diff --git a/README.md b/README.md
index d670cc5..d42fb1d 100644
--- a/README.md
+++ b/README.md
@@ -225,7 +225,7 @@ ohmyapi createsuperuser
 
 ## Permissions
 
-### API-Level
+### API-Level Permissions
 
 Use FastAPI's `Depends` pattern to implement API-level access-control.
 
@@ -255,3 +255,23 @@ async def list(user: auth.User = Depends(permissions.require_authenticated)):
 ...
 ```
 
+### Model-Level Permissions
+
+Use Tortoise's `Manager` to implement model-layer permissions.
+
+```python
+from ohmyapi.db import Manager
+from typing import Callable
+
+
+class TeamManager(Manager):
+    async def for_user(self, user):
+        return await self.filter(members=user).all()
+
+
+class Team(Model):
+    [...]
+
+    class Meta:
+        manager = TeamManager()
+```