How do I export my data (GDPR)?

Your right to data portability (GDPR Art. 20)

Under GDPR you have the right to receive your personal data in a machine-readable format. We support this with one-click export.

Steps

1. Sign in.
2. Visit /account/privacy/.
3. Click Export my data.
4. Confirm via email (security check).
5. Within 24 hours (usually <1 hour) you receive an email with a secure download link valid 7 days.
6. Download the ZIP. It contains:

• profile.json — name, email, preferences
• runs.json — all your tool runs (inputs + outputs)
• workflows.json — saved workflow definitions
• brand_voice.json — trained brand voice profiles
• billing.json — invoice history (PDFs included in /invoices/ subfolder)
• webhooks.json — webhook configurations
• api_keys.json — key metadata (hashes only — actual keys never stored)
• data_request.json — manifest with request timestamp + ID

Format

UTF-8 JSON, one entity per file, RFC-3339 timestamps. Easy to parse with Python, Node, Excel, etc.

Automated DSAR (Data Subject Access Request)

This self-service export fulfills GDPR Art. 15 + 20 requests automatically. No need to email a privacy officer.

What's NOT in the export

• Aggregated analytics (anonymized — not personal data).
• Other users' data (e.g. if a teammate shared a workflow with you, the workflow is in your export but their profile isn't).
• AICT's internal logs / Sentry errors (covered by separate retention policy).

Frequency

No limit on requests. We don't charge a fee.