Audit log
The Aktivitätsprotokoll (audit log) records every security-relevant action in the workspace with timestamp, actor and details — required by GDPR Art. 5(2) (accountability).

Filters
- Category — auth / data / members / reports / subcontractors / etc.
- User (email) — all actions by a specific employee.
- Time range — Today / Last 7 / 30 / 90 days / Custom.
What gets logged
auth.login— sign-ins with IP and user-agent.task.created/task.completed— task lifecycle.inspection.submitted— inspections.member.invited/member.role_changed/member.removed.report.generated— report generation.subcontractor.access_updated— scope changes.fcm_token.registered— push device registrations.
Retention
Default 90 days. Older entries are deleted automatically. For audits or insurance cases, export earlier (data export under "Datenschutz und Verträge").
Tip: Suspect unauthorized access? Filter by
auth.login+ affected user — IP addresses and user-agent reveal unusual devices.