Who can view audit logs in VoteAlly?

All admin roles within an organization can view audit logs for sessions they have access to. Organization Owners and Organization Admins can view session-level audit logs through the Activity tab. Super Admins have access to platform-level audit logs across all organizations.

Are voter actions logged in VoteAlly audit logs?

No. Audit logs track admin actions only. Voter actions such as casting a ballot are not recorded in the audit log to preserve voter anonymity. Voter participation is tracked separately through the participation record, which records that a voter voted on a question without linking to their specific ballot choice.

Can audit logs be deleted or tampered with?

No. Audit logs are permanent records that can only be added to, never changed or removed. Even Super Admins cannot remove audit log entries. This ensures the integrity of the audit trail for compliance and dispute resolution.

What happens to audit logs when voter personal information is removed?

Audit logs survive the personal information removal process. When voter personal data is removed from a session, voter-related fields in audit log details (such as voter email, voter name, phone number, and member ID) are replaced with "REDACTED." Admin fields like the admin email, admin name, and IP address are preserved. This maintains the audit trail for accountability while removing personally identifiable voter data.

How long are audit logs retained?

Audit logs are retained indefinitely. They are not subject to the configurable retention period that applies to voter personal data. Even after voter information is removed (at 30, 90, 180, or 365 days after session end), the audit log entries remain with voter fields redacted and admin fields intact.

Audit Logs

Track every admin action for accountability and compliance. VoteAlly records a complete, tamper-proof audit trail of who did what and when.

What Are Audit Logs?

Every time an admin takes an action in VoteAlly, the platform records an audit log entry with the following information:

Timestamp

The exact date and time the action occurred, recorded in UTC for consistency across time zones.

Actor

The admin who performed the action, identified by their email address and name.

Action Type

A structured label describing what was done (for example, SESSION_CREATED, VOTER_DELETED, or STATUS_CHANGE).

Details

Contextual information about the action, such as which fields changed, the target entity, and the IP address of the admin.

Audit logs are permanent and tamper-proof. Once an entry is recorded, it cannot be edited, deleted, or changed by any user, including Super Admins. This guarantees the integrity of your audit trail for compliance and dispute resolution.

What Gets Logged

VoteAlly logs a comprehensive set of admin actions across sessions, voters, questions, team management, and billing. Here is a breakdown by category:

Session Management

Session created, updated, cloned, or archived
Session launched (Draft to Live or Early Voting)
Status changes (open, close, end session)
Election questions opened or closed in bulk
Meeting questions closed
Session voter personal data removed

Questions

Question created, updated, archived, or deleted
Question status changes (open, close)
Questions reordered
Edit blocked during early voting (locked fields)
Votes cleared from a question

Voters & Communications

Voters imported (with count)
Individual voter updated or deleted
Single voter invited or invite resent
Batch or bulk invitations sent
SMS sent to individual voter
Email job started, scheduled, or cancelled

Team & Organization

Organization created, updated, or deleted
Team member invited, updated, or removed
User invite resent
User name or permissions updated
Ownership transferred between admins
Feature settings updated

Security & Authentication

Admin login (email/password, Google, Microsoft)
Failed login attempts
Password changed or reset
MFA enabled, disabled, or reset
MFA challenge sent, verified, or failed
Admin account claimed (first-time setup)

Exports & Billing

Ballot audit exported as CSV
Activity logs exported as CSV
Participation report exported
Results exported
Plan upgraded or downgraded
Session boost or SMS boost purchased

Viewing Audit Logs

VoteAlly provides two levels of audit log access, depending on what you need to review:

Session-Level Activity Tab

Every voting session has an Activity tab in the session dashboard. This shows all audit log entries scoped to that specific session, including question changes, voter imports, status transitions, and exports.

This is the most common way to review what happened during a session. All Organization Owners and Organization Admins can access it.

Organization-Level Logs

Organization-level audit logs capture actions that span the entire organization, including team member changes, organization settings updates, billing events, and security events like login attempts and MFA changes.

These logs provide a cross-session view of all admin activity within the organization.

Tip: Each audit log entry includes the session it belongs to (if applicable), so you can quickly jump from an organization-level log entry to the specific session where the action occurred.

Filtering and Searching

The session-level Activity tab supports several filtering and search options to help you find specific entries:

Action Type Filter

Use the action dropdown to filter by a specific action type (for example, show only SESSION_UPDATED or VOTER_DELETED entries). Select "ALL" to see every action type.

Text Search

Search across the action type, admin email, question title, voter email, session name, and reason fields. This is useful when you need to find all actions taken by a specific admin or all changes to a particular question.

Date Range Filter

Set a start date, end date, or both to narrow results to a specific time window. This is helpful for reviewing activity during a particular meeting or investigating an issue that happened on a known date.

Results are displayed in reverse chronological order (newest first) and support pagination for sessions with large numbers of logged actions.

Exporting Audit Logs

You can export the audit log for any session as a CSV file from the Reports tab. The export includes the following columns:

Timestamp: Standardized date and time of the action
User: The admin who performed the action (or "System" for automated actions)
Action: The structured action type label
Target: The question title, voter email, session name, or other entity affected
Details: Additional context such as status changes, updated fields, or reasons

The export respects your current filters. If you have an action type, search term, or date range applied, only matching entries are included in the CSV. This lets you export a focused subset for a specific compliance inquiry.

Note: The export action itself is logged in the audit trail (as ACTIVITY_LOGS_EXPORTED), including which filters were applied and how many records were exported. This provides a chain-of-custody record for compliance purposes.

Retention and Personal Data Removal

Audit logs are designed to provide a permanent record of admin actions. They are retained indefinitely and are not subject to the configurable retention period that applies to voter personal data.

When voter personal information is removed from a session (either automatically after the retention period or manually by an admin), audit logs are treated as follows:

Redacted (Voter Personal Info)

Voter email addresses
Voter names
Phone numbers
Member IDs
Name change history (old/new values)

Preserved (Admin & Context)

Admin email (who performed the action)
Admin name
IP address of the admin
Action type and timestamp
Question titles and session details

This approach satisfies both privacy regulation requirements (such as GDPR and CCPA) and the need for a lasting audit trail. Voter personal information is permanently replaced with "REDACTED," while admin accountability information remains intact for the life of the record.

Best practice: If you need the full audit log with voter details for your records, export the Activity Log CSV before the retention period expires. Once voter fields are redacted, the original values cannot be recovered.

Frequently Asked Questions

Who can view audit logs?

All admin roles within an organization can view session-level audit logs through the Activity tab. Organization Owners and Organization Admins see logs for sessions in their organization. Super Admins have additional access to platform-level audit logs that span all organizations.

Are voter actions logged?

No. Audit logs record admin actions only. Voter actions like casting a ballot are intentionally excluded to preserve voter anonymity. Voter participation (whether a voter voted on a given question) is tracked through a separate participation record that does not link to the specific ballot or vote choice.

Can audit logs be deleted?

No. Audit logs are permanent records that can only be added to, never changed or removed by any user, regardless of their role. This protection is built into the system to ensure the audit trail remains trustworthy for compliance audits and dispute resolution.

Are failed actions logged?

Yes. Failed actions like unsuccessful login attempts, failed MFA challenges, and blocked edits (for example, attempting to edit a locked question during early voting) are all logged. These entries help identify potential security concerns and unauthorized access attempts.

Do system-automated actions appear in the audit log?

Yes. Automated actions such as scheduled personal data removal and billing events are logged with "System" as the actor. This ensures that every change to your data is accounted for, whether initiated by a person or by an automated process.

What happens to audit logs if I delete my organization?

If an organization is deleted, all of its data is removed, including audit logs. If you need to preserve the audit trail, export the Activity Log CSV for each session before deleting the organization.

Can I use audit logs as evidence in a dispute?

Yes. The CSV export includes timestamps, admin emails, action types, targets, and contextual details. Because audit logs are permanent and tamper-proof, they serve as a reliable record. Many organizations use these exports to satisfy bylaws requiring a record of board decisions and vote administration.

Last updated: April 2, 2026