diff --git a/src/controllers/branch-controller.ts b/src/controllers/branch-controller.ts
index 4930bd6..3e04d43 100644
--- a/src/controllers/branch-controller.ts
+++ b/src/controllers/branch-controller.ts
@@ -27,6 +27,10 @@ if (!process.env.MINIO_BUCKET) {
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
 const MANAGE_ROLES = ["system", "head_of_admin"];
 
+function isSystem(user: RequestWithUser["user"]) {
+  return user.roles.includes("system");
+}
+
 function globalAllow(user: RequestWithUser["user"]) {
   return MANAGE_ROLES.some((v) => user.roles?.includes(v));
 }
@@ -196,12 +200,14 @@ export class BranchController extends Controller {
         zipCode,
         headOfficeId: headOfficeId ?? (filter === "head" || tree ? null : undefined),
         NOT: { headOfficeId: filter === "sub" && !headOfficeId ? null : undefined },
-        OR: globalAllow(req.user)
+        OR: isSystem(req.user)
           ? undefined
           : [
-              { user: !globalAllow(req.user) ? { some: { userId: req.user.sub } } : undefined },
               {
-                headOffice: !globalAllow(req.user)
+                user: { some: { userId: req.user.sub } },
+              },
+              {
+                headOffice: globalAllow(req.user)
                   ? { user: { some: { userId: req.user.sub } } }
                   : undefined,
               },