diff --git a/app/controllers/api/v1/parties_controller.rb b/app/controllers/api/v1/parties_controller.rb
index 9c25f5a..5e30ade 100644
--- a/app/controllers/api/v1/parties_controller.rb
+++ b/app/controllers/api/v1/parties_controller.rb
@@ -32,6 +32,9 @@ module Api
       end
 
       def show
+        # If a party is private, check that the user is the owner
+        return render_unauthorized_response if @party.private? && @party.user != current_user
+
         return render json: PartyBlueprint.render(@party, view: :full, root: :party) if @party
 
         render_not_found_response('project')
@@ -152,11 +155,12 @@ module Api
         value.to_i unless value.blank? || value.to_i == -1
       end
 
-      def build_query(conditions, favorites = false)
+      def build_query(conditions, favorites: false)
         query = Party.distinct
                      .joins(weapons: [:object], summons: [:object], characters: [:object])
                      .group('parties.id')
                      .where(conditions)
+                     .where(privacy(favorites))
                      .where(name_quality)
                      .where(user_quality)
                      .where(original)
@@ -242,6 +246,14 @@ module Api
                                            })
       end
 
+      def privacy(favorites: false)
+        if favorites
+          'visibility < 3'
+        else
+          'visibility == 1'
+        end
+      end
+
       def user_quality
         'user_id IS NOT NULL' unless request.params[:user_quality].blank? || request.params[:user_quality] == 'false'
       end
@@ -329,6 +341,7 @@ module Api
           :description,
           :raid_id,
           :job_id,
+          :visibility,
           :accessory_id,
           :skill0_id,
           :skill1_id,
diff --git a/app/models/party.rb b/app/models/party.rb
index 122eeb7..0132996 100644
--- a/app/models/party.rb
+++ b/app/models/party.rb
@@ -105,17 +105,29 @@ class Party < ApplicationRecord
   end
 
   def is_remix
-    self.source_party != nil
+    !source_party.nil?
   end
 
   def remixes
-    Party.where(source_party_id: self.id)
+    Party.where(source_party_id: id)
   end
 
   def blueprint
     PartyBlueprint
   end
 
+  def public?
+    visibility == 1
+  end
+
+  def unlisted?
+    visibility == 2
+  end
+
+  def private?
+    visibility == 3
+  end
+
   private
 
   def set_shortcode
@@ -123,9 +135,9 @@ class Party < ApplicationRecord
   end
 
   def set_edit_key
-    if !self.user
-      self.edit_key = Digest::SHA1.hexdigest([Time.now, rand].join)
-    end
+    return if user
+
+    self.edit_key = Digest::SHA1.hexdigest([Time.now, rand].join)
   end
 
   def random_string