The three different roles would be:
Member: Can access passwords for Groups they are in and create passwords in these Groups. They can also modify any logins shared with them, as well as share logins with the groups they're in. If a member is not in a group, they can't see/edit those logins, and will not know they exist.
Admin: Everything a member can do, plus they can create Groups, add other people to Groups, and invite people to and remove people from the team. Admins can also handle administrative tasks like updating billing information, reviewing account activity, and downloading invoices from the admin section.
Owner: Everything an admin can do except the Owner cannot be removed from the team unless they transfer ownership to another person on the team.