Audit & Compliance

Compliance built directly into the HR process

Append-only audit log with SHA-256 hash chain, role-based access and traceable change logs. Built for companies with high requirements for documentation and traceability.

Mock Dashboard

Hash chain

Changes become traceable

Every audit entry contains the SHA-256 hash of the previous entry. This way the integrity of the audit chain can be verified. Append-only at the database level supports a traceable record of changes.

  • SHA-256 hash of the previous entry in every row
  • Append-only at the database level
  • Verification endpoint for the audit role
Mock Dashboard

Logging

What is logged

Who? When? What? Why? — four questions every audit entry answers.

  • Who?

    User ID and IP address of the person triggering the action.

  • When?

    Server timestamp in UTC.

  • What?

    Before/after state of the affected data row, fully reconstructable.

  • Why?

    Justification as a mandatory field on every manual intervention.

Privacy

Pseudonymisation for legitimate retention

When personal data is no longer needed in clear text, identifying fields can be pseudonymised. Booking-relevant data can be retained where legal retention obligations or legitimate evidentiary purposes apply.

  • Personal fields can be pseudonymised
  • Booking-relevant data can be retained for evidentiary purposes
  • Changes are documented with timestamp, triggering person and scope
Mock Dashboard

Compliance

Compliance foundations

  • Privacy features

    Pseudonymisation of personal fields based on a defined rule set.

  • Append-only

    Audit log without update rights, only new entries possible.

  • SHA-256

    Hash chain for integrity verification across audit entries.

  • Hosting in Germany

    Application and database on Hetzner servers in Nuremberg and Falkenstein.

Audit architecture

Three technical building blocks

SHA-256
Hash algorithm of the audit chain
100 %
Append-only — no retroactive modification of existing entries
16
German states with holiday logic

Demo

Show us your compliance requirements

We'll show you how lumen.hr supports audit logs, role-based access and traceable change logs. An audit-focused demo is available on request.