diff --git a/app/main/forms.py b/app/main/forms.py
index d88fdba51..9200521cd 100644
--- a/app/main/forms.py
+++ b/app/main/forms.py
@@ -257,6 +257,13 @@ class RegisterUserFromOrgInviteForm(StripWhitespaceForm):
 
 
 class PermissionsForm(StripWhitespaceForm):
+
+    def process(self, *args, **kwargs):
+        super().process(*args, **kwargs)
+        # view_activity is a default role to be added to all users.
+        self.view_activity.data = True
+
+    view_activity = HiddenField("View activity")
     send_messages = BooleanField("Send messages from existing templates")
     manage_templates = BooleanField("Add and edit templates")
     manage_service = BooleanField("Modify this service and its team")
diff --git a/app/main/views/manage_users.py b/app/main/views/manage_users.py
index 23d555371..5f4b8640a 100644
--- a/app/main/views/manage_users.py
+++ b/app/main/views/manage_users.py
@@ -147,9 +147,4 @@ def cancel_invited_user(service_id, invited_user_id):
 
 
 def get_permissions_from_form(form):
-    # view_activity is a default role to be added to all users.
-    # All users will have at minimum view_activity to allow users to see notifications,
-    # templates, team members but no update privileges
-    selected_roles = {role for role in roles.keys() if form[role].data is True}
-    selected_roles.add('view_activity')
-    return selected_roles
+    return {role for role in roles.keys() if form[role].data is True}
diff --git a/app/notify_client/models.py b/app/notify_client/models.py
index b2af41eb8..54eadc9b7 100644
--- a/app/notify_client/models.py
+++ b/app/notify_client/models.py
@@ -7,22 +7,15 @@ roles = {
     'send_messages': ['send_texts', 'send_emails', 'send_letters'],
     'manage_templates': ['manage_templates'],
     'manage_service': ['manage_users', 'manage_settings'],
-    'manage_api_keys': ['manage_api_keys']
+    'manage_api_keys': ['manage_api_keys'],
+    'view_activity': ['view_activity'],
 }
 
-# same dict as above, but flipped round (and with view_activity)
+# same dict as above, but flipped round
 roles_by_permission = {
-    'send_texts': 'send_messages',
-    'send_emails': 'send_messages',
-    'send_letters': 'send_messages',
-
-    'manage_users': 'manage_service',
-    'manage_settings': 'manage_service',
-
-    'manage_templates': 'manage_templates',
-
-    'manage_api_keys': 'manage_api_keys',
-    'view_activity': 'view_activity',
+    permission: next(
+        role for role, permissions in roles.items() if permission in permissions
+    ) for permission in chain(*list(roles.values()))
 }
 
 all_permissions = set(roles_by_permission.values())