Skip to main content
Two related tools live in workspace settings: a full DSGVO/GDPR data export on Settings → Konto, and a who-did-what audit trail on Settings → Audit-Log. Both are gated by role — see Team management → Roles for the full role table, including the read-only Viewer.

DSGVO data export

Under Settings → Konto, admins and the Owner see a Datenexport (DSGVO) section:
Lade ein vollständiges, maschinenlesbares Archiv (JSON) der Daten dieses Kontos herunter: Einstellungen, Benutzer, Agenten, Wissen, Kategorisierer, Kontakte, Tickets, Chats und gelernte Beispiele. Geheimnisse (API-Schlüssel, Postfach-Passwörter, OAuth-Tokens) sind niemals enthalten.
Clicking Export anfordern builds the archive server-side and downloads it straight to the browser as dsgvo-export-<accountId>-<date>.json — nothing is written to a file store first.
This is owner/admin only, same gate as user management and audit log access. Members and Viewers don’t see this section at all.

What’s in the archive

The export covers everything the account owns:
  • Account record and settings
  • Users / memberships
  • Agents
  • Knowledge buckets, items, and knowledge entries
  • Categorizers, categories, category branches, and category actions
  • Categorizations and the categorization action log
  • Email connection metadata
  • Contacts and companies
  • Tickets and ticket comments
  • Chats and messages
  • Learned writing-style exemplars
Each section is capped at 5,000 rows. If an account has more than that, the section reports its true total count and a truncated flag so you know the archive was clipped rather than silently incomplete.
Secrets never leave the server. Custom model-endpoint API keys are masked, mailbox passwords and OAuth tokens are redacted, and any column that merely looks like a credential (by name pattern) is scrubbed too, as defense in depth. Embedding vectors are dropped — they’re bulky and not human-meaningful.
Requesting an export is itself logged as an event in the audit trail below — visible only to other admins/the Owner, like all account-level privacy events.

Audit log

Settings → Audit-Log shows a chronological trail of permission-sensitive changes on the account: role changes, invitations sent/accepted/cancelled, users removed, mailbox-sharing changes, temporary access grants created or revoked, and account data exports. Each entry shows who did it and when. What you see depends on your role:
This is a separate, more tightly scoped reader than the generic activity log used elsewhere in the product — permission-sensitive entity types (roles, invitations, sharing, grants, account exports) are only ever surfaced through this role-gated view, never through a generic log a non-admin could otherwise read.

Roles that gate this page

Both features above use the same two-tier gate already used for user management:
  • Owner / Admin — full access: can trigger a DSGVO export and see the complete audit log.
  • Member / Viewer — no export button; audit log narrowed to their own mailboxes. Viewer in particular is read-only everywhere in the product — it can see shared mailboxes and conversations but cannot send, approve, reroute, or change any configuration.
See Team management for how roles are assigned and the full capabilities table.