User Modules

Task, project & quality management
Contacts and directories module (CRM)
Web management and automation
Human resources
Asset management module

Technical Modules

Sabre plugin module
Enterprise Architect connector

System Modules

The AyMINE framework module
System services

System User

The object represents the system user – current, past and future. In reality, it is a system account.

Note: A system account always belongs to one system client. It is not possible for one system account to be used by multiple client access.

If your company is working with an employee who has his own account (e.g. a free account), it is not possible for that account to be used to access the company environment, and it is necessary for the user to set up his own account.

User Statuses

A user account can have several states:

  • Active User who has the ability to log in and work
  • Invited The user has been invited to create an account on the system, but he has not yet created one (he has not used the invitation). Attention, the invitation is valid for max. 48h. If the user was invited more than 2 days ago, he/she remains invited, but cannot activate his/her account without re-sending the invitation.
  • Blocked is the user's account if it has been blocked by the administrator or the user has repeatedly logged in unsuccessfully. The user does not have the ability to unblock his/her account independently and must ask the administrator. Unblocking is possible within the user's detail, or even in bulk in the user's overview. By default, users are blocked if their accounts were created without sending an invitation.

Blocking the user does not remove any of his/her personal and private information from the system, and after unblocking the account returns to the same state as before it was blocked

  • Deleted The account of the user who has ceased activity. The account cannot be logged in.

Deleting the account deletes all of the user's personal information from the system (e.g. personal notes on objects), user settings, and other personal data. However, the account is not anonymized and it remains possible to identify which activities the user has performed.

The deleted account can be restored, but it is not possible to recover deleted personal information.

  • Forgotten The account has been anonymized and personal data has been deleted in accordance with GDPR

GDPR and deleting user accounts

The system technically supports deleting user accounts, but in a number of cases this is not possible. Before deleting, it is necessary to ensure that the user is not responsible for projects and areas, as these must not be left without the user.

If an organization uses the system to document its obligations and must be able to document who has performed activities, the account must not be deleted even after the employee leaves and cancels his responsibility for projects and tasks. Retaining information about what the employee has done is a legitimate interest and often a legal obligation of the company.

Example: The system records who has performed a pipe repair. An activity can only be performed by an employee who has the appropriate qualifications and must additionally be able to prove who has performed the activity and that he or she had the necessary qualifications. It is therefore its legal obligation to keep information about the worker even after he leaves the company or after he has completed the job as an external worker.

Account deletion removes personal information

Account deletion removes all personal information that the user has created in the system:

  • Own object notes
  • Personal tags on objects
  • Personal pockets with objects

Account deletion does not remove personal data – name and email.

Anonymization – forgetting

Anonymization is also possible to meet GDPR requirements. Anonymization is possible only for deleted accounts.

Anonymization ensures that workers working with the system will not be able to determine that the person whose account has been anonymized had an account in the systems. The account will be presented with an anonymous name.

However, to ensure a legal obligation, the anonymized account keeps a record of the worker's real name in the history. In case of a request for historical identification of the worker, this information can be traced. At the same time, the personal data of the employee can never again be subject to mass data processing, automated profiling or made available to users, except for targeted searches of specific data for forensic reasons.

Anonymization does not remove the user's name from the historical records that indicate in the activity reports who performed the operation. This record, which is equivalent to the employee's signature on an internal document, does not violate GDPR principles. It cannot be subject to further processing.

Anonymization fully complies with GDPR requirements. It does not have to comply with the organization's internal regulations and before performing it, the administrator must verify that it is performed in accordance with internal methodologies and regulations.

Personal Accounts and their Counting

For the purpose of calculating active users, accounts in active, invited and blocked (so-called active states) states are counted. Accounts in other states are not counted.

For the purpose of invoicing, the maximum number of user accounts in active states is always counted for the billing period. If the maximum number of users is guarded by a prepaid number of users, it is not possible to have multiple users in active states at the same time.

User Rights Settings

System Permissions

AyMINE never assigns system permissions directly to a user. Permissions always refer to a role or a group of people. Therefore, you only set system permissions to a user by assigning them to a group or a role.

Permissions arising from an object relationship

A user can obtain rights based on their role to a specific object (e.g. the right of the meeting manager to terminate the meeting). These rights are not administered by the administration, but arise from working in the system.