Member-management traceability for GDPR Right of Access

What changed

Every team invitation, acceptance, and member removal on your account is now recorded in your account activity log alongside the other events we track. When someone is invited to your team, when they accept the invitation, when a pending invitation is replaced or cancelled, when a member is removed — each of these is captured with a timestamp and the relevant role context.

Why this matters

GDPR Art. 15 grants individuals the Right of Access to information about how their personal data is processed — including the categories of personal data concerned and recipients to whom that data has been disclosed. For team accounts, membership changes are exactly the kind of events Art. 15 covers, and an activity log on those events is what supports answering an access request. The capability is about traceability — what happened, when, and what role was involved — rather than a separate self-serve data-export endpoint.

What this is part of

Team accounts are described on our pricing page; the public Audit Hub tracks completed work, including the related cross-surface integrity safeguards and the team workspace coherence work that preceded this.

For a free trial, no credit card required.