# Logging data

The platform stores log-data for four different purposes:&#x20;

* **Security**, e.g. to detect attacks by malicious actors and **availability**, e.g. to detect whether servers would reach capacity limitations. ClauseBase is ISO 27001 certified,  and central logging is an important requirement under this certification scheme. Similarly, the logs also allow to **detect  abuse**, e.g. to trace whether customers would store illegal information.
* **Provide support** to users, e.g. to investigate why something does not seem to work.
* **Invoicing** and usage limitations, e.g. to track the number of translations and LLM requests submitted by customers, and to track the number of DOCX/PDF documents exported by customers (e.g., to invoice customers who are licensing the platform on a per-export basis).
* **Customer usage**, e.g. to check which features are popular and which customers are actively using the platform.

## Location

Log data is either stored locally on the relevant server (e.g., in Germany, for enterprise customers), or centrally on our central logging server in Amsterdam.

## Inspections

The centralised log data is frequently inspected by the ClauseBase team, through a variety of dashboards, such as the one below.

<figure><img src="/files/sIeVtox1BLUh16q3Sfe4" alt=""><figcaption><p>Central logging dashboard</p></figcaption></figure>

## Only metadata

Care is taken that the logs, in general, **only contain metadata**. In the few instances where it is relevant from a logging/security perspective to store non-metadata, that data is encrypted before being inserted into the log file.&#x20;

A sample event looks as follows:&#x20;

<figure><img src="/files/313cUrJTadBEQDJxeshH" alt=""><figcaption><p>Example log</p></figcaption></figure>

## Data being logged

## Central logs for server requests

Every time the user performs an action at the server (e.g., opening a Clause9 Q\&A, storing a clause in ClauseBuddy, redrafting text using ClauseBuddy's AI features, etc.), this event gets logged in the central log. These central logs are kept for 18 months.&#x20;

## Temporary logs

### Important internal API events

During a period of 1 month, the full content of the most important events (+ user ID and timestamp) are being logged into a temporary log at each server:&#x20;

* Updates to files and folders
* Updates to documents and Q\&As
* Clauses sent to curators
* Updates to user account details
* Opening of anonymous links

Each night, the logs older than one month are being deleted.&#x20;

### Platform usage

During one month, the mere fact that a user is using the platform gets logged into a separate table of the secondary PostgreSQL database of each instance.&#x20;

Each night, the logs older than one month are being deleted.&#x20;

## Invoice-related logging

In each platform instance's secondary PostgreSQL database, logs are kept for invoicing purposes, as explained [elsewhere](/data-collected/usage-data.md).&#x20;

These logs are kept for 7 years, i.e. the term under Belgian law during which invoices can be contested.

## Crash logs

When an internal API event crashes or generates an error, an email with relevant details gets sent to ClauseBase's developer team, for analysis.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://legal.clausebase.com/data-collected/logging-data.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.