To make sure a user can access the data for the 1;1 for example I would create the 1:1 as an object associated with the user object. Then use entity access XPath constraints on the 1:1 object for the user like:
[<the association to the user> = currentuser]
This will allow only the role user to view that information based on the XPath and the read/write settings.
For the manager, the user would be related to a manager which in turn is a user you could setup the XPath for the 1:1 object access rule like:
[<associated to the user>/user/<association to the manager> = currentuser]
In this case if the user has the manager role he will only be allowed to access the data for the users that he is a manager for.
Be aware that the XPath constraints are pseudocode, but using the options in the entity access XPath tab (path to user) will make it clear what the real XPath should be. By using XPath in the access rules you’ll make sure that in any situation the data is only available to the specific user role. See https://docs.mendix.com/howto/logic-business-rules/define-access-rules-using-xpath/#3-defining-the-access-rules-on-the-order-entity-using-xpath for more details on access rules and xpath.