diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php
index 8e9c6f2a321..84a84321a52 100644
--- a/htdocs/contact/card.php
+++ b/htdocs/contact/card.php
@@ -86,6 +86,7 @@ $hookmanager->initHooks(array('contactcard', 'globalcard'));
 
 if ($id > 0) {
 	$object->fetch($id);
+	$object->info($id);
 }
 
 if (!($object->id > 0) && $action == 'view') {
@@ -101,6 +102,9 @@ $permissiontoadd = $user->rights->societe->contact->creer;
 if ($user->socid) {
 	$socid = $user->socid;
 }
+if($object->priv && $object->user_creation->id != $user->id){
+	accessforbidden();
+}
 $result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission