We use a separate set of collections for each client. Our data structure works really well for us and looks like this...

/clients/{clientId}/reportingData
/clients/{clientId}/billingData
/clients/{clientId}/privateData

Using security rules, we allow clients to read their reportingData and billingData collections, but not the privateData collection.

However, if you need to query data across multiple clients at the same time (for internal use, for example), then Frank's option 1 would work better, with a clientId field.

We do the same thing with users...

/users/{uid}/publicProfile (anyone can read this, only the user can write)

/users/{uid}/userProfile (only the user can read and write)

/users/{uid}/privateProfile (internal data that the user can't read or write)

You have a few options for implementing such a multi-tenant solution on Cloud Firestore:

1. Have all clients in a single set of collections
2. Have a separate set of collections for each client
3. Have a separate project for each client

There is no approach which is pertinently better or worse.

I recommend that you at least consider having a separate project for each client. Isolating the clients from each other, makes maintenance and (possibly future) billing a lot easier.

Having all clients in a single set of collections is also possible. You'll just have to make sure that clients can't see each other's data. Since your likely accessing the database directly from the client, use security rules to ensure that clients can only access their own data.