Data Export

What this surface does

The Data Export surface fulfills GDPR Article 20 / CCPA data-portability requests. Generates a structured archive (JSON + CSVs) containing every record about a customer and delivers it via a time-limited signed URL.

When to use it

• A customer formally requests their data — start the export here.
• Re-issuing an expired download link (originals expire in 7 days).
• Audit support — historical exports are logged with operator + customer + timestamp.

Key gotchas

• Exports include everything we have — including internal notes the customer has not seen. Sanitise sensitive admin notes before delivery if needed (workflow exists in the export form).
• Encrypted PII columns are decrypted into the export. Treat the archive as sensitive.
• The signed URL is single-recipient — share securely.

Related

• Data export runbook
• Data Deletion.