Run your lead operation on live dashboards and an audit trail
Running a lead network under your own brand? OXIAE gives you real-time dashboards with concrete KPIs per publisher, label and buyer, and an immutable audit trail per request that makes every step from intake to payout demonstrable.
In lead generation, everything comes down to trust, and trust stands or falls on evidence. Your buyers want to know where a request came from and whether there is consent behind it. As operator, you want to steer on quality per publisher before a dispute arises. And a regulator or auditor wants to be able to review exactly what happened to personal data. That is why OXIAE places two things alongside every request by default: a live dashboard that shows how your operation is performing, and an audit trail that records what happened.
The dashboard tells you the story in figures: how many requests, what acceptance rate, how much drop-off, how fast they are processed and what it earns per publisher and buyer. The audit trail tells the story line by line: who did what, when, with which lead, in a log that cannot be changed after the fact. Together they turn your processing from a black box into an open book you can open at any moment, and show to buyers, publishers and regulators under your own brand. The same trail runs across your whole pipeline, from lead intake and verification and consent to payouts and disputes.
Everything visible, in one environment
From live performance to the evidence behind every processing step, your entire lead operation in one auditable, white-label environment.
Real-time dashboards
Track the volume, quality and margin of your lead operation live, without waiting on periodic reports.
Audit trail per request
Every request carries its own log: from intake to payout, recorded step by step.
Per publisher & label
Break insight down by publisher, channel and label, so you know exactly which supply performs.
Per buyer
See per buyer which requests were delivered, accepted, disputed and settled.
Exportable reports
Pull logs and reports via export or API, under your own brand, for your own analysis and archive.
Compliance evidence
Provenance, consent and processing are traceable and demonstrable at any moment, GDPR compliant.
Dashboards that run your operation
A dashboard is only useful when it answers the right questions. OXIAE shows the KPIs you, as operator, actually steer on (volume, acceptance rate, drop-off, processing time and margin) and breaks them down by publisher, label and buyer, so you not only see that something is changing, but also where.
| Channel | Volume | Acceptance | Drop-off | Revenue |
|---|---|---|---|---|
| Own landing pages | 612 | 93.7% | 4.9% | € 14,680 |
| Publisher network | 438 | 89.2% | 8.1% | € 9,240 |
| API & partners | 174 | 92.5% | 6.0% | € 4,105 |
| AI Agent Network | 60 | 88.3% | 9.2% | € 1,260 |
Volume & acceptance rate show how much you bring in and what share of it is actually accepted by your buyers: the core of your business model.
Drop-off % & average processing time point you to quality and speed problems before they cost margin or lead to disputes.
Revenue per publisher and buyer makes visible where your margin sits, so you can scale what works and adjust what underperforms.
Trends over time place every KPI next to the previous period, so a dip or spike stands out immediately instead of only in a monthly report.
Demonstrably processed
In OXIAE, processing is never a black box. Every request automatically builds its own audit trail, with timestamps per step, traceable back to publisher and buyer, and always exportable. That way you prove it is correct, instead of just promising it, under your own brand.
- Every step logged, automatically and without manual work
- Timestamps at every moment from intake to payout
- Exportable for analysis, archiving and audits
- Traceable back to publisher, channel and buyer
- Lead received2 min ago
- Consent captured3 min ago
- Data validated4 min ago
- Matched & forwarded to buyer5 min ago
What's in a single audit-log entry
The power of an audit trail lies in the detail. Every event is recorded as one entry with a fixed structure, so afterwards you can reconstruct exactly what happened: who, what, when and with what result. No free text, but structured fields you can filter, export and verify.
Event type
What happened, for example lead.received, consent.captured, lead.validated or lead.delivered.
Timestamp
The exact moment in UTC, down to the millisecond, so the order of events is indisputable.
Actor / system
Who or what performed the step: an operator, a publisher, an API key, a rule or an AI agent.
Lead ID
The unique reference to the request, so every entry maps to exactly one lead.
Previous → new status
The status transition, for example received → validated, so you can reconstruct the entire lifecycle.
Append-only & hash
Every entry gets a hash that carries the previous entry, so changing or deleting one visibly breaks the chain.
Retention & immutability
An audit trail you can change after the fact is not evidence. That is why the log in OXIAE is append-only: entries can only be added, never removed. Every entry contains a cryptographic hash that carries the previous entry. Anyone who changes or deletes even a single entry breaks the chain, and that is immediately visible on verification.
At the same time, the GDPR requires retention periods and data minimisation. That is why OXIAE keeps processing events separate from the personal data itself. The audit trail proves that processing took place, while the underlying personal data can be minimised or deleted according to the retention period you configure, without the evidence disappearing.
That way you combine two seemingly contradictory requirements: immutable evidence of what happened, and the right not to retain personal data any longer than necessary.
Append-only log
Entries are added, never overwritten. The order and content are fixed.
Hash chain
Every entry references the hash of the previous one, so tampering becomes visible.
Configurable retention period
Set per data category how long data is retained, in line with the GDPR.
Read more about how we handle retention periods, data minimisation and privacy by design on our GDPR page.
Export in any format
Your data is yours. Pull logs and reports as CSV for a spreadsheet, as JSON for your data warehouse, or in real time via the API and webhooks for your own monitoring: the APIs are part of the platform.
CSV export
Download a flat, one-row-per-event export for spreadsheets, accountant review or archiving, filtered by period, publisher, label or buyer.
JSON export
Retrieve the full, nested, machine-readable lifecycle of a lead, including hashes, for your own data warehouse or forensic analysis.
Audit API
Stream or query logs in real time via the API and webhooks, so your own monitoring or SIEM follows along automatically.
GET /v1/audit-logs?lead_id=ld_8f3a2c&format=json
Authorization: Bearer ********
{
"lead_id": "ld_8f3a2c",
"events": [
{
"event": "lead.received",
"ts": "2026-03-12T09:14:02.118Z",
"actor": "form:landing-solar-panels",
"status_from": null,
"status_to": "received",
"hash": "a91f…7c2"
},
{
"event": "consent.captured",
"ts": "2026-03-12T09:14:02.140Z",
"actor": "system:consent-engine",
"status_from": "received",
"status_to": "consented",
"hash": "b04e…d18"
}
]
} Full documentation is available in the API documentation.
Who uses the audit trail for what
The same audit trail serves different roles within your platform. What is a quality instrument for you as operator is legal evidence for your buyer and a billing basis for your publisher.
You, as operator
Oversee the whole operation: quality per publisher and label, drop-off spikes, margin per buyer, and can show exactly what happened to a lead in a dispute.
Your buyers
Check the provenance, consent moment and validation for each delivered request, and use it to substantiate why a lead was or was not accepted.
Compliance officer
Demonstrates during an audit or GDPR request that provenance, consent and processing are fully recorded, without manually collecting log files.
Your publishers
See which submitted requests were accepted and paid out, and use the figures to improve their own quality.
Why control and insight make the difference
Those who can show their processing win trust, prevent disputes and steer more sharply. For a lead generator, control and insight are not a reporting luxury: they are the foundation of a healthy, scalable lead network.
Real-time grip
Steer your lead operation the moment it matters, with live insight into volume, quality and margin.
Demonstrable processing
Every step is logged and traceable: proof that your processing is correct, not just the promise.
Better decisions
Data per publisher, label and buyer makes clear where you can optimise and scale.
Frequently asked questions about audit trail & dashboards
Everything about KPIs, log entries, immutability, retention periods and export.
Which KPIs does the dashboard show?
By default volume, acceptance rate, drop-off percentage, average processing time and revenue, broken down by publisher, label and buyer, and always set against the previous period so trends stand out immediately.
What exactly is in a single audit-log entry?
The event type, a timestamp down to the millisecond, the actor or system that performed the step, the lead ID, the transition from previous to new status, and a hash. Together the entries reconstruct the full lifecycle of a request, from intake to payout.
Can the audit trail be changed afterwards?
No. The log is append-only: entries can only be added. Every entry contains a hash that carries the previous entry, so any change or deletion breaks the chain and is immediately visible on verification.
How does that relate to retention periods under the GDPR?
We separate processing events from the personal data itself. That way the proof that processing took place remains, while the underlying personal data can be minimised or deleted according to the retention period you configure. Read more about this on the GDPR page.
In which formats can I export?
As CSV for spreadsheets and accountant review, as nested JSON for your data warehouse or forensic analysis, and in real time via the API and webhooks for your own monitoring or SIEM. You can filter by period, publisher, label and buyer.
Who within my platform has access to the logs?
Access runs through roles and permissions that you, as operator, configure. A buyer sees their own delivered requests, a publisher sees their own submitted leads, and your compliance officer can pull exports for audits, always within the agreed role and under your own brand.
Demonstrable, not promised
Control and insight, recorded with every request
See control and insight in action
Book a demo and view live dashboards and the audit trail per request: a real walkthrough of the platform you will run under your own brand.