Download All My Data

Last updated: June 2026

Your health data, under your control. You can download a portable copy of everything in your Health Data Safe account at any time — events, streams, accesses, attachments, audit logs, time-series data, and webhooks — without contacting us.

How to Download

Go to portability.hds.ngo and sign in to your HDS account. Choose your options (chunk size, what to include or exclude), then click Start backup. The page produces a series of ZIP files that your browser downloads automatically.

You can also use the dev environment at demo-portability.datasafe.dev if you have a demo account.

What’s in the Download

Each backup run produces a series of ZIP files (default 100 MB each, configurable). Together they contain:

• Account, streams, accesses, profile — the metadata that defines your account.
• Events — all your health data entries, organized by month.
• Audit log — every action ever taken on your account.
• Per-app profiles — what each connected app stored about you.
• Attachments (opt-in) — files attached to events.
• High-frequency time-series data (opt-out) — included by default.
• Webhooks (opt-out) — included by default.
• Access history (opt-in) — version trail of who-could-see-what over time.

The last ZIP also includes:

• backup-index.json — a directory of which file is in which ZIP, so a restore tool can read the bundle as a whole.
• sync-state.json — a portable record of how far the backup got. Keep this file: if you upload it next time you visit the page, the next backup only fetches what changed since.
• hds-manifest.json — provenance: data-model version pinned, app version, deployment URL, completion timestamp, total bytes.

File Format

The ZIPs are in the same format as the upstream open-source pryv-account-backup CLI tool. That means the data is fully portable — another HDS user, an HDS partner, or a self-hosted Pryv instance can re-import it with the same tool. Files are canonical JSON (UTF-8) plus the original attachments as-is — no proprietary lock-in.

This satisfies the GDPR Article 20 requirement that personal data be provided in a “structured, commonly used, machine-readable format”.

Your Legal Rights

This page exists because the law guarantees you the right to obtain your own data:

• EU/EEA — GDPR Article 15 (right of access) and Article 20 (right to data portability).
• United States — HIPAA §164.524 (individual right of access to PHI).
• Switzerland — nLPD Article 25 (right to information) and Article 28 (right to data portability).

We provide the same data through the same channel regardless of which law applies to you — your subject side of the right is identical. If you have questions about exercising a request on someone else’s behalf (e.g. for a child, or as a legal representative), see Contact.

Multi-Factor Authentication

If your account has SMS multi-factor authentication enabled, the web app cannot complete sign-in. Use the command-line version of the tool instead: https://github.com/pryv/pryv-account-backup. Or contact support to disable MFA before running the backup; we’ll re-enable it after.

Security Note

The downloaded files contain everything in your account — including (potentially) your MFA recovery codes. Treat them as sensitive. Transport them over a secure channel. Consider rotating recovery codes after the download.

Open Source

The web app’s source code is public, BSD-3-Clause:

• App: https://github.com/healthdatasafe/app-portability
• Backup library (upstream): https://github.com/pryv/pryv-account-backup

Contact

For questions, support, or to request a backup via email (e.g. if you can’t sign in): support@healthdatasafe.org