diff --git a/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java b/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java
index d72853c7..9fdb1936 100644
--- a/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java
+++ b/src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java
@@ -203,5 +203,6 @@ public class GepafinConstant {
     public static final String APPLICATION_SUBMITTED_CANNOT_CHANGE = "application.submitted.cannot.change";
     public static final String CALL_DOCUMENTS_FETCH_SUCCESS_MSG = "call.documents.fetch.success";
     public static final String CALL_DOCUMENTS_NOT_FOUND_MSG = "call.documents.not.found";
+	public static final String PERMISSION_DENIED = "permission.denied";
 }
 
diff --git a/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java b/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java
index 728990b5..3a9b92ad 100644
--- a/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java
+++ b/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java
@@ -18,6 +18,7 @@ import net.gepafin.tendermanagement.repositories.UserWithCompanyRepository;
 import net.gepafin.tendermanagement.service.UserService;
 import net.gepafin.tendermanagement.util.Utils;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.ForbiddenAccessException;
 import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 
@@ -190,8 +191,8 @@ public class CompanyDao {
 	}
 
 	public UserWithCompanyEntity validateUserWithCompny(Long userId, Long companyId) {
-		return userWithCompanyRepository.findByUserIdAndCompanyId(userId, companyId).orElseThrow(() -> new CustomValidationException(Status.UNAUTHORIZED,
-				Translator.toLocale(GepafinConstant.UNAUTHORIZED)));
+		return userWithCompanyRepository.findByUserIdAndCompanyId(userId, companyId).orElseThrow(() -> new ForbiddenAccessException(Status.FORBIDDEN,
+				Translator.toLocale(GepafinConstant.PERMISSION_DENIED)));
 	}
 	
 	public UserWithCompanyEntity getUserWithCompany(Long userId, Long compnayId) {
diff --git a/src/main/resources/message_en.properties b/src/main/resources/message_en.properties
index 8ae7bcfa..bbf010f5 100644
--- a/src/main/resources/message_en.properties
+++ b/src/main/resources/message_en.properties
@@ -229,5 +229,6 @@ application.submitted.cannot.change=The submitted application cannot be changed.
 # Call Document Messages
 call.documents.fetch.success=Documents fetched successfully.
 call.documents.not.found=No documents found for the specified call.
+permission.denied=You are not authorized to access this data.
 
 
diff --git a/src/main/resources/message_it.properties b/src/main/resources/message_it.properties
index 9b998124..2235bb51 100644
--- a/src/main/resources/message_it.properties
+++ b/src/main/resources/message_it.properties
@@ -225,5 +225,6 @@ application.submitted.cannot.change=La domanda inviata non pu
 # Call Document Messages
 call.documents.fetch.success=Documenti recuperati con successo.
 call.documents.not.found=Nessun documento trovato per la chiamata specificata.
+permission.denied=Non sei autorizzato ad accedere a questi dati.