Skip to content

Audit and Logging Policy

This policy defines baseline logging controls for systems that store, process, transmit, or provide access to customer data.

  • Detect unauthorized access and anomalous behavior
  • Support incident response, root-cause analysis, and forensics
  • Provide evidence for operational, compliance, and customer assurance needs

Audit logs should capture, as applicable:

  • Event timestamp
  • Actor or service identity
  • Event type and target resource
  • Success or failure outcome
  • Source context such as IP address or device identifier where available
  • Sign-in attempts (success and failure)
  • Session and credential lifecycle events
  • Account creation, disablement, and role or permission changes
  • Privileged access usage and administrative actions
  • Significant service health events, failures, and restarts
  • Configuration and policy changes
  • Security detections, alert state changes, and response actions
  • Audit log access, modification attempts, or deletion attempts
  • Logs are managed through platform-provided logging infrastructure (for example Supabase and Netlify) and centralized where feasible.
  • Access to logs is restricted to authorized personnel with a documented need.
  • Logs are protected against unauthorized modification or deletion using platform controls.
  • Logs in transit and at rest are encrypted using provider-managed encryption.
  • Security-relevant logs are reviewed on a regular operational cadence.
  • Alerting is configured for high-risk events, with findings triaged as they occur.
  • Review findings are used to tune detections and improve controls over time.
  • Retention periods are defined by legal, contractual, and operational requirements.
  • At retention end-of-life, logs are disposed of according to approved data destruction practices.

For details on what telemetry and operational data is collected, see Telemetry & Data Egress. For kiosk monitoring signals, see Uptime, Availability & Monitoring.