SecurityExporting Your Data

Exporting Your Data

Your data is yours. Signal ships with built-in export functionality so you can take a complete copy of your organisation’s data at any time — when offboarding at the end of an agreement, for portability into another system, or to answer a data subject access request (DSAR).

Because Signal runs in your own environment, exports are generated inside your deployment and download directly to your browser. Nothing is sent to Datafly or any third party. Every export is recorded in the audit log.

What you can export

ExportEndpointFormat
All eventsGET /v1/admin/export/eventsNDJSON (one event per line)
All identitiesGET /v1/admin/export/identitiesNDJSON (one canonical identity per line)
One data subjectGET /v1/admin/export/subjectSingle JSON document

All three are also available in the management UI under Privacy (the data subject requests page), and require an organisation admin or data governance admin role.

Events

Streams every stored analytics event for your organisation as newline-delimited JSON. Optional query parameters:

  • from, to — RFC 3339 timestamps bounding the export (defaults: everything, up to now)
  • pipeline_id — restrict to one pipeline

Exports stream in batches server-side, so multi-gigabyte event tables export without memory pressure.

Identities

Streams your identity graph: one JSON object per canonical identity, containing its identity links (cookie IDs, device IDs, hashed user identifiers) and identity profiles. Profiles not yet linked to a canonical identity are included at the end, so the export is complete.

One data subject (DSAR)

Looks up a single person by any identifier — email, phone, user_id, dfid (cookie), dfdid (device), or canonical_id — using the same identity resolution the erasure tool uses, and returns everything Signal holds about them as one JSON document: identity links, profiles, and their events. Use this to answer subject access requests under GDPR Article 15.

GET /v1/admin/export/subject?type=email&value=jane@example.com

Notes

  • Exports are read-only and org-scoped: you can only ever export your own organisation’s data.
  • Export activity is audit-logged (data.export_events, data.export_identities, data.export_subject) with the requested range — never the exported contents or raw subject identifiers.
  • For erasing a data subject rather than exporting them, use the erasure tool on the same Privacy page.