§ 62 BlnDSG
Logging
(1)In automated processing systems, controllers and processors shall log at least the following processing operations: 1. collection, 2. alteration, 3. consultation, 4. disclosure including transmission, 5. combination, and 6. erasure.
(2)The logs of consultations and disclosures must make it possible to establish the justification, the date and time of those operations, and, as far as possible, the identity of the person who consulted or disclosed the personal data, and the identity of the recipient.
(3)The logs may only be used for the purposes of reviewing the lawfulness of the data processing by the data protection officer, the Berlin Commissioner for Data Protection and Freedom of Information and the data subject, as well as for self-monitoring, ensuring the integrity and security of personal data, and for criminal proceedings.
(4)The log data shall be deleted after two years from the date of their creation.
(5)The controller and the processor shall make the logs available to the Berlin Commissioner for Data Protection and Freedom of Information upon request. zur Einzelansicht § 62