The audit log doesn’t log any personal information. We log things like “user registered to the site” and “user updated their privacy preferences”.
This audit log is fully encrypted.
This log is meant to be used in case of a dispute or an audit. If the user is still registered to the site, all you have to do is navigate to GDPR -> Tools -> Audit Log tab and search for the user’s email. The 6-digit token, however, is meant for users that are no longer registered to the site.
On deletion, each user gets a 6 digit token. If for some reason you need to reference the log to see the date a consent was given or taken away or anything related you will need the email that this person used to register to the site and their 6-digit token. Without that piece of information, it’s not possible to recover the data.