Hi,

Users are only able to see their Contacts by using the Record rule:

Here the corresponding partner field refers to the user, so we can connect the user id with this field in the model. You can replace the 'related_partner' field with the res.partner field of this model.

<record id="id_record_rule_for_user" model="ir.rule">
        <field name="name">Only Own Records</field>
        <field ref="model_[your_model_name]" name="model_id"/>
        <field name="domain_force">[('related_partner_id','=',user.id)]
        </field>
        <field name="groups"
               eval="[(4, ref('module_name.user_group_name'))]"/>
    </record>

https://www.cybrosys.com/odoo/odoo-books/odoo-16-development/security/record-rules/

Regards