diff --git a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java
index 17b35abe5..069dbab24 100644
--- a/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java
+++ b/dmp-backend/core/src/main/java/eu/eudat/authorization/Permission.java
@@ -56,6 +56,11 @@ public final class Permission {
 	public static String EditDmpDescriptionTemplate = "EditDmpDescriptionTemplate";
 	public static String DeleteDmpDescriptionTemplate = "DeleteDmpDescriptionTemplate";
 
+	//DmpUser
+	public static String BrowseDmpUser = "BrowseDmpUser";
+	public static String EditDmpUser = "EditDmpUser";
+	public static String DeleteDmpUser = "DeleteDmpUser";
+
 	//Description
 	public static String BrowseDescription = "BrowseDescription";
 	public static String EditDescription = "EditDescription";
diff --git a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpUserCensor.java b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpUserCensor.java
new file mode 100644
index 000000000..a5971462f
--- /dev/null
+++ b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpUserCensor.java
@@ -0,0 +1,45 @@
+package eu.eudat.model.censorship;
+
+import eu.eudat.authorization.Permission;
+import eu.eudat.convention.ConventionService;
+import eu.eudat.model.DmpDescriptionTemplate;
+import eu.eudat.model.DmpUser;
+import eu.eudat.model.UserDescriptionTemplate;
+import gr.cite.commons.web.authz.service.AuthorizationService;
+import gr.cite.tools.data.censor.CensorFactory;
+import gr.cite.tools.fieldset.FieldSet;
+import gr.cite.tools.logging.DataLogEntry;
+import gr.cite.tools.logging.LoggerService;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.config.ConfigurableBeanFactory;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Component;
+
+import java.util.UUID;
+
+@Component
+@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE)
+public class DmpUserCensor extends BaseCensor {
+
+    private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(DmpUserCensor.class));
+
+    protected final AuthorizationService authService;
+    protected final CensorFactory censorFactory;
+
+    public DmpUserCensor(ConventionService conventionService, AuthorizationService authService, CensorFactory censorFactory) {
+        super(conventionService);
+        this.authService = authService;
+        this.censorFactory = censorFactory;
+    }
+
+    public void censor(FieldSet fields, UUID userId) {
+        logger.debug(new DataLogEntry("censoring fields", fields));
+        if (fields == null || fields.isEmpty())
+            return;
+
+        this.authService.authorizeForce(Permission.BrowseDmpUser);
+        FieldSet dmpFields = fields.extractPrefixed(this.asIndexerPrefix(DmpUser._dmp));
+        this.censorFactory.censor(DmpCensor.class).censor(dmpFields, userId);
+    }
+
+}
diff --git a/dmp-backend/web/src/main/resources/config/permissions.yml b/dmp-backend/web/src/main/resources/config/permissions.yml
index 31e8e23f2..85961e6f2 100644
--- a/dmp-backend/web/src/main/resources/config/permissions.yml
+++ b/dmp-backend/web/src/main/resources/config/permissions.yml
@@ -321,6 +321,27 @@ permissions:
       allowAnonymous: false
       allowAuthenticated: false
 
+      # DmpUser Permissions
+      BrowseDmpUser:
+        roles:
+          - Admin
+        clients: [ ]
+        allowAnonymous: false
+        allowAuthenticated: false
+      EditDmpUser:
+        roles:
+          - Admin
+        clients: [ ]
+        allowAnonymous: false
+        allowAuthenticated: false
+      DeleteDmpUser:
+        roles:
+          - Admin
+        claims: [ ]
+        clients: [ ]
+        allowAnonymous: false
+        allowAuthenticated: false
+
     # SupportiveMaterial Permissions
     BrowseSupportiveMaterial:
       roles: