The users of your Beacon account will come in 3 different varieties:
Admins have unrestricted access in your account; they can do anything within Beacon. Most importantly this includes:
Managing team members - Inviting new users, changing user types, deactivating users.
Customising fields and cards - Includes creating, editing, renaming, moving, etc.
Adding new record types - Creating entirely new sections to store different categories of information.
Setting roles and permissions for other users (if enabled) - Assigning roles and setting specific feature, field, or record type permissions.
Changing charity/account preferences - Account name, timezone, currencies, etc.
Only your most senior technical users should be Beacon admins. Remember, with great power comes great responsibility!
Most of your users will be 'Regular' users!
These users will have access to see and edit the information you're storing in your database, but won't have the ability to change the underlying structure of records like an admin user would.
If someone just needs access to see information, but not to edit it, you can add them as a read-only user. Read-only users are free, and are a great way to give visibility to trustees, board members, and other stakeholders that won't need to add or change information you're storing.
We have a dedicated article that covers read-only users in much more detail.