News

New retention period of 90 days

According to European standards, personal data may not be collected arbitrarily; if there is no specific purpose or if the purpose ceases to exist, the data must be deleted. At cloudscale, we have always been data-minimalist and consciously avoid certain data silos that are (unfortunately) common practice elsewhere. Based on the experience we have gained over time, we have now concluded that some of the logs we hold are needed for a shorter period than previously assumed, which is why we are reducing their retention period.

For you, this means that only entries from the last 90 days will be available in the audit logs for your projects, your account, and, if applicable, your organizations. In most cases, these logs should be sufficient if you need to review past actions related to your cloud setups. However, you also have the option to export your audit logs and archive them according to your own specifications.

Exports for long-term storage

You can download the audit logs for all your projects, as well as your user log, at any time from the cloud control panel – the download button is located right in the top right corner of the respective log. The audit logs for your projects also remain available via our API; this allows you, for example, to automatically retrieve and analyze them in your monitoring system.

Organizations now also can use a periodic export to our object storage; this export includes both your organization's log and the logs for all of its projects. Shortly after midnight, the audit log entries added the previous day are saved to a bucket of your choice. If you want to export not only the logs for the current day and future days but also the previous, still existing entries to the bucket, simply check the corresponding box in the control panel.

If you have not been using organizations yet, you can still take advantage of the periodic export: simply create a new organization in the control panel and let our support team know that you would like us to move your existing projects into that organization – by the way, moving a project causes absolutely no downtime.

Optimal protection for your audit logs

You can use any bucket in our S3-compatible object storage at the location of your choice as the destination for periodic exports. You can then leave the exported logs there or move them somewhere else using a tool of your choice. By the way, the bucket does not have to belong to a project in the same organization: For additional protection of your logs, a bucket in a separate "CISO organization" is a good option.

The export process itself only requires permission to create new objects in the bucket. Therefore, you do not need to specify the objects user who owns the bucket when configuring the export. Instead, you can create a separate objects user, grant that user selective permissions via a bucket policy, and configure that user's access and secret keys in the control panel.

Logs serve a wide variety of purposes: they help resolve technical issues just as much as they contribute to compliance requirements. In most cases, you only need to look back a short time, so a limited retention period is sufficient. If your use case is different, take advantage of the various export options available in our control panel and API. Please note: Starting 2026-07-15, cloudscale will only provide audit logs from the last 90 days. If you need older logs at a later date, please export them before 2026-07-15 using one of the methods described.

Properly documented,
Your cloudscale team