Use case

A tamper-proof trail your auditor can verify

SOC 2 and ISO 27001 both require an immutable record of sensitive actions. Recalled emits hash-chained, signed events so your auditor can verify integrity without trusting your database.

Start logging for freeRead the compliance guide
The problem

SOC 2 Type II and ISO 27001 ask for access logs, change logs, and evidence that they cannot be silently rewritten. A regular database table fails the 'immutable' test. Bolting on a write-only log is work you do not want to do twice, and explaining your homebuilt integrity model to an external auditor is a whole thing.

The Recalled way

Every Recalled event is HMAC-SHA256 signed with a server-side key and chained to the previous one. Auditors call GET /v1/events/verify to check the whole chain end to end, or export a CSV/JSON slice with the hash + signature columns. The signing key never touches the database, so even a full DB compromise cannot forge a valid rewrite. Retention stays under your control per plan.

Emit a sensitive action
// Every sensitive action goes through Recalled.
// Auditors query the signed trail, not your DB.
await recalled.events.create({
  action: "data.export.requested",
  actor: { id: admin.id, email: admin.email },
  organization: tenant.id,
  targets: [{ type: "dataset", id: datasetId }],
});

Why compliance teams use Recalled

  • HMAC signing + chain

    Every event carries an HMAC-SHA256 signature keyed by a secret that lives outside the database, plus a hash link to the previous row. Call GET /v1/events/verify anytime to audit both at once.

  • Off-database storage

    The trail does not live in your Postgres. Compromise of your primary database does not let an attacker rewrite the audit trail.

  • Auditor-friendly exports

    CSV or JSON exports, filtered by date range or action prefix, with the hash chain columns included.

  • GDPR-compatible erasure

    Even with the hash chain, GDPR erasure anonymizes the actor columns in place without invalidating the surrounding events.

Related use cases

GDPR-ready audit trail

Recalled is hosted in the EU, encrypted at rest, and exposes a one-call anonymization endpoint for Article 17. Ship a GDPR-ready audit trail without building your own data protection layer.

Audit every admin action

Log every sensitive action taken by a staff member from your back-office: suspensions, refunds, impersonations, role changes. Answer 'who did this and when' before anyone has to ask.

Your next audit log is 2 minutes away

Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.

Start for freeRead the docs