| title | Audit, export or delete personal data collected by Intune | ||||
|---|---|---|---|---|---|
| description | Learn how to audit, export, or delete personal data that is collected by Intune. | ||||
| ms.date | 04/10/2025 | ||||
| ms.topic | how-to | ||||
| ms.reviewer | kerimh | ||||
| ms.collection |
|
Intune admins can use audit logs to track activities surrounding personal data. Admins can also export and delete personal data.
Note
This article provides steps for how to delete personal data from the device or service and can be used to support your obligations under the GDPR. If you're looking for general information about GDPR, see the GDPR section of the Service Trust portal.
Audit logs provide tenant admins with a record of activities that generate a change in Microsoft Intune. Audit logs are available for many manage activities and typically create, update (edit), delete, and assign actions. Remote tasks that generate audit events can also be reviewed. These audit logs might contain personal data from users whose devices are enrolled in Intune.
For security purposes, Intune maintains audit logs for user and device actions for two years. These logs are automatically deleted after the two-year retention period.
To review audit logs, see Audit logs for Intune activities.
Admins can't delete audit logs.
These audit events are retained for two years. Tenant admins can request audit logs using this support request form.
Admins can export end user personal data, including accounts, service data, and associated logs to comply with Data Subject Rights Requests. You and your organization can decide whether to provide the data subject with a copy of their personal data or withhold it if you have a legitimate business reason. If you choose to provide it, you can give them a copy of the document, a redacted version, or a screenshot of the parts you want to share.
To export a user's personal data, you can use:
- the Export option on the All devices node of the Microsoft Intune admin center to export a list of devices. You can also copy device data directly.
- the Export-IntuneData.ps1 script.
There are three ways to remove personal data from Intune management:
- Delete the user from Microsoft Entra ID
- Reset the device to factory settings
- User self-removal
To delete an end user's personal data from Intune, an admin must delete the user from Microsoft Entra ID. When the user is deleted from Microsoft Entra ID (hard deleted), Intune receives the Delete signal from Microsoft Entra ID and then automatically begins purging all of that user's personal data from the Intune service. The user's information is deleted from Intune service within 30 days of the removal action.
Resetting to factory settings restores all company and personal data and settings to the original factory settings. It's useful before providing a device to the next employee. User files, user installed applications, and non-default settings are removed and this data is deleted from the Intune service within 30 days of the removal action.
Users can remove their Android, Apple, or Windows personal device from Intune management without admin assistance.
The Retire action removes Intune provisioned data like company applications, data about apps that Intune is managing, policy settings, and email profiles that are provisioned through Intune. This action leaves the user's personal data on the device.
If Intune has configured a BIOS password for the device as part of BIOS configuration management, the BIOS password remains on the device until explicitly removed. BIOS passwords could be removed by editing the BIOS configuration and other settings policy, or locally on the device by changing the existing password.
If an Intune tenant customer cancels their Intune account, all tenant data is deleted within 180 days after the customer closes the Intune account. If the Microsoft Entra tenant is associated with other Microsoft enterprise subscriptions (Azure, Microsoft 365), then only the Intune Customer Data is deleted. The Microsoft Entra tenant resource is maintained for use by the other subscriptions. If the Intune account is the only subscription associated with the Microsoft Entra tenant, then the tenant is deleted and all resources and Customer Data are also deleted.
Find out how to view and correct personal data personal data in Intune.