Documentation for admins:
Documentation for users:
When using SmartUpload, all security and permission settings from your Salesforce Org also apply to any files you want to upload.
This means the following:
You will log in using your own Salesforce credentials, which remains safe in Salesforce. Smartupload only knows your Salesforce login-name, not your password.
Any operations towards the Salesforce Org will be done using your user permissions. This means: that for import / update / upsert operations, object-level and field-level security applies.
As an Administrator, you can limit within SmartUpload which operations your end-users can perform. When you create new mappings, you define per mapping which users have access to it. This way you can easily further restrict what kind of bulk-operations your users can perform.