Use case

A trail your DPO can actually hand to an auditor

Recalled is hosted in the EU, encrypted at rest, and exposes a one-call anonymization endpoint for Article 17. Ship a GDPR-ready audit trail without building your own data protection layer.

Start logging for freeRead the GDPR guide
The problem

GDPR asks you to keep records of processing (Article 30) and to erase a user's personal data on request (Article 17). Rolling your own audit log means you also need to solve data residency, encryption at rest, retention policies, and the surgical removal of one actor from a hash-chained trail. None of that is your core product.

The Recalled way

Recalled runs in the EU only, encrypts at rest with AES-256, and lets you delete all events of a given actor with a single API call, without breaking the integrity of the rest of the trail. We act as a data processor, and a standard DPA is accepted at signup. Retention is configurable per plan so you do not keep data longer than your own policy allows.

Handle an erasure request
// When a user exercises their right to erasure:
await recalled.actors.delete(userId);
// All events for this actor are anonymized
// in place. The rest of the audit trail
// stays intact for your other users.

Why GDPR teams pick Recalled

  • EU-only hosting

    All data stored exclusively inside the European Union. No transfer outside the EU by default.

  • AES-256 at rest, TLS 1.3 in transit

    Encryption is not an option, it is the default. API keys are SHA-256 hashed before storage.

  • One-call erasure

    DELETE /v1/actors/:id anonymizes every event of that actor in place, the rest of the trail stays intact.

  • DPA at signup

    Standard Data Processing Agreement accepted when you create your account. Nothing to chase down with the legal team.

Related use cases

Ship SOC 2 / ISO 27001 evidence

SOC 2 and ISO 27001 both require an immutable record of sensitive actions. Recalled emits hash-chained, signed events so your auditor can verify integrity without trusting your database.

Audit every admin action

Log every sensitive action taken by a staff member from your back-office: suspensions, refunds, impersonations, role changes. Answer 'who did this and when' before anyone has to ask.

Your next audit log is 2 minutes away

Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.

Start for freeRead the docs