§ 64 LDSG RP
Logging
(1)In automated processing systems, controllers and processors shall log at least the following processing operations: 1. collection, 2. alteration, 3. consultation, 4. disclosure including transfer, 5. combination, and 6. erasure.
(2)The logs of consultations and disclosures must make it possible to establish the justification, date and time of those operations and, as far as possible, the identity of the person who consulted or disclosed the personal data, and the identity of the recipient of the data. The controller and the processor shall make the logs available to the State Commissioner for Data Protection and Freedom of Information upon request.
(3)The logs may be used exclusively for the verification of the lawfulness of the data processing, self-monitoring, ensuring the integrity and security of the personal data, and for criminal proceedings.
(4)The log data shall be erased at the end of the year following their generation.
(5)For automated processing systems established before 6 May 2016, the implementation of the requirements of paragraphs 1 to 4 may in exceptional cases be postponed until no later than 6 May 2023, where the technical implementation would involve disproportionate effort. zur Einzelansicht § 64