Cryptographically chained, tamper-evident audit logging for B2B SaaS. EU-hosted. SOC 2 and GDPR ready. Ship in days, not months.
No spam. Notify on launch only.
Purpose-built for the compliance requirements blocking your enterprise deals.
Each event hashes into the next. Any modification breaks the chain. Tamper detection is mathematical — not a policy.
Store actor IDs, not emails. Right to erasure? Delete the mapping, preserve log integrity. GDPR and immutability coexist.
30-day to 7-year retention policies. Automated deletion. Match your compliance requirements exactly.
Drop a white-labeled log viewer into your own product. Let your customers see their audit trail directly in your UI.
Node.js available at launch. Python, Go, and Rust SDKs in the pipeline. Simple API — log an event in three lines.
Log autonomous AI actions with full context. Who approved it, what was decided, what model ran. EU AI Act ready.
Norwegian-founded. Hosted in Germany and Finland. GDPR isn't an afterthought — it's the foundation. Your European customers will appreciate the difference.
import { Logstone } from '@logstone/node'; const client = new Logstone({ apiKey: 'ls_live_...', }); // Log an audit event await client.log({ actor: 'usr_a3f9c2', action: 'record.deleted', resource: 'invoice_9182', metadata: { ip: '192.168.1.1', reason: 'user_requested', }, }); // That's it. Cryptographically // chained and stored in the EU.
No infrastructure to manage. No compliance expertise required. Just logs that work.
Add @logstone/node to your project. Initialise with your API key. Takes two minutes.
Call client.log() with an actor, action, and resource. Cryptographically chained and stored in the EU instantly.
Search, filter, and export logs from the dashboard. Share tamper-evident proof with auditors. Close your enterprise deals.
You could — but it typically takes 2-3 months of engineering time, and that's before you tackle cryptographic integrity, retention policies, GDPR compliance, and keeping it maintained. Logstone gives you all of that out of the box so your team can focus on your actual product.
A regular database can be modified — records can be edited or deleted without any trace. Logstone chains every event cryptographically, so any tampering is mathematically detectable. That's what auditors actually require.
All data is stored on servers within the EU. It never leaves the EU. We're GDPR-native by design.
Yes. We use pseudonymisation — we store an ID like usr_a3f9c2 in the log, not the user's email or name. You control the mapping. To erase a user, you delete the mapping on your end. The log chain stays intact.
We're in early access. Join the waitlist and you'll be among the first to get access.