile field workflows
       | fieldKey          | workflow_webhook_department |
       | label             | Workflow Webhook Department |
       | type              | text                        |
-      | adminOnly         | false                       |
-      | userEditable      | true                        |
-      | userVisible       | true                        |
-      | initialVisibility | users                       |
+      | editPolicy        | users                       |
+      | exposurePolicy    | users                       |
       | sortOrder         | 30                          |
       | active            | true                        |
     Then the response should have a status code 201
@@ -222,10 +214,8 @@ Feature: profile field workflows
       | fieldKey          | workflow_email_department |
       | label             | Workflow Email Department |
       | type              | text                      |
-      | adminOnly         | false                     |
-      | userEditable      | true                      |
-      | userVisible       | true                      |
-      | initialVisibility | users                     |
+      | editPolicy        | users                     |
+      | exposurePolicy    | users                     |
       | sortOrder         | 40                        |
       | active            | true                      |
     Then the response should have a status code 201
@@ -269,10 +259,8 @@ Feature: profile field workflows
       | fieldKey          | workflow_talk_department |
       | label             | Workflow Talk Department |
       | type              | text                     |
-      | adminOnly         | false                    |
-      | userEditable      | true                     |
-      | userVisible       | true                     |
-      | initialVisibility | users                    |
+      | editPolicy        | users                    |
+      | exposurePolicy    | users                    |
       | sortOrder         | 50                       |
       | active            | true                     |
     Then the response should have a status code 201
@@ -280,10 +268,8 @@ Feature: profile field workflows
     When sending "put" to ocs "/apps/profile_fields/api/v1/definitions/<WORKFLOW_TALK_FIELD_ID>"
       | label             | Workflow Talk Department <WORKFLOW_TALK_FIELD_ID> |
       | type              | text                                               |
-      | adminOnly         | false                                              |
-      | userEditable      | true                                               |
-      | userVisible       | true                                               |
-      | initialVisibility | users                                              |
+      | editPolicy        | users                                              |
+      | exposurePolicy    | users                                              |
       | sortOrder         | 50                                                 |
       | active            | true                                               |
     Then the response should have a status code 200
diff --git a/tests/php/Api/ApiTestCase.php b/tests/php/Api/ApiTestCase.php
index 64d79b5..fb3e33e 100644
--- a/tests/php/Api/ApiTestCase.php
+++ b/tests/php/Api/ApiTestCase.php
@@ -16,6 +16,8 @@
 use OCA\ProfileFields\Db\FieldDefinitionMapper;
 use OCA\ProfileFields\Db\FieldValue;
 use OCA\ProfileFields\Db\FieldValueMapper;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Migration\Version1000Date20260309120000;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCA\ProfileFields\Service\FieldValueService;
@@ -179,10 +181,12 @@ protected function createDefinition(
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType($type);
-		$definition->setAdminOnly($adminOnly);
-		$definition->setUserEditable($userEditable);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility($initialVisibility);
+		$definition->setEditPolicy(($adminOnly || !$userEditable) ? FieldEditPolicy::ADMINS->value : FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(match ($initialVisibility) {
+			'public' => FieldExposurePolicy::PUBLIC->value,
+			'users' => FieldExposurePolicy::USERS->value,
+			default => FieldExposurePolicy::PRIVATE->value,
+		});
 		$definition->setSortOrder($sortOrder);
 		$definition->setActive($active);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/ControllerIntegration/Command/Data/ImportTest.php b/tests/php/ControllerIntegration/Command/Data/ImportTest.php
index b99df45..b72a190 100644
--- a/tests/php/ControllerIntegration/Command/Data/ImportTest.php
+++ b/tests/php/ControllerIntegration/Command/Data/ImportTest.php
@@ -89,10 +89,8 @@ public function testExecuteImportsValidPayloadIntoDatabase(): void {
 				'field_key' => $fieldKey,
 				'label' => 'Region',
 				'type' => 'text',
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => 'users',
+				'edit_policy' => 'users',
+				'exposure_policy' => 'users',
 				'sort_order' => 10,
 				'active' => true,
 				'created_at' => '2026-03-16T10:00:00+00:00',
@@ -136,10 +134,8 @@ public function testExecuteDryRunDoesNotPersistValidatedPayload(): void {
 				'field_key' => $fieldKey,
 				'label' => 'Alias',
 				'type' => 'text',
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => 'private',
+				'edit_policy' => 'users',
+				'exposure_policy' => 'private',
 				'sort_order' => 20,
 				'active' => true,
 			]],
@@ -172,10 +168,8 @@ public function testExecuteFailsValidationWithoutPersistingData(): void {
 				'field_key' => $fieldKey,
 				'label' => 'Specialty',
 				'type' => 'text',
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => 'users',
+				'edit_policy' => 'users',
+				'exposure_policy' => 'users',
 				'sort_order' => 30,
 				'active' => true,
 			]],
diff --git a/tests/php/ControllerIntegration/Controller/FieldDefinitionApiControllerTest.php b/tests/php/ControllerIntegration/Controller/FieldDefinitionApiControllerTest.php
index bcfd15b..4ee3763 100644
--- a/tests/php/ControllerIntegration/Controller/FieldDefinitionApiControllerTest.php
+++ b/tests/php/ControllerIntegration/Controller/FieldDefinitionApiControllerTest.php
@@ -12,8 +12,9 @@
 use OCA\ProfileFields\AppInfo\Application;
 use OCA\ProfileFields\Controller\FieldDefinitionApiController;
 use OCA\ProfileFields\Db\FieldDefinitionMapper;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
-use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Migration\Version1000Date20260309120000;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCP\AppFramework\App;
@@ -81,12 +82,10 @@ public function testDefinitionCrudFlow(): void {
 			$fieldKey,
 			'Performance score',
 			FieldType::NUMBER->value,
-			false,
-			false,
-			true,
-			FieldVisibility::USERS->value,
+			FieldEditPolicy::USERS->value,
+			FieldExposurePolicy::PRIVATE->value,
 			5,
-			true,
+			false,
 		);
 
 		$this->assertSame(Http::STATUS_CREATED, $createResponse->getStatus());
@@ -105,10 +104,8 @@ public function testDefinitionCrudFlow(): void {
 			$createResponse->getData()['id'],
 			'Performance score updated',
 			FieldType::NUMBER->value,
-			true,
-			false,
-			true,
-			FieldVisibility::PUBLIC->value,
+			FieldEditPolicy::ADMINS->value,
+			FieldExposurePolicy::PUBLIC->value,
 			6,
 			true,
 		);
diff --git a/tests/php/ControllerIntegration/Controller/FieldValueAdminApiControllerTest.php b/tests/php/ControllerIntegration/Controller/FieldValueAdminApiControllerTest.php
index 8a5d027..3e5fd38 100644
--- a/tests/php/ControllerIntegration/Controller/FieldValueAdminApiControllerTest.php
+++ b/tests/php/ControllerIntegration/Controller/FieldValueAdminApiControllerTest.php
@@ -125,10 +125,8 @@ public function testAdminCanLookupUserByCpfAndRetrieveCooperativeFields(): void
 			'field_key' => 'cpf_lookup_integration',
 			'label' => 'CPF',
 			'type' => FieldType::TEXT->value,
-			'admin_only' => false,
-			'user_editable' => false,
-			'user_visible' => true,
-			'initial_visibility' => FieldVisibility::PRIVATE->value,
+			'edit_policy' => 'admins',
+			'exposure_policy' => 'private',
 			'sort_order' => 0,
 			'active' => true,
 		]);
@@ -137,10 +135,8 @@ public function testAdminCanLookupUserByCpfAndRetrieveCooperativeFields(): void
 			'field_key' => 'health_plan_type_lookup_integration',
 			'label' => 'Health plan type',
 			'type' => FieldType::TEXT->value,
-			'admin_only' => false,
-			'user_editable' => false,
-			'user_visible' => true,
-			'initial_visibility' => FieldVisibility::PRIVATE->value,
+			'edit_policy' => 'admins',
+			'exposure_policy' => 'private',
 			'sort_order' => 1,
 			'active' => true,
 		]);
@@ -175,10 +171,8 @@ public function testAdminCanSearchUsersByFieldWithPagination(): void {
 			'field_key' => 'region_search_integration',
 			'label' => 'Region',
 			'type' => FieldType::TEXT->value,
-			'admin_only' => false,
-			'user_editable' => false,
-			'user_visible' => true,
-			'initial_visibility' => FieldVisibility::PRIVATE->value,
+			'edit_policy' => 'admins',
+			'exposure_policy' => 'private',
 			'sort_order' => 0,
 			'active' => true,
 		]);
@@ -229,10 +223,12 @@ private function createDefinition(
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType($type);
-		$definition->setAdminOnly($adminOnly);
-		$definition->setUserEditable($userEditable);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility($initialVisibility);
+		$definition->setEditPolicy(($adminOnly || !$userEditable) ? \OCA\ProfileFields\Enum\FieldEditPolicy::ADMINS->value : \OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(match ($initialVisibility) {
+			'public' => \OCA\ProfileFields\Enum\FieldExposurePolicy::PUBLIC->value,
+			'users' => \OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value,
+			default => \OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value,
+		});
 		$definition->setSortOrder($sortOrder);
 		$definition->setActive($active);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/ControllerIntegration/Controller/FieldValueApiControllerTest.php b/tests/php/ControllerIntegration/Controller/FieldValueApiControllerTest.php
index 72aee3e..05ab59b 100644
--- a/tests/php/ControllerIntegration/Controller/FieldValueApiControllerTest.php
+++ b/tests/php/ControllerIntegration/Controller/FieldValueApiControllerTest.php
@@ -15,6 +15,8 @@
 use OCA\ProfileFields\Db\FieldDefinitionMapper;
 use OCA\ProfileFields\Db\FieldValue;
 use OCA\ProfileFields\Db\FieldValueMapper;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
 use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Migration\Version1000Date20260309120000;
@@ -143,10 +145,12 @@ private function createDefinition(
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType($type);
-		$definition->setAdminOnly($adminOnly);
-		$definition->setUserEditable($userEditable);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility($initialVisibility);
+		$definition->setEditPolicy(($adminOnly || !$userEditable) ? FieldEditPolicy::ADMINS->value : FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(match ($initialVisibility) {
+			'public' => FieldExposurePolicy::PUBLIC->value,
+			'users' => FieldExposurePolicy::USERS->value,
+			default => FieldExposurePolicy::PRIVATE->value,
+		});
 		$definition->setSortOrder($sortOrder);
 		$definition->setActive($active);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/ControllerIntegration/Service/OrphanedFieldValueCleanupServiceTest.php b/tests/php/ControllerIntegration/Service/OrphanedFieldValueCleanupServiceTest.php
index 5d7bd4c..0eae94c 100644
--- a/tests/php/ControllerIntegration/Service/OrphanedFieldValueCleanupServiceTest.php
+++ b/tests/php/ControllerIntegration/Service/OrphanedFieldValueCleanupServiceTest.php
@@ -144,10 +144,8 @@ private function createDefinition(string $fieldKey, string $label): FieldDefinit
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/ControllerIntegration/Workflow/LogProfileFieldChangeOperationTest.php b/tests/php/ControllerIntegration/Workflow/LogProfileFieldChangeOperationTest.php
index 0d2e919..7de9c11 100644
--- a/tests/php/ControllerIntegration/Workflow/LogProfileFieldChangeOperationTest.php
+++ b/tests/php/ControllerIntegration/Workflow/LogProfileFieldChangeOperationTest.php
@@ -247,10 +247,8 @@ private function createDefinition(string $fieldKey): FieldDefinition {
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::USERS->value);
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/ControllerIntegration/Workflow/UserProfileFieldCheckIntegrationTest.php b/tests/php/ControllerIntegration/Workflow/UserProfileFieldCheckIntegrationTest.php
index 171762f..320b899 100644
--- a/tests/php/ControllerIntegration/Workflow/UserProfileFieldCheckIntegrationTest.php
+++ b/tests/php/ControllerIntegration/Workflow/UserProfileFieldCheckIntegrationTest.php
@@ -249,10 +249,8 @@ private function createWorkflowRuleForDepartment(string $fieldKey, string $expec
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::USERS->value);
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Command/Data/ExportTest.php b/tests/php/Unit/Command/Data/ExportTest.php
index 0df1f3f..b8c67bc 100644
--- a/tests/php/Unit/Command/Data/ExportTest.php
+++ b/tests/php/Unit/Command/Data/ExportTest.php
@@ -37,10 +37,8 @@ public function testExecuteExportsDefinitionsAndValuesAsJson(): void {
 		$definition->setFieldKey('cost_center');
 		$definition->setLabel('Cost center');
 		$definition->setType('text');
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(3);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime('2026-03-01T12:00:00+00:00'));
diff --git a/tests/php/Unit/Controller/FieldDefinitionApiControllerTest.php b/tests/php/Unit/Controller/FieldDefinitionApiControllerTest.php
index d16b4f1..4ffe647 100644
--- a/tests/php/Unit/Controller/FieldDefinitionApiControllerTest.php
+++ b/tests/php/Unit/Controller/FieldDefinitionApiControllerTest.php
@@ -12,8 +12,9 @@
 use InvalidArgumentException;
 use OCA\ProfileFields\Controller\FieldDefinitionApiController;
 use OCA\ProfileFields\Db\FieldDefinition;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
-use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
@@ -54,10 +55,8 @@ public function testCreateReturnsCreatedDefinition(): void {
 				'field_key' => 'cpf',
 				'label' => 'CPF',
 				'type' => FieldType::TEXT->value,
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => FieldVisibility::USERS->value,
+				'edit_policy' => FieldEditPolicy::USERS->value,
+				'exposure_policy' => FieldExposurePolicy::USERS->value,
 				'sort_order' => 2,
 				'active' => true,
 			])
@@ -67,10 +66,8 @@ public function testCreateReturnsCreatedDefinition(): void {
 			'cpf',
 			'CPF',
 			FieldType::TEXT->value,
-			false,
-			true,
-			true,
-			FieldVisibility::USERS->value,
+			FieldEditPolicy::USERS->value,
+			FieldExposurePolicy::USERS->value,
 			2,
 			true,
 		);
@@ -87,10 +84,8 @@ public function testCreateSelectFieldForwardsOptions(): void {
 				'field_key' => 'contract_type',
 				'label' => 'Contract Type',
 				'type' => FieldType::SELECT->value,
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => FieldVisibility::PRIVATE->value,
+				'edit_policy' => FieldEditPolicy::USERS->value,
+				'exposure_policy' => FieldExposurePolicy::PRIVATE->value,
 				'sort_order' => 0,
 				'active' => true,
 				'options' => ['CLT', 'PJ', 'Cooperado'],
@@ -101,10 +96,8 @@ public function testCreateSelectFieldForwardsOptions(): void {
 			'contract_type',
 			'Contract Type',
 			FieldType::SELECT->value,
-			false,
-			true,
-			true,
-			FieldVisibility::PRIVATE->value,
+			FieldEditPolicy::USERS->value,
+			FieldExposurePolicy::PRIVATE->value,
 			0,
 			true,
 			['CLT', 'PJ', 'Cooperado'],
@@ -122,10 +115,8 @@ public function testCreateReturnsBadRequestOnValidationFailure(): void {
 			'cpf',
 			'CPF',
 			FieldType::TEXT->value,
-			false,
-			false,
-			true,
-			FieldVisibility::PRIVATE->value,
+			FieldEditPolicy::ADMINS->value,
+			FieldExposurePolicy::PRIVATE->value,
 			0,
 			true,
 		);
@@ -148,10 +139,8 @@ public function testUpdateSelectFieldForwardsOptions(): void {
 			->with($existing, [
 				'label' => 'Contract Type',
 				'type' => FieldType::SELECT->value,
-				'admin_only' => false,
-				'user_editable' => true,
-				'user_visible' => true,
-				'initial_visibility' => FieldVisibility::PRIVATE->value,
+				'edit_policy' => FieldEditPolicy::USERS->value,
+				'exposure_policy' => FieldExposurePolicy::PRIVATE->value,
 				'sort_order' => 0,
 				'active' => true,
 				'options' => ['CLT', 'PJ'],
@@ -162,10 +151,8 @@ public function testUpdateSelectFieldForwardsOptions(): void {
 			6,
 			'Contract Type',
 			FieldType::SELECT->value,
-			false,
-			true,
-			true,
-			FieldVisibility::PRIVATE->value,
+			FieldEditPolicy::USERS->value,
+			FieldExposurePolicy::PRIVATE->value,
 			0,
 			true,
 			['CLT', 'PJ'],
@@ -184,10 +171,8 @@ public function testUpdateReturnsNotFoundWhenDefinitionDoesNotExist(): void {
 			99,
 			'CPF',
 			FieldType::TEXT->value,
-			false,
-			false,
-			true,
-			FieldVisibility::PRIVATE->value,
+			FieldEditPolicy::ADMINS->value,
+			FieldExposurePolicy::PRIVATE->value,
 			0,
 			true,
 		);
@@ -215,10 +200,8 @@ private function buildDefinition(int $id, string $fieldKey): FieldDefinition {
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel(strtoupper($fieldKey));
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$definition->setEditPolicy(FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Controller/FieldValueAdminApiControllerTest.php b/tests/php/Unit/Controller/FieldValueAdminApiControllerTest.php
index 433de50..fbd401a 100644
--- a/tests/php/Unit/Controller/FieldValueAdminApiControllerTest.php
+++ b/tests/php/Unit/Controller/FieldValueAdminApiControllerTest.php
@@ -157,10 +157,8 @@ public function testLookupReturnsFieldSnapshotsForMatchedUser(): void {
 		$otherDefinition->setFieldKey('health_plan_type');
 		$otherDefinition->setLabel('Health plan type');
 		$otherDefinition->setType(FieldType::TEXT->value);
-		$otherDefinition->setAdminOnly(false);
-		$otherDefinition->setUserEditable(false);
-		$otherDefinition->setUserVisible(true);
-		$otherDefinition->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$otherDefinition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::ADMINS->value);
+		$otherDefinition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$otherDefinition->setSortOrder(1);
 		$otherDefinition->setActive(true);
 		$otherDefinition->setCreatedAt(new \DateTime());
@@ -306,10 +304,8 @@ private function buildDefinition(): FieldDefinition {
 		$definition->setFieldKey('cpf');
 		$definition->setLabel('CPF');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(false);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::ADMINS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Controller/FieldValueApiControllerTest.php b/tests/php/Unit/Controller/FieldValueApiControllerTest.php
index 8b155e9..f0395d9 100644
--- a/tests/php/Unit/Controller/FieldValueApiControllerTest.php
+++ b/tests/php/Unit/Controller/FieldValueApiControllerTest.php
@@ -131,10 +131,8 @@ public static function forbiddenUpsertProvider(): array {
 		$inactive->setFieldKey('grade');
 		$inactive->setLabel('Grade');
 		$inactive->setType(FieldType::TEXT->value);
-		$inactive->setAdminOnly(false);
-		$inactive->setUserEditable(true);
-		$inactive->setUserVisible(true);
-		$inactive->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$inactive->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$inactive->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$inactive->setSortOrder(0);
 		$inactive->setActive(false);
 		$inactive->setCreatedAt(new \DateTime());
@@ -258,10 +256,8 @@ public static function updateVisibilityRejectionProvider(): array {
 		$inactive->setFieldKey('grade');
 		$inactive->setLabel('Grade');
 		$inactive->setType(FieldType::TEXT->value);
-		$inactive->setAdminOnly(false);
-		$inactive->setUserEditable(true);
-		$inactive->setUserVisible(true);
-		$inactive->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$inactive->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$inactive->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$inactive->setSortOrder(0);
 		$inactive->setActive(false);
 		$inactive->setCreatedAt(new \DateTime());
@@ -271,8 +267,8 @@ public static function updateVisibilityRejectionProvider(): array {
 		$forbidden->setActive(true);
 		$editableButVisibilityForbidden = clone $inactive;
 		$editableButVisibilityForbidden->setActive(true);
-		$editableButVisibilityForbidden->setUserEditable(true);
-		$editableButVisibilityForbidden->setUserVisible(true);
+		$editableButVisibilityForbidden->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$editableButVisibilityForbidden->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 
 		return [
 			'missing definition' => [null, null, null, Http::STATUS_NOT_FOUND, 'Field definition not found'],
@@ -367,10 +363,8 @@ private function buildDefinition(int $id, bool $userEditable, bool $adminOnly, b
 		$definition->setFieldKey('grade_' . $id);
 		$definition->setLabel('Grade ' . $id);
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly($adminOnly);
-		$definition->setUserEditable($userEditable);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility(FieldVisibility::PRIVATE->value);
+		$definition->setEditPolicy(($adminOnly || !$userEditable) ? \OCA\ProfileFields\Enum\FieldEditPolicy::ADMINS->value : \OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		$definition->setSortOrder(0);
 		$definition->setActive($active);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Search/ProfileFieldDirectorySearchServiceTest.php b/tests/php/Unit/Search/ProfileFieldDirectorySearchServiceTest.php
index 667f43a..222ee8d 100644
--- a/tests/php/Unit/Search/ProfileFieldDirectorySearchServiceTest.php
+++ b/tests/php/Unit/Search/ProfileFieldDirectorySearchServiceTest.php
@@ -170,10 +170,8 @@ private function buildDefinition(int $id, string $fieldKey, string $label, bool
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType('text');
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible($userVisible);
-		$definition->setInitialVisibility('private');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy($userVisible ? \OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value : \OCA\ProfileFields\Enum\FieldExposurePolicy::HIDDEN->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new DateTime());
diff --git a/tests/php/Unit/Service/DataImportServiceTest.php b/tests/php/Unit/Service/DataImportServiceTest.php
index 97bb7aa..0907a3f 100644
--- a/tests/php/Unit/Service/DataImportServiceTest.php
+++ b/tests/php/Unit/Service/DataImportServiceTest.php
@@ -183,10 +183,8 @@ private function buildNormalizedPayload(): array {
 					'field_key' => 'region',
 					'label' => 'Region',
 					'type' => 'text',
-					'admin_only' => false,
-					'user_editable' => false,
-					'user_visible' => true,
-					'initial_visibility' => 'users',
+					'edit_policy' => 'admins',
+					'exposure_policy' => 'users',
 					'sort_order' => 0,
 					'active' => true,
 					'created_at' => '2026-03-10T08:00:00+00:00',
@@ -196,10 +194,8 @@ private function buildNormalizedPayload(): array {
 					'field_key' => 'cost_center',
 					'label' => 'Cost center',
 					'type' => 'text',
-					'admin_only' => false,
-					'user_editable' => false,
-					'user_visible' => true,
-					'initial_visibility' => 'users',
+					'edit_policy' => 'admins',
+					'exposure_policy' => 'users',
 					'sort_order' => 2,
 					'active' => true,
 					'created_at' => '2026-03-01T12:00:00+00:00',
@@ -233,10 +229,8 @@ private function buildDefinition(int $id, string $fieldKey, string $label, int $
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel($label);
 		$definition->setType('text');
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(false);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::ADMINS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder($sortOrder);
 		$definition->setActive($active);
 		$definition->setCreatedAt(new \DateTime('2026-03-01T12:00:00+00:00'));
diff --git a/tests/php/Unit/Service/FieldAccessServiceTest.php b/tests/php/Unit/Service/FieldAccessServiceTest.php
index c5540d1..a8f0501 100644
--- a/tests/php/Unit/Service/FieldAccessServiceTest.php
+++ b/tests/php/Unit/Service/FieldAccessServiceTest.php
@@ -10,6 +10,8 @@
 namespace OCA\ProfileFields\Tests\Unit\Service;
 
 use OCA\ProfileFields\Db\FieldDefinition;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
 use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Service\FieldAccessService;
@@ -62,10 +64,8 @@ public function testOnlyOwnerOrAdminCanChangeVisibility(): void {
 	private function buildDefinition(bool $adminOnly, bool $userEditable): FieldDefinition {
 		$definition = new FieldDefinition();
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setInitialVisibility(FieldVisibility::PRIVATE->value);
-		$definition->setAdminOnly($adminOnly);
-		$definition->setUserEditable($userEditable);
-		$definition->setUserVisible(true);
+		$definition->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
+		$definition->setEditPolicy(($adminOnly || !$userEditable) ? FieldEditPolicy::ADMINS->value : FieldEditPolicy::USERS->value);
 		return $definition;
 	}
 }
diff --git a/tests/php/Unit/Service/FieldDefinitionServiceTest.php b/tests/php/Unit/Service/FieldDefinitionServiceTest.php
index bda1058..0bc0211 100644
--- a/tests/php/Unit/Service/FieldDefinitionServiceTest.php
+++ b/tests/php/Unit/Service/FieldDefinitionServiceTest.php
@@ -13,6 +13,8 @@
 use OCA\ProfileFields\Db\FieldDefinition;
 use OCA\ProfileFields\Db\FieldDefinitionMapper;
 use OCA\ProfileFields\Db\FieldValueMapper;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCA\ProfileFields\Service\FieldDefinitionValidator;
@@ -63,8 +65,8 @@ public function testCreatePersistsValidatedDefinition(): void {
 				$this->assertSame('performance_score', $definition->getFieldKey());
 				$this->assertSame('Performance score', $definition->getLabel());
 				$this->assertSame(FieldType::NUMBER->value, $definition->getType());
-				$this->assertSame('users', $definition->getInitialVisibility());
-				$this->assertFalse($definition->getUserEditable());
+				$this->assertSame(FieldExposurePolicy::USERS->value, $definition->getExposurePolicy());
+				$this->assertSame(FieldEditPolicy::ADMINS->value, $definition->getEditPolicy());
 				$this->assertInstanceOf(\DateTimeInterface::class, $definition->getCreatedAt());
 				$this->assertInstanceOf(\DateTimeInterface::class, $definition->getUpdatedAt());
 				return true;
@@ -75,8 +77,8 @@ public function testCreatePersistsValidatedDefinition(): void {
 			'field_key' => 'performance_score',
 			'label' => 'Performance score',
 			'type' => FieldType::NUMBER->value,
-			'initial_visibility' => 'users',
-			'user_editable' => false,
+			'exposure_policy' => FieldExposurePolicy::USERS->value,
+			'edit_policy' => FieldEditPolicy::ADMINS->value,
 		]);
 
 		$this->assertSame('performance_score', $created->getFieldKey());
@@ -115,7 +117,7 @@ public function testUpdateRejectsFieldKeyRename(): void {
 		$existing->setFieldKey('cpf');
 		$existing->setLabel('CPF');
 		$existing->setType(FieldType::TEXT->value);
-		$existing->setInitialVisibility('private');
+		$existing->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
 
 		$this->expectException(InvalidArgumentException::class);
 		$this->expectExceptionMessage('field_key cannot be changed');
@@ -133,7 +135,7 @@ public function testUpdateRejectsTypeChangeWhenValuesExist(): void {
 		$existing->setFieldKey('cpf');
 		$existing->setLabel('CPF');
 		$existing->setType(FieldType::TEXT->value);
-		$existing->setInitialVisibility('private');
+		$existing->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
 
 		$this->fieldValueMapper
 			->method('hasValuesForFieldDefinitionId')
@@ -178,10 +180,8 @@ public function testJsonSerializeSelectIncludesOptions(): void {
 		$definition->setFieldKey('contract_type');
 		$definition->setLabel('Contract Type');
 		$definition->setType(FieldType::SELECT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('private');
+		$definition->setEditPolicy(FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setOptions('["CLT","PJ"]');
@@ -199,10 +199,8 @@ public function testJsonSerializeTextHasNullOptions(): void {
 		$definition->setFieldKey('cpf');
 		$definition->setLabel('CPF');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(false);
-		$definition->setUserVisible(false);
-		$definition->setInitialVisibility('private');
+		$definition->setEditPolicy(FieldEditPolicy::ADMINS->value);
+		$definition->setExposurePolicy(FieldExposurePolicy::HIDDEN->value);
 		$definition->setSortOrder(0);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime('2026-01-01T00:00:00+00:00'));
@@ -219,10 +217,8 @@ public function testUpdatePreservesImportedUpdatedAt(): void {
 		$existing->setFieldKey('cpf');
 		$existing->setLabel('CPF');
 		$existing->setType(FieldType::TEXT->value);
-		$existing->setAdminOnly(false);
-		$existing->setUserEditable(false);
-		$existing->setUserVisible(true);
-		$existing->setInitialVisibility('private');
+		$existing->setEditPolicy(FieldEditPolicy::ADMINS->value);
+		$existing->setExposurePolicy(FieldExposurePolicy::PRIVATE->value);
 		$existing->setSortOrder(0);
 		$existing->setActive(true);
 		$existing->setCreatedAt(new \DateTime('2026-03-01T00:00:00+00:00'));
diff --git a/tests/php/Unit/Service/FieldDefinitionValidatorTest.php b/tests/php/Unit/Service/FieldDefinitionValidatorTest.php
index fdb5aa8..f8cc9f9 100644
--- a/tests/php/Unit/Service/FieldDefinitionValidatorTest.php
+++ b/tests/php/Unit/Service/FieldDefinitionValidatorTest.php
@@ -10,8 +10,9 @@
 namespace OCA\ProfileFields\Tests\Unit\Service;
 
 use InvalidArgumentException;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
-use OCA\ProfileFields\Enum\FieldVisibility;
 use OCA\ProfileFields\Service\FieldDefinitionValidator;
 use PHPUnit\Framework\TestCase;
 
@@ -28,12 +29,12 @@ public function testValidateTextFieldDefinition(): void {
 			'field_key' => 'cpf',
 			'label' => 'CPF',
 			'type' => FieldType::TEXT->value,
-			'user_editable' => false,
+			'edit_policy' => FieldEditPolicy::ADMINS->value,
 		]);
 
 		$this->assertSame('cpf', $validated['field_key']);
 		$this->assertSame(FieldType::TEXT->value, $validated['type']);
-		$this->assertSame(FieldVisibility::PRIVATE->value, $validated['initial_visibility']);
+		$this->assertSame(FieldExposurePolicy::PRIVATE->value, $validated['exposure_policy']);
 		$this->assertTrue($validated['active']);
 	}
 
@@ -105,28 +106,27 @@ public function testNonSelectTypesDoNotRequireOptions(): void {
 		$this->assertNull($validated['options']);
 	}
 
-	public function testRejectAdminOnlyAndUserEditableCombination(): void {
+	public function testRejectInvalidEditPolicy(): void {
 		$this->expectException(InvalidArgumentException::class);
-		$this->expectExceptionMessage('admin_only and user_editable cannot both be enabled');
+		$this->expectExceptionMessage('edit_policy is not supported');
 
 		$this->validator->validate([
 			'field_key' => 'rg',
 			'label' => 'RG',
 			'type' => FieldType::TEXT->value,
-			'admin_only' => true,
-			'user_editable' => true,
+			'edit_policy' => 'mixed',
 		]);
 	}
 
-	public function testRejectInvalidInitialVisibility(): void {
+	public function testRejectInvalidExposurePolicy(): void {
 		$this->expectException(InvalidArgumentException::class);
-		$this->expectExceptionMessage('initial_visibility is not supported');
+		$this->expectExceptionMessage('exposure_policy is not supported');
 
 		$this->validator->validate([
 			'field_key' => 'department',
 			'label' => 'Department',
 			'type' => FieldType::TEXT->value,
-			'initial_visibility' => 'team',
+			'exposure_policy' => 'team',
 		]);
 	}
 }
diff --git a/tests/php/Unit/Service/FieldValueServiceTest.php b/tests/php/Unit/Service/FieldValueServiceTest.php
index 7ecd14e..28e436d 100644
--- a/tests/php/Unit/Service/FieldValueServiceTest.php
+++ b/tests/php/Unit/Service/FieldValueServiceTest.php
@@ -52,7 +52,7 @@ public function testUpsertPersistsSerializedValue(): void {
 		$definition = $this->buildDefinition(FieldType::NUMBER->value);
 		$definition->setId(3);
 		$definition->setFieldKey('score');
-		$definition->setInitialVisibility('users');
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 
 		$this->fieldValueMapper
 			->method('findByFieldDefinitionIdAndUserUid')
@@ -93,7 +93,7 @@ public function testUpsertPreservesImportedUpdatedAt(): void {
 		$definition = $this->buildDefinition(FieldType::TEXT->value);
 		$definition->setId(3);
 		$definition->setFieldKey('department');
-		$definition->setInitialVisibility('users');
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 
 		$this->fieldValueMapper
 			->method('findByFieldDefinitionIdAndUserUid')
@@ -128,7 +128,7 @@ public function testUpsertDispatchesUpdatedEventWhenExistingValueChanges(): void
 		$definition = $this->buildDefinition(FieldType::TEXT->value);
 		$definition->setId(3);
 		$definition->setFieldKey('department');
-		$definition->setInitialVisibility('users');
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 
 		$existing = new FieldValue();
 		$existing->setId(10);
@@ -392,7 +392,7 @@ public function testNormalizeSelectValueRejectsFloat(): void {
 	private function buildDefinition(string $type): FieldDefinition {
 		$definition = new FieldDefinition();
 		$definition->setType($type);
-		$definition->setInitialVisibility('private');
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::PRIVATE->value);
 		return $definition;
 	}
 
diff --git a/tests/php/Unit/Service/ImportPayloadValidatorTest.php b/tests/php/Unit/Service/ImportPayloadValidatorTest.php
index ba8c675..be6a662 100644
--- a/tests/php/Unit/Service/ImportPayloadValidatorTest.php
+++ b/tests/php/Unit/Service/ImportPayloadValidatorTest.php
@@ -11,6 +11,8 @@
 
 use InvalidArgumentException;
 use OCA\ProfileFields\Db\FieldDefinition;
+use OCA\ProfileFields\Enum\FieldEditPolicy;
+use OCA\ProfileFields\Enum\FieldExposurePolicy;
 use OCA\ProfileFields\Enum\FieldType;
 use OCA\ProfileFields\Service\FieldDefinitionService;
 use OCA\ProfileFields\Service\FieldDefinitionValidator;
@@ -52,10 +54,8 @@ public function testValidateAcceptsVersionedPayload(): void {
 				'field_key' => 'cost_center',
 				'label' => 'Cost center',
 				'type' => FieldType::TEXT->value,
-				'admin_only' => false,
-				'user_editable' => false,
-				'user_visible' => true,
-				'initial_visibility' => 'users',
+				'edit_policy' => FieldEditPolicy::ADMINS->value,
+				'exposure_policy' => FieldExposurePolicy::USERS->value,
 				'sort_order' => 1,
 				'active' => true,
 				'created_at' => '2026-03-10T08:00:00+00:00',
@@ -127,10 +127,8 @@ public function testRejectIncompatibleExistingDefinition(): void {
 		$existingDefinition->setFieldKey('cost_center');
 		$existingDefinition->setLabel('Cost center');
 		$existingDefinition->setType(FieldType::NUMBER->value);
-		$existingDefinition->setAdminOnly(false);
-		$existingDefinition->setUserEditable(false);
-		$existingDefinition->setUserVisible(true);
-		$existingDefinition->setInitialVisibility('users');
+		$existingDefinition->setEditPolicy(FieldEditPolicy::ADMINS->value);
+		$existingDefinition->setExposurePolicy(FieldExposurePolicy::USERS->value);
 
 		$this->fieldDefinitionService->expects($this->once())
 			->method('findByFieldKey')
diff --git a/tests/php/Unit/Workflow/CreateTalkConversationProfileFieldChangeOperationTest.php b/tests/php/Unit/Workflow/CreateTalkConversationProfileFieldChangeOperationTest.php
index e46ea21..c4a3d13 100644
--- a/tests/php/Unit/Workflow/CreateTalkConversationProfileFieldChangeOperationTest.php
+++ b/tests/php/Unit/Workflow/CreateTalkConversationProfileFieldChangeOperationTest.php
@@ -126,10 +126,8 @@ private function createFieldDefinition(): FieldDefinition {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Workflow/EmailUserProfileFieldChangeOperationTest.php b/tests/php/Unit/Workflow/EmailUserProfileFieldChangeOperationTest.php
index 3087a6f..101b703 100644
--- a/tests/php/Unit/Workflow/EmailUserProfileFieldChangeOperationTest.php
+++ b/tests/php/Unit/Workflow/EmailUserProfileFieldChangeOperationTest.php
@@ -68,10 +68,8 @@ public function testOnEventSendsMailToAffectedUser(): void {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
@@ -128,10 +126,8 @@ public function testOnEventSkipsMailWhenAffectedUserHasNoEmail(): void {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Workflow/LogProfileFieldChangeOperationTest.php b/tests/php/Unit/Workflow/LogProfileFieldChangeOperationTest.php
index ec2eef3..a8d3efe 100644
--- a/tests/php/Unit/Workflow/LogProfileFieldChangeOperationTest.php
+++ b/tests/php/Unit/Workflow/LogProfileFieldChangeOperationTest.php
@@ -51,10 +51,8 @@ public function testOnEventLogsEveryMatchingRule(): void {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Workflow/NotifyAdminsOrGroupsProfileFieldChangeOperationTest.php b/tests/php/Unit/Workflow/NotifyAdminsOrGroupsProfileFieldChangeOperationTest.php
index 2da9243..7e44fc3 100644
--- a/tests/php/Unit/Workflow/NotifyAdminsOrGroupsProfileFieldChangeOperationTest.php
+++ b/tests/php/Unit/Workflow/NotifyAdminsOrGroupsProfileFieldChangeOperationTest.php
@@ -138,10 +138,8 @@ private function createFieldDefinition(): FieldDefinition {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Workflow/SendWebhookProfileFieldChangeOperationTest.php b/tests/php/Unit/Workflow/SendWebhookProfileFieldChangeOperationTest.php
index 774b9da..f4321dd 100644
--- a/tests/php/Unit/Workflow/SendWebhookProfileFieldChangeOperationTest.php
+++ b/tests/php/Unit/Workflow/SendWebhookProfileFieldChangeOperationTest.php
@@ -75,10 +75,8 @@ public function testOnEventPostsStructuredWebhookPayload(): void {
 		$definition->setFieldKey('department');
 		$definition->setLabel('Department');
 		$definition->setType(FieldType::TEXT->value);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime());
diff --git a/tests/php/Unit/Workflow/UserProfileFieldCheckTest.php b/tests/php/Unit/Workflow/UserProfileFieldCheckTest.php
index 8d98370..b366491 100644
--- a/tests/php/Unit/Workflow/UserProfileFieldCheckTest.php
+++ b/tests/php/Unit/Workflow/UserProfileFieldCheckTest.php
@@ -247,10 +247,8 @@ private function buildDefinition(int $id, string $fieldKey, string $type): Field
 		$definition->setFieldKey($fieldKey);
 		$definition->setLabel(ucfirst($fieldKey));
 		$definition->setType($type);
-		$definition->setAdminOnly(false);
-		$definition->setUserEditable(true);
-		$definition->setUserVisible(true);
-		$definition->setInitialVisibility('users');
+		$definition->setEditPolicy(\OCA\ProfileFields\Enum\FieldEditPolicy::USERS->value);
+		$definition->setExposurePolicy(\OCA\ProfileFields\Enum\FieldExposurePolicy::USERS->value);
 		$definition->setSortOrder(1);
 		$definition->setActive(true);
 		$definition->setCreatedAt(new \DateTime('2026-03-10T10:00:00+00:00'));