diff --git a/program/serializers.py b/program/serializers.py
index 8cc8124e6e3cf10c6c7958c6fd0a9e1362663ff5..2490abbda47a0727e8587dd6b0595e62e1319e37 100644
--- a/program/serializers.py
+++ b/program/serializers.py
@@ -998,6 +998,18 @@ class TimeSlotSerializer(serializers.ModelSerializer):
     def update(self, instance, validated_data):
         """Update and return an existing Show instance, given the validated data."""
 
+        user = self.context.get("request").user
+        user_is_owner = user in instance.schedule.show.owners.all()
+
+        # Having the update_timeslot permission overrides the ownership
+        if not (
+            user.has_perm("program.update_timeslot")
+            or (user.has_perm("program.change_timeslot") and user_is_owner)
+        ):
+            raise exceptions.PermissionDenied(
+                detail="You are not allowed to update this timeslot."
+            )
+
         if "memo" in validated_data:
             instance.memo = validated_data.get("memo")