Despite turning all permissions off, users are able to access other user's information, including booking appointments on other user's calendars and blocking off their times when calendar permission is enabled. Furthermore, user has access to dialer pad at the top right which can result in misuse and abuse, depending on user's role. There are other bugs as well such as UI bugs.

I've attached screenshots. Please fix these privacy bugs at your earliest convenience.