diff --git a/rowers/views.py b/rowers/views.py
index 0a5aa3d1..137f4b77 100644
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -1993,9 +1993,14 @@ def workouts_view(request,message='',successmessage='',
         except Team.DoesNotExist:
             raise Http404("Team doesn't exist")
 
-        workouts = Workout.objects.filter(team=theteam,
+        if theteam.viewing == 'allmembers' or theteam.manager == request.user:
+            workouts = Workout.objects.filter(team=theteam,
                                           startdatetime__gte=startdate,
                                           startdatetime__lte=enddate).order_by("-date", "-starttime")
+        elif theteam.viewing == 'coachonly':
+            workouts = Workout.objects.filter(team=theteam,user=r,
+                                              startdatetime__gte=startdate,
+                                              startdatetime__lte=enddate).order_by("-date","-starttime")
 
 
     else:
@@ -2128,6 +2133,9 @@ def workout_view(request,id=0):
     try:
 	# check if valid ID exists (workout exists)
 	row = Workout.objects.get(id=id)
+        if row.privacy == 'private':
+            raise Http404("Not allowed to view this workout")
+        
 	g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime")
 	r = Rower.objects.get(id=row.user.id)
 	u = User.objects.get(id=r.user.id)