Article 36Keeping of logs
1.eu-LISA shall keep logs of all data processing operations in the MID. Those logs shall include the following:
(a)the Member State launching the query;
(b)the purpose of user's access;
(c)the date and time of the query;
(d)the type of data used to launch the query;
(e)the reference to the linked data;
(f)the history of the identity confirmation file.
2.Each Member State shall keep logs of queries that its authorities and the staff of those authorities duly authorised to use the MID make. Each Union agency shall keep logs of queries that its duly authorised staff make.
3.The logs referred to in paragraphs 1 and 2 may be used only for data protection monitoring, including checking the admissibility of a query and the lawfulness of data processing, and for ensuring data security and integrity. Those logs shall be protected by appropriate measures against unauthorised access and erased one year after their creation. If, however, they are required for monitoring procedures that have already begun, they shall be erased once the monitoring procedures no longer require the logs.