This document outlines data retention practices for the Liturgical Calendar API, particularly regarding audit logs that may contain personal data subject to privacy regulations (GDPR, CCPA, etc.).
The API logs audit events for write operations (PUT, PATCH, DELETE) to track changes to calendar data. This supports:
- Security monitoring and incident response
- Change tracking and accountability
- Debugging and troubleshooting
Audit log entries include:
| Field | Description | Personal Data |
|---|---|---|
operation |
HTTP method (PUT, PATCH, DELETE) | No |
category |
Calendar type (diocese, nation, widerregion) | No |
key |
Calendar identifier | No |
client_ip |
IP address of the request origin | Yes |
files |
Affected file paths | No |
datetime |
Timestamp of the operation | No |
Audit logs are configured with a 90-day retention period via rotating file handlers.
// In RegionalDataHandler constructor
$this->auditLogger = LoggerFactory::create('audit', null, 90, false, true, false);
// ^^
// maxFiles = 90 days of rotationAfter 90 days, log files are automatically deleted by the Monolog rotating file handler.
Audit logs are stored in:
logs/audit.json-YYYY-MM-DD.log
Each day's logs are in a separate file in NDJSON (Newline Delimited JSON) format.
Under GDPR and similar regulations, IP addresses are considered personal data because they can potentially identify individuals. The API collects client IP addresses for legitimate security and auditing purposes.
The collection of IP addresses for audit logging may be justified under:
- Article 6(1)(f) - Legitimate interests: Security monitoring and protecting the integrity of calendar data
- Article 6(1)(c) - Legal obligation: If required for compliance with security standards
If operating in jurisdictions covered by privacy regulations, consider implementing:
- Right to Access: Ability to search logs for a specific IP address
- Right to Erasure: Process for anonymizing or deleting logs containing specific IPs
- Data Processing Records: Document audit logging in your Records of Processing Activities (ROPA)
- Document the retention period in your privacy policy
- Restrict log access to authorized personnel only
- Consider log encryption for sensitive environments
- Review retention period based on your organization's requirements and applicable regulations
The retention period can be adjusted in RegionalDataHandler.php:
// Change 90 to desired number of days
$this->auditLogger = LoggerFactory::create('audit', null, 30, false, true, false);Ensure the logs/ directory has appropriate permissions:
chmod 750 logs/
chown www-data:www-data logs/src/Handlers/RegionalDataHandler.php- Audit logging implementationsrc/Http/Logs/LoggerFactory.php- Logger factory with rotation configurationsrc/Handlers/Auth/ClientIpTrait.php- Client IP extraction logic
| Date | Change |
|---|---|
| 2025-11 | Initial documentation of audit logging and 90-day retention policy |