Skip to content
English
  • There are no suggestions because the search field is empty.

Anonymize a user

In this article, we explain how you as a system owner or administrator can manage personal data for users who leave the organization, with a focus on anonymizing and deleting users in AM System.

Background

In AM System, you as the customer own all data and have exclusive rights to access and process it. As the software developer, we do not control how the system is used or how data is stored and managed.  

We frequently receive questions from system owners and administrators about how to act and how to handle personal data for users who leave the organization. We are aware that there are different rules governing how companies should or must retain information about their employees. It may also be important to take into account any regulatory requirements that affect your operations.  

Anonymization

The simplest way to anonymize a user when needed is for the system administrator to change the person’s name (for example to “Deleted user”). The user can then be deleted according to these instructions. Please note that the user’s activities can no longer be traced back to a specific individual, as the system will instead refer to “Deleted user”.

⚠️ Important: If you want to anonymize a user, this must be done BEFORE the user is deleted from the system.

We generally recommend only deleting users who have left the organization. The user’s name will remain visible in the cases and documents where the person has been involved – for example as creator or approver, recipient or responsible person – until those cases or documents are updated and the information is removed.  

Read more here about how to delete (or deactivate) a user.

Data retention

For organizations that need to manage personal data or other sensitive information over time, we also offer the addon Data Retention.

Data retention automatically clears information from selected fields in your cases after a defined period. You configure which fields are affected and after how long they will be cleared, which reduces the need for manual follow-up and routine clean-up.

This is particularly useful for data minimization and storage limitation under GDPR, where the aim is to avoid storing personal data longer than necessary. By using Data retension, you can ensure that time-limited or sensitive information is removed automatically, while the rest of the case data remains intact for traceability and follow-up.

The function only affects the fields included in the configuration and does not change the overall structure or historical record of the case.

Summary

If you delete a user, the person will still appear in the documents and cases they are linked to. This is partly due to traceability requirements.

We also recommend that you read more about our general terms and our Data Processing Agreement (PUB-avtal) here.

 

Related content: